public IActionResult Authenticate([FromBody] OAuthModel login) { SmartHttpResult result = new SmartHttpResult(); try { var entity = DAL.SmartUser.GetEntityByName(login.UserName); if (entity != null) { var encrypted = EncryptProvider.AESEncrypt(login.PassWord, entity.Salt); if (entity.PassWord == encrypted) { //重新加密 var Saltkey = Guid.NewGuid().ToString("N"); var decrypted = EncryptProvider.AESEncrypt(login.PassWord, Saltkey); //替换密码与密钥 DAL.SmartUser.utlSmartUserByName(login.UserName, decrypted, Saltkey); var claims = new Claim[] { new Claim(ClaimTypes.Name, login.UserName), new Claim(ClaimTypes.Role, entity.Role) }; var key = new SymmetricSecurityKey(Encoding.UTF8.GetBytes(setting.SecretKey)); var creds = new SigningCredentials(key, SecurityAlgorithms.HmacSha256); var tokenModel = new JwtSecurityToken( setting.Issuer, setting.Audience, claims, DateTime.Now, DateTime.Now.AddMinutes(setting.TokenExpires), creds); var jwtToken = new JwtTokenModel(); jwtToken.Token = new JwtSecurityTokenHandler().WriteToken(tokenModel); var tokenUser = new TokenUserModel(); tokenUser.UserName = entity.UserName; tokenUser.Email = entity.Email; tokenUser.Phone = entity.Phone; tokenUser.Avatar = entity.Avatar; jwtToken.User = tokenUser; result.Set(true, jwtToken); return(new JsonResult(result)); } else { result.Set(false, "用户密码不正确!"); } } else { result.Set(false, "用户不存在!"); } } catch (Exception err) { result.Set(false, err.Message); } return(new JsonResult(result)); }
public TokenUserModel GetTokenUserModel(string username) { TokenUserModel tokenUserModel = db.Tokens.Find(username); if (tokenUserModel == null) { return(null); } return(tokenUserModel); }
public TokenUserModel PostTokenUserModel(TokenUserModel tokenUserModel) { db.Tokens.Add(tokenUserModel); try { db.SaveChanges(); } catch (Exception e) { Console.WriteLine(e.Message); return(null); } return(tokenUserModel); }
public override async Task GrantResourceOwnerCredentials(OAuthGrantResourceOwnerCredentialsContext context) { var identity = new ClaimsIdentity(context.Options.AuthenticationType); RSS_DB_EF db = new RSS_DB_EF(); string uname = context.Request.Headers.Get("Username"); string pass = context.Request.Headers.Get("Password"); if (uname == null || pass == null) { context.SetError("invalid_grant", "Sorry...Credentials are incorrect"); return; } TokenUserModel user = db.Tokens.Find(uname); if (user != null && pass == user.password) { if (user.type == "admin") { identity.AddClaim(new Claim(ClaimTypes.Role, "admin")); } else { identity.AddClaim(new Claim(ClaimTypes.Role, "user")); } identity.AddClaim(new Claim("username", user.username)); identity.AddClaim(new Claim(ClaimTypes.Name, user.name)); context.Validated(identity); } /*if(context.UserName=="mmr"&&context.Password=="MMR") * { * identity.AddClaim(new Claim(ClaimTypes.Role, "user")); * identity.AddClaim(new Claim("username", "mmr")); * identity.AddClaim(new Claim(ClaimTypes.Name, "Mayank")); * context.Validated(identity); * }*/ else { context.SetError("invalid_grant", "Sorry...Credentials are incorrect"); return; } }
public bool DeleteTokenUserModel(string username) { TokenUserModel tokenUserModel = db.Tokens.Find(username); if (tokenUserModel == null) { return(false); } db.Tokens.Remove(tokenUserModel); try { db.SaveChanges(); } catch (Exception e) { Console.WriteLine(e.Message); return(false); } return(true); }
public async Task Token(TokenUserModel model) { if (!ModelState.IsValid) { Response.StatusCode = 400; await Response.WriteAsync("username or password cannot be empty"); return; } var email = model.UserName; //Request.Form["username"]; var password = model.Password; //Request.Form["password"]; var query = new GetUserByEmail(email); var result = BusControl.SendRequest <IGetUserByEmail, IGetUserResult>(query).Result; var identity = AuthOptions.GetIdentity(email, password, result.User.PasswordHash, result.User.RoleName); if (identity == null) { Response.StatusCode = 400; await Response.WriteAsync("Invalid username or password."); return; //return BadRequest("Invalid username or password."); } var encodedJwt = AuthOptions.Token(identity); var response = new { accesstoken = encodedJwt, username = identity.Name }; // сериализация ответа Response.ContentType = "application/json"; await Response.WriteAsync(JsonConvert.SerializeObject(response, new JsonSerializerSettings { Formatting = Formatting.Indented })); }
public IActionResult Login([FromBody] LoginModel model) { var token = sessions.CreateToken(model.UserName, model.Password); User user = userLogic.GetAll().FirstOrDefault(u => u.UserName == model.UserName); var modelToReturn = TokenUserModel.ToModel(user); modelToReturn.Token = token; if (token == null) { return(BadRequest("Invalid user/password")); } var addlog = logger.Create(LogModel.ToEntity(new LogModel { Id = new Guid(), UserName = model.UserName, Date = DateTime.Now, Action = ActionType.LOGIN, Role = user.Admin ? UserRoleType.ADMIN : UserRoleType.MANAGER })); return(Ok(modelToReturn)); }
public bool updateUsername(string username, [FromBody] string newUsername) { TokenUserModel user = db.Tokens.Find(username); if (user == null) { return(false); } user.username = newUsername; db.Entry <TokenUserModel>(user).State = EntityState.Modified; try { db.SaveChanges(); return(true); } catch (Exception e) { Console.WriteLine(e.Message); return(false); } }
public TokenUserModel GetTokenUser([FromBody] TokenUrlModel data) { try { data.token_endpoint = data.token_endpoint.Replace("dashboard", "api"); string result; WebRequest r = WebRequest.Create(data.token_endpoint); r.Method = "GET"; using (var response = (HttpWebResponse)r.GetResponse()) { result = new StreamReader(response.GetResponseStream()).ReadToEnd(); response.Close(); } TokenUserModel token = JsonConvert.DeserializeObject <TokenUserModel>(result); ////// UPDATES USER ACCESS TOKEN AGAINST ALL SNAPMAILS //////// SnapmailDao.UpdateUserToken(token.userid, token.access_token); /////////////////////////////////////////////////////////////// return(token); } catch (Exception x) { throw new HttpResponseException(HttpStatusCode.InternalServerError); } }
public async Task <string> GenerateEncodedToken(TokenUserModel user, ClaimsIdentity identity) { var claims = new[] { new Claim(JwtRegisteredClaimNames.Sub, user.UserName), new Claim(JwtRegisteredClaimNames.Jti, await _jwtOptions.JtiGenerator()), new Claim(JwtRegisteredClaimNames.Iat, ToUnixEpochDate(_jwtOptions.IssuedAt).ToString(), ClaimValueTypes.Integer64), identity.FindFirst((string)Helpers.Constants.Strings.JwtClaimIdentifiers.Rol), identity.FindFirst((string)Helpers.Constants.Strings.JwtClaimIdentifiers.Id), }; var jwt = new JwtSecurityToken( issuer: _jwtOptions.Issuer, audience: _jwtOptions.Audience, claims: claims, notBefore: _jwtOptions.NotBefore, expires: _jwtOptions.Expiration, signingCredentials: _jwtOptions.SigningCredentials); var encodedJwt = new JwtSecurityTokenHandler().WriteToken(jwt); return(encodedJwt); }
public static async Task <Object> GenerateJwt(ClaimsIdentity identity, IJwtFactory jwtFactory, TokenUserModel user, JwtIssuerOptions jwtOptions) { var response = new { id = identity.Claims.Single(c => c.Type == Constants.Strings.JwtClaimIdentifiers.Id).Value, auth_token = await jwtFactory.GenerateEncodedToken(user, identity), expires_in = (int)jwtOptions.ValidFor.TotalSeconds }; return(response); }