public LoginResponse AuthenticateClient(LoginRequest request) { var client = GetClientByLogin(request.Login); if (client == null) { throw new Exception("Client with login " + request.Login + " DOESNT EXIST"); } string hashedPassword = GetHashedPassword(client.IdClient); string salt = GetSalt(client.IdClient); bool isPasswordValid = ValidationHelper.IsPasswordValid(request.Password, hashedPassword, salt); if (!isPasswordValid) { throw new Exception("Incorrect password for client with login " + request.Login); } var accessToken = TokensGenerator.GenerateAccessToken(client.IdClient, _configuration); var refreshToken = TokensGenerator.GenerateRefreshToken(client.IdClient, accessToken); var updatedAccessToken = UpdateAccessToken(accessToken); var updatedRefreshToken = UpdateRefreshToken(refreshToken); return(new LoginResponse { AccessToken = updatedAccessToken, RefreshToken = updatedRefreshToken }); }
public NewClientResponse AddNewClient(NewClientRequest request) { if (LoginExists(request.Login)) { throw new Exception("User with login " + request.Login + " already exists"); } var clientId = GenerateNewClientId(); var hashSalt = HashSaltGenerator.GenerateSaltedHash(request.Password); var hashedPassword = hashSalt.Hash; var salt = hashSalt.Salt; var accessToken = TokensGenerator.GenerateAccessToken(clientId, _configuration); var refreshToken = TokensGenerator.GenerateRefreshToken(clientId, accessToken); SaveClient(request, clientId, hashedPassword, salt); var refreshId = GetNewRefreshTokenId(); var accessId = GetNewAccessTokenId(); SaveAccessToken(accessToken, clientId, accessId); SaveRefreshToken(refreshToken, clientId, refreshId); AssignTokensToClient(clientId, accessToken, refreshToken); return(new NewClientResponse { AccessToken = accessToken.Token, RefreshToken = refreshToken.Token }); }
public async Task <IActionResult> Post([FromBody] CredentialsViewModel credentials) { try { if (!ModelState.IsValid) { return(BadRequest(ModelState)); } var identity = await GetClaimsIdentity(credentials.UserName, credentials.Password); if (identity == null) { return(BadRequest(Errors.AddErrorToModelState("login_failure", "Invalid username or password.", ModelState))); } var jwt = await TokensGenerator.GenerateJwt(identity, _jwtFactory, credentials.UserName, _jwtOptions, new JsonSerializerSettings { Formatting = Formatting.Indented }); return(new OkObjectResult(jwt)); } catch (Exception e) { return(BadRequest(e.Message)); } }
public async Task <IActionResult> LoginUser(UserLoginForm loginForm) { var user = await _userManager.FindByNameAsync(loginForm.UserName); var result = await _signInManager.CheckPasswordSignInAsync(user, loginForm.Password, false); if (result.Succeeded) { var appUser = await _userManager.Users.FirstOrDefaultAsync( u => u.NormalizedUserName == loginForm.UserName.ToUpper()); var roles = await _userManager.GetRolesAsync(appUser); var userProfile = _mapper.Map <UserProfileDto>(appUser); var tokenKey = _securityConfigurations.tokenKey; var issuer = _securityConfigurations.Issuer; var appKey = _securityConfigurations.appKey; var token = TokensGenerator.GenerateJwtToken(appUser, roles, tokenKey, issuer); var refreshToken = TokensGenerator.GenerateRefreshToken(); HttpContext.AddCookies(token, appKey); HttpContext.AddCookies(refreshToken, $"{appKey}Refresh"); var existingToken = await _tokenRepository.FindItemAsync( t => t.UserId == appUser.Id && t.DeviceName == Request.Headers["device-info"].ToString()); if (existingToken != null) { _logger.LogWarning($"User with Id {appUser.Id} has already logged in from this device, old refresh token will be removed."); await _tokenRepository.RemoveItemAsync(existingToken); _logger.LogInformation($"Old refresh token for user with Id {appUser.Id} removed from database."); } await _tokenRepository.AddItemAsync( new RefreshToken { Id = GuidCreator.CreateGuid(), TokenValue = refreshToken, DeviceName = Request.Headers["device-info"], UserId = appUser.Id }); _logger.LogInformation($"User with id {appUser.Id} successfully logged in."); return(Ok(new { user = userProfile, token, refreshToken })); } return(Unauthorized()); }
public RefreshTokenResponse RefreshToken(RefreshTokenRequest request) { var client = GetUserByRefreshToken(request.RefreshToken); var accessToken = TokensGenerator.GenerateAccessToken(client.IdClient, _configuration); var updatedAccessToken = UpdateAccessToken(accessToken); var refreshToken = TokensGenerator.GenerateRefreshToken(client.IdClient, accessToken); var updatedRefreshToken = UpdateRefreshToken(refreshToken); return(new RefreshTokenResponse { AccessToken = updatedAccessToken, RefreshToken = updatedRefreshToken }); }
private static int PrintTokens(IEnumerable <string> paths) { foreach (var featureFilePath in paths) { try { var tokensText = TokensGenerator.GenerateTokens(featureFilePath); Console.WriteLine(tokensText); } catch (Exception ex) { Console.Error.WriteLine(ex.Message); return(1); } } return(0); }
public async Task HandleAsync(NotificationApiRequest request) { var token = request.IsPublic ? null : TokensGenerator.Generate(request); await mongoDbClient.InsertUser(request.source, token, request.password, request.IsPublic); if (request.IsPublic) { authorizer.RegisterPublic(request.source, request.password); } else { authorizer.RegisterPrivate(request.source, token, request.password); } sourceStorage.Add(request.source); request.HttpContext.Response.StatusCode = (int)HttpStatusCode.OK; await request.HttpContext.Response.WriteAsync(token); await request.HttpContext.Response.Body.FlushAsync(); }
public async Task <IActionResult> RefreshToken([FromHeader] string RefreshToken) { var refreshToken = await _tokenRepository.FindItemAsync( t => t.TokenValue == RefreshToken); if (refreshToken != null) { await _tokenRepository.RemoveItemAsync(refreshToken); refreshToken.TokenValue = TokensGenerator.GenerateRefreshToken(); await _tokenRepository.AddItemAsync(refreshToken); var user = await _userManager.FindByIdAsync(refreshToken.UserId.ToString()); var roles = await _userManager.GetRolesAsync(user); var userProfile = _mapper.Map <UserProfileDto>(user); var tokenKey = _securityConfigurations.tokenKey; var issuer = _securityConfigurations.Issuer; var appKey = _securityConfigurations.appKey; var token = TokensGenerator.GenerateJwtToken(user, roles, tokenKey, issuer); HttpContext.AddCookies(token, appKey); HttpContext.AddCookies(refreshToken.TokenValue, $"{appKey}Refresh"); _logger.LogInformation($"Token for user {refreshToken.UserId} successfully refreshed."); return(Ok(new { user = userProfile, token, refreshToken.TokenValue })); } _logger.LogError($"Token {RefreshToken} doesn't exist in database.!"); return(StatusCode(401)); }