public LoginResponse AuthenticateClient(LoginRequest request)
{
var client = GetClientByLogin(request.Login);
if (client == null)
{
throw new Exception("Client with login " + request.Login + " DOESNT EXIST");
}
string hashedPassword = GetHashedPassword(client.IdClient);
string salt = GetSalt(client.IdClient);
bool isPasswordValid = ValidationHelper.IsPasswordValid(request.Password, hashedPassword, salt);
if (!isPasswordValid)
{
throw new Exception("Incorrect password for client with login " + request.Login);
}
var accessToken = TokensGenerator.GenerateAccessToken(client.IdClient, _configuration);
var refreshToken = TokensGenerator.GenerateRefreshToken(client.IdClient, accessToken);
var updatedAccessToken = UpdateAccessToken(accessToken);
var updatedRefreshToken = UpdateRefreshToken(refreshToken);
return(new LoginResponse
{
AccessToken = updatedAccessToken,
RefreshToken = updatedRefreshToken
});
}
public NewClientResponse AddNewClient(NewClientRequest request)
{
if (LoginExists(request.Login))
{
throw new Exception("User with login " + request.Login + " already exists");
}
var clientId = GenerateNewClientId();
var hashSalt = HashSaltGenerator.GenerateSaltedHash(request.Password);
var hashedPassword = hashSalt.Hash;
var salt = hashSalt.Salt;
var accessToken = TokensGenerator.GenerateAccessToken(clientId, _configuration);
var refreshToken = TokensGenerator.GenerateRefreshToken(clientId, accessToken);
SaveClient(request, clientId, hashedPassword, salt);
var refreshId = GetNewRefreshTokenId();
var accessId = GetNewAccessTokenId();
SaveAccessToken(accessToken, clientId, accessId);
SaveRefreshToken(refreshToken, clientId, refreshId);
AssignTokensToClient(clientId, accessToken, refreshToken);
return(new NewClientResponse
{
AccessToken = accessToken.Token,
RefreshToken = refreshToken.Token
});
}
public async Task <IActionResult> LoginUser(UserLoginForm loginForm)
{
var user = await _userManager.FindByNameAsync(loginForm.UserName);
var result = await _signInManager.CheckPasswordSignInAsync(user, loginForm.Password, false);
if (result.Succeeded)
{
var appUser = await _userManager.Users.FirstOrDefaultAsync(
u => u.NormalizedUserName == loginForm.UserName.ToUpper());
var roles = await _userManager.GetRolesAsync(appUser);
var userProfile = _mapper.Map <UserProfileDto>(appUser);
var tokenKey = _securityConfigurations.tokenKey;
var issuer = _securityConfigurations.Issuer;
var appKey = _securityConfigurations.appKey;
var token = TokensGenerator.GenerateJwtToken(appUser, roles, tokenKey, issuer);
var refreshToken = TokensGenerator.GenerateRefreshToken();
HttpContext.AddCookies(token, appKey);
HttpContext.AddCookies(refreshToken, $"{appKey}Refresh");
var existingToken = await _tokenRepository.FindItemAsync(
t => t.UserId == appUser.Id &&
t.DeviceName == Request.Headers["device-info"].ToString());
if (existingToken != null)
{
_logger.LogWarning($"User with Id {appUser.Id} has already logged in from this device, old refresh token will be removed.");
await _tokenRepository.RemoveItemAsync(existingToken);
_logger.LogInformation($"Old refresh token for user with Id {appUser.Id} removed from database.");
}
await _tokenRepository.AddItemAsync(
new RefreshToken
{
Id = GuidCreator.CreateGuid(),
TokenValue = refreshToken,
DeviceName = Request.Headers["device-info"],
UserId = appUser.Id
});
_logger.LogInformation($"User with id {appUser.Id} successfully logged in.");
return(Ok(new { user = userProfile, token, refreshToken }));
}
return(Unauthorized());
}
public RefreshTokenResponse RefreshToken(RefreshTokenRequest request)
{
var client = GetUserByRefreshToken(request.RefreshToken);
var accessToken = TokensGenerator.GenerateAccessToken(client.IdClient, _configuration);
var updatedAccessToken = UpdateAccessToken(accessToken);
var refreshToken = TokensGenerator.GenerateRefreshToken(client.IdClient, accessToken);
var updatedRefreshToken = UpdateRefreshToken(refreshToken);
return(new RefreshTokenResponse
{
AccessToken = updatedAccessToken,
RefreshToken = updatedRefreshToken
});
}
public async Task <IActionResult> RefreshToken([FromHeader] string RefreshToken)
{
var refreshToken = await _tokenRepository.FindItemAsync(
t => t.TokenValue == RefreshToken);
if (refreshToken != null)
{
await _tokenRepository.RemoveItemAsync(refreshToken);
refreshToken.TokenValue = TokensGenerator.GenerateRefreshToken();
await _tokenRepository.AddItemAsync(refreshToken);
var user = await _userManager.FindByIdAsync(refreshToken.UserId.ToString());
var roles = await _userManager.GetRolesAsync(user);
var userProfile = _mapper.Map <UserProfileDto>(user);
var tokenKey = _securityConfigurations.tokenKey;
var issuer = _securityConfigurations.Issuer;
var appKey = _securityConfigurations.appKey;
var token = TokensGenerator.GenerateJwtToken(user, roles, tokenKey, issuer);
HttpContext.AddCookies(token, appKey);
HttpContext.AddCookies(refreshToken.TokenValue, $"{appKey}Refresh");
_logger.LogInformation($"Token for user {refreshToken.UserId} successfully refreshed.");
return(Ok(new { user = userProfile, token, refreshToken.TokenValue }));
}
_logger.LogError($"Token {RefreshToken} doesn't exist in database.!");
return(StatusCode(401));
}
