public async Task <IActionResult> Login([FromBody] LoginUserResource credentials) { if (!ModelState.IsValid) { return(BadRequest(ModelState)); } //check credentials var user = await userManager.FindByNameAsync(credentials.UserName); if (user == null) { ModelState.AddModelError("login_failure", "Invalid credentials"); return(BadRequest(ModelState)); } if (!await userManager.CheckPasswordAsync(user, credentials.Password)) { ModelState.AddModelError("login_failure", "Invalid credentials"); return(BadRequest(ModelState)); } var jwt = await jwtFactory.GenerateJwtAsync(user.Id, credentials.UserName, credentials.Password, new JsonSerializerSettings { Formatting = Formatting.Indented }); return(Ok(jwt)); }
public async Task <ServiceResponse <UserLoginDetails> > LoginAsync(LoginUserResource loginUserResource) { try { var user = await _userRepository.LoginAsync(loginUserResource); if (user != null) { var userDetails = _mapper.Map <User, UserLoginDetails>(user); var token = Guid.NewGuid().ToString(); await _userRepository.CreateSession(user.Id, token); await _unitOfWork.CompleteAsync(); userDetails.Token = token; return(new ServiceResponse <UserLoginDetails>(userDetails)); } else { return(new ServiceResponse <UserLoginDetails>("Invalid Email or Password")); } } catch (Exception ex) { return(new ServiceResponse <UserLoginDetails>($"Internal Service Error: {ex.Message}")); } }
public IActionResult Login([FromBody] LoginUserResource loginUserResource) { var user = mapper.Map <LoginUserResource, User>(loginUserResource); var userEmail = unitOfWork.Accounts.FindUserByEmail(user.Email); if (userEmail == null) { return(NotFound(new ApiResponse(404, "User not found"))); } var hashedPassword = userEmail.Password; if (!SecurePasswordHasherHelper.Verify(user.Password, hashedPassword)) { return(Unauthorized(new ApiResponse(401, "Username or password don't match"))); } var token = unitOfWork.Accounts.Login(user, _auth); return(new ObjectResult(new { access_token = token.AccessToken, expires_in = token.ExpiresIn, token_type = token.TokenType, creation_Time = token.ValidFrom, expiration_Time = token.ValidTo, user_Id = userEmail.Id, user_name = userEmail.Name, user_image = userEmail.ImageUrl })); }
public async Task <LoginUserResponse> Login(LoginUserResource loginUserResource) { try { var userFromRepository = await _authRepository.Login(loginUserResource.Email.ToLower(), loginUserResource.Password); if (userFromRepository != null) { //generate token var tokenHandler = new JwtSecurityTokenHandler(); var key = Encoding.ASCII.GetBytes(_configuration.GetSection("AppSettings:Token").Value); var tokenDescriptor = new SecurityTokenDescriptor { Subject = new ClaimsIdentity(new Claim[] { new Claim(ClaimTypes.NameIdentifier, userFromRepository.Id.ToString()), new Claim(ClaimTypes.Name, userFromRepository.Email) }), Expires = DateTime.Now.AddHours(1), SigningCredentials = new SigningCredentials(new SymmetricSecurityKey(key), SecurityAlgorithms.HmacSha512Signature) }; var token = tokenHandler.CreateToken(tokenDescriptor); var tokenString = tokenHandler.WriteToken(token); return(new LoginUserResponse(userFromRepository, tokenString)); } return(new LoginUserResponse("Unauthorized")); } catch (Exception ex) { return(new LoginUserResponse($"An error occurred when loging the user: {ex.Message}")); } }
public async Task <User> LoginAsync(LoginUserResource loginUserResource) { loginUserResource.Password = loginUserResource.Password.GetHashed(); var user = await _context.User .FirstOrDefaultAsync(user => user.Email == loginUserResource.Email && user.Password == loginUserResource.Password && user.UserRole == loginUserResource.UserRole); return(user); }
public async Task <IActionResult> Login([FromBody] LoginUserResource loginUserResource) { if (ModelState.IsValid) { var user = await this.userManager.FindByEmailAsync(loginUserResource.Email); if (user == null || !await this.userManager.CheckPasswordAsync(user, loginUserResource.Password)) { ModelState.AddModelError("", "Email and password does not match"); return(new UnauthorizedObjectResult(new UnAuthorizedResource(ModelState))); } else if (!user.EmailConfirmed && await this.userManager.CheckPasswordAsync(user, loginUserResource.Password)) { ModelState.AddModelError("", "Email not confirmed yet"); return(new UnauthorizedObjectResult(new UnAuthorizedResource(ModelState))); } else if (!user.IsActive) { ModelState.AddModelError("Auth", "User has disactivated"); return(new UnauthorizedObjectResult(new UnAuthorizedResource(ModelState))); } var result = await this.signInManager.CheckPasswordSignInAsync(user, loginUserResource.Password, false); if (!result.Succeeded) { ModelState.AddModelError("", "Email and password does not match"); return(new UnauthorizedObjectResult(new UnAuthorizedResource(ModelState))); } else { var newRefreshToken = new RefreshToken { UserId = user.Id, AccessToken = await GenerateAccessTokenAsync(user), Token = Guid.NewGuid().ToString(), CreatedAt = DateTime.Now }; this.refreshTokenRepository.Add(newRefreshToken); await this.unitOfWork.CompleteAsync(); var response = new TokenResource() { AccessToken = newRefreshToken.AccessToken, RefreshToken = newRefreshToken.Token }; return(new OkObjectResult(response)); } } return(new BadRequestObjectResult(new BadRequestResource(ModelState))); }
public async Task <IActionResult> Login([FromBody] LoginUserResource loginUserResource) { if (ModelState.IsValid) { var signedInUser = await _userService.CheckPasswordSignInAsync(loginUserResource.UserName, loginUserResource.Password); var accessToken = await GenerateAccessTokenAsync(signedInUser); var refreshTokenDto = await _refreshTokenService.GetNew(signedInUser.Id, accessToken); return(new OkObjectResult(_mapper.Map <RefreshTokenDto, TokenResource>(refreshTokenDto))); } return(new BadRequestObjectResult(new { message = "Failed to register" })); }
public async Task <IActionResult> Login([FromBody] LoginUserResource loginUserResource) { var result = await _authService.Login(loginUserResource); if (result.User == null) { return(Unauthorized(new ErrorResource(result.Message))); } if (!result.Success) { return(BadRequest(new ErrorResource(result.Message))); } return(Ok(result.Token)); }
public async Task <IActionResult> LoginAsync([FromBody] LoginUserResource loginUserResource) { try { var result = await _userService.LoginAsync(loginUserResource); if (!result.Success) { return(BadRequest(new FailureResponse(result.Message))); } var userDeails = result.Resource; return(Ok(new CResponse <UserLoginDetails>(result.Success, userDeails))); } catch (Exception ex) { return(StatusCode(StatusCodes.Status500InternalServerError, new FailureResponse($"Internal Server Error: {ex.Message}"))); } }
public async Task <IActionResult> Login([FromBody] LoginUserResource user) { // 1. Get user to login from database. var loggedInUser = await _userRepo.Login(user.Username, user.Password); // 2. If user not exists notify error. if (loggedInUser == null) { return(Unauthorized()); } // 3. Specify cliams which stores in token. Claims should be as minimum as possible. var claims = new[] { new Claim(ClaimTypes.NameIdentifier, loggedInUser.Id.ToString()), new Claim(ClaimTypes.Name, string.IsNullOrEmpty(loggedInUser.Username) ? loggedInUser.Email : loggedInUser.Username) }; // 4. Generate token using Json Web Token (JWT) var tokenHandler = new JwtSecurityTokenHandler(); // 5. Get secret key from setting file. var key = Encoding.ASCII.GetBytes(_config.GetSection("AppSettings:Secret").Value); // 6. Create token descriptor var tokenDescriptor = new SecurityTokenDescriptor { Subject = new ClaimsIdentity(claims), Expires = DateTime.Now.AddDays(1), SigningCredentials = new SigningCredentials(new SymmetricSecurityKey(key), SecurityAlgorithms.HmacSha512Signature) }; // 7. Create token. var token = tokenHandler.CreateToken(tokenDescriptor); var tokenString = tokenHandler.WriteToken(token); var returnUser = _mapper.Map <User>(loggedInUser); // 8. Return token string and user resource object containing necessary user info. return(Ok(new { token = tokenString, user = returnUser })); }
public async Task <ActionResult <User> > Login(LoginUserResource loginInfo) { var user = await UnitOfWork.Users.SingleOrDefault(u => u.Email == loginInfo.Email); if (user == null) { throw new RestError(HttpStatusCode.BadRequest, new { Email = "Email or password is wrong" }); } if (!Hasher <User> .Verify(user, user.Password, loginInfo.Password)) { throw new RestError(HttpStatusCode.BadRequest, new { Email = "Email or password is wrong" }); } var response = Mapper.Map <User, ReadUserResource>(user); response.Token = jwtGenerator.CreateToken(user); return(Ok(response)); }
public async Task <ActionResult> Login([FromBody] LoginUserResource loginUser) { if (!ModelState.IsValid) { return(BadRequest(ModelState.GetErrorMessages())); } var result = await _signInManager.PasswordSignInAsync(loginUser.Email, loginUser.Password, false, false); //primeiro false = guardar resultado. segundo false = trava depois de 5 tentativas if (result.Succeeded) { return(Ok(await GerarJwt(loginUser.Email))); } if (result.IsLockedOut) { return(BadRequest(loginUser)); } return(BadRequest(loginUser)); }
public async Task <IActionResult> Login(LoginUserResource userForLogin) { var user = _mapper.Map <LoginUserResource, User>(userForLogin); var userFromRepo = await _repo.Login(user, userForLogin.Password); if (userFromRepo == null) { return(Unauthorized()); } var claims = new[] { new Claim(ClaimTypes.NameIdentifier, userFromRepo.Id.ToString()), new Claim(ClaimTypes.Name, userFromRepo.UserName) }; var key = new SymmetricSecurityKey(Encoding.UTF8 .GetBytes(_config.GetSection("AppSettings:Token").Value)); var creds = new SigningCredentials(key, SecurityAlgorithms.HmacSha512Signature); var tokenDescriptor = new SecurityTokenDescriptor { Subject = new ClaimsIdentity(claims), Expires = DateTime.Now.AddDays(1), SigningCredentials = creds }; var tokenHandler = new JwtSecurityTokenHandler(); var token = tokenHandler.CreateToken(tokenDescriptor); return(Ok(new { token = tokenHandler.WriteToken(token) })); }
public async Task <IActionResult> ResendConfirmationEmail([FromBody] LoginUserResource loginUserResource) { if (ModelState.IsValid) { var user = await this.userManager.FindByEmailAsync(loginUserResource.Email); if (user == null || !await this.userManager.CheckPasswordAsync(user, loginUserResource.Password)) { ModelState.AddModelError("", "Email and password does not match"); return(new UnauthorizedObjectResult(new UnAuthorizedResource(ModelState))); } else if (!user.EmailConfirmed) { var token = await this.userManager.GenerateEmailConfirmationTokenAsync(user); var callbackUrl = Url.Action( "ConfirmEmail", "Auth", values: new EmailConfirmationResource { UserId = user.Id, Token = token }, protocol: Request.Scheme); return(new OkObjectResult(new { callbackUrl = callbackUrl })); } else { ModelState.AddModelError("", "Email is already confirmed"); return(new BadRequestObjectResult(new BadRequestResource(ModelState))); } } // If we got this far, something failed, redisplay form ModelState.AddModelError("", "Failed to resend confirmation email"); return(new BadRequestObjectResult(new BadRequestResource(ModelState))); }