public Student_old GetStudentByRefreshToken(string refreshToken) { using (var con = new SqlConnection(ConStr)) using (var com = new SqlCommand()) { com.Connection = con; con.Open(); com.CommandText = "select IndexNumber, FirstName, LastName, Role from Student " + " where RefreshToken=@RefreshToken"; com.Parameters.AddWithValue("RefreshToken", refreshToken); SqlDataReader sdr = com.ExecuteReader(); if (sdr.Read()) { Student_old student = new Student_old(); student.IndexNumber = sdr["IndexNumber"].ToString(); student.FirstName = sdr["FirstName"].ToString(); student.LastName = sdr["LastName"].ToString(); student.Role = sdr["Role"].ToString(); return(student); } sdr.Close(); return(null); } }
private string getRefreshToken(Student_old student) { var refreshT = Guid.NewGuid(); _service.SaveRefreshToken(student.IndexNumber, refreshT.ToString()); return(refreshT.ToString()); }
public IActionResult Refresh(RefreshRequest request) { //weryfikacja tokena Student_old student = _service.GetStudentByRefreshToken(request.refreshToken); if (student == null) { return(Unauthorized("Odswiezenie zakonczylo sie niepowodzeniem")); } string activeToken = getActiveToken(student); string refreshT = getRefreshToken(student); return(Ok(new { token = activeToken, refreshToken = refreshT })); }
public IActionResult Login(LoginRequest request) { //weryfikacja logina i hasłą z bazą Student_old student = _service.GetStudentByLoginPassword(request.Login, request.Haslo); if (student == null) { return(Unauthorized("Logowanie zakonczone niepowodzeniem")); } string activeToken = getActiveToken(student); string refreshT = getRefreshToken(student); return(Ok(new { token = activeToken, refreshToken = refreshT })); }
public Student_old GetStudentByLoginPassword(string login, string pass) { using (var con = new SqlConnection(ConStr)) using (var com = new SqlCommand()) { com.Connection = con; con.Open(); //get salt com.CommandText = "select Salt from Student " + "where IndexNumber=@IndexNumber"; com.Parameters.AddWithValue("IndexNumber", login); SqlDataReader sdr = com.ExecuteReader(); if (!sdr.Read()) { return(null); } string salt = sdr["Salt"].ToString(); sdr.Close(); string hashPass = GetHash(pass, salt); //Console.WriteLine(pass); //Console.WriteLine(salt); //Console.WriteLine(hashPass); com.CommandText = "select IndexNumber, FirstName, LastName, Role from Student " + "where IndexNumber=@IndexNumber and Password=@Password"; com.Parameters.AddWithValue("Password", hashPass); sdr = com.ExecuteReader(); if (sdr.Read()) { Student_old student = new Student_old(); student.IndexNumber = sdr["IndexNumber"].ToString(); student.FirstName = sdr["FirstName"].ToString(); student.LastName = sdr["LastName"].ToString(); student.Role = sdr["Role"].ToString(); return(student); } sdr.Close(); return(null); } }
private string getActiveToken(Student_old student) { var claims = new[] { new Claim(ClaimTypes.NameIdentifier, student.IndexNumber), new Claim(ClaimTypes.Name, student.LastName), new Claim(ClaimTypes.Role, student.Role), }; var key = new SymmetricSecurityKey(Encoding.UTF8.GetBytes(Configuration["SecretKey"])); var creds = new SigningCredentials(key, SecurityAlgorithms.HmacSha256); var token = new JwtSecurityToken ( issuer: "Gakko", audience: "Students", claims: claims, expires: DateTime.Now.AddMinutes(10), signingCredentials: creds ); return(new JwtSecurityTokenHandler().WriteToken(token)); }