// dla loginu (IndexNumber = s1234) hasło to: asd123 public IActionResult Login(LoginRequestDto request) { var response = _service.LoginStudentResponse(request); if (Validate(request.Haslo, response.Salt, response.Password)) { var claims = new[] { new Claim(ClaimTypes.NameIdentifier, request.Login), new Claim(ClaimTypes.Name, request.Login), new Claim(ClaimTypes.Role, "student") }; var key = new SymmetricSecurityKey(Encoding.UTF8.GetBytes(Configuration["SecretKey"])); var creds = new SigningCredentials(key, SecurityAlgorithms.HmacSha256); var token = new JwtSecurityToken ( issuer: "Gakko", audience: "Students", claims: claims, expires: DateTime.Now.AddMinutes(10), signingCredentials: creds ); var tokenData = (new { accessToken = new JwtSecurityTokenHandler().WriteToken(token), refreshToken = Guid.NewGuid() }); var refreshToken = new SaveRefreshTokenRequest(); refreshToken.indexNumber = request.Login; refreshToken.refreshToken = tokenData.refreshToken.ToString(); var saveRefreshTokenResponse = _service.SaveRefreshToken(refreshToken); return(Ok("Poprawnie zalogowano")); } else { return(Ok("Błąd logowania")); } }
public IActionResult RefreshToken(RefreshTokenRequest refToken) { var response = _service.RefreshToken(refToken); if (null == response.IndexNumber) { return(Ok(response.Message)); } var claims = new[] { new Claim(ClaimTypes.NameIdentifier, response.IndexNumber), new Claim(ClaimTypes.Name, response.IndexNumber), new Claim(ClaimTypes.Role, "student") }; var key = new SymmetricSecurityKey(Encoding.UTF8.GetBytes(Configuration["SecretKey"])); var creds = new SigningCredentials(key, SecurityAlgorithms.HmacSha256); var token = new JwtSecurityToken ( issuer: "Gakko", audience: "Students", claims: claims, expires: DateTime.Now.AddMinutes(10), signingCredentials: creds ); var tokenData = (new { accessToken = new JwtSecurityTokenHandler().WriteToken(token), refreshToken = Guid.NewGuid() }); var newToken = new SaveRefreshTokenRequest(); newToken.indexNumber = response.IndexNumber; newToken.refreshToken = tokenData.refreshToken.ToString(); var saveRefreshTokenResponse = _service.SaveRefreshToken(newToken); return(Ok(response.Message + "\n" + "Nowy Refresh Token: " + newToken.refreshToken.ToString())); }
public SaveRefreshTokenResponse SaveRefreshToken(SaveRefreshTokenRequest request) { using (var con = new SqlConnection("Data Source=db-mssql;Initial Catalog=s16985;Integrated Security=True")) using (var com = new SqlCommand()) { var response = new SaveRefreshTokenResponse(); if (con.State == ConnectionState.Closed) { con.Open(); } com.Connection = con; try { com.CommandText = "UPDATE Student Set RefreshToken = @RefreshToken WHERE IndexNumber=@IndexNumber"; com.Parameters.AddWithValue("IndexNumber", request.indexNumber); com.Parameters.AddWithValue("RefreshToken", request.refreshToken); var dr = com.ExecuteReader(); if (!dr.Read()) { dr.Close(); response.Message = "Błąd..."; return(response); } response.Message = "Poprawnie zapisano refresh token"; return(response); } catch (SqlException e) { response.Message = e.Message; return(response); } } }
public async Task <SaveRefreshTokenResponse> SaveRefreshToken(SaveRefreshTokenRequest request) { var path = "api/Authentication/SaveRefreshToken"; return(await RunClient <SaveRefreshTokenRequest, SaveRefreshTokenResponse>(request, path)); }