public LoginResponse LoginFromApiKey(string apiKey)
{
var token = AuthTokenServer.CreateToken(UserEntity.Current);
return(new LoginResponse {
userEntity = UserEntity.Current, token = token, authenticationType = "api-key"
});
}
public LoginResponse?LoginFromCookie()
{
if (!UserTicketServer.LoginFromCookie(ControllerContext))
{
return(null);
}
var token = AuthTokenServer.CreateToken(UserEntity.Current);
return(new LoginResponse {
userEntity = UserEntity.Current, token = token, authenticationType = "cookie"
});
}
public LoginResponse?LoginWithAzureAD([FromBody, Required] string jwt, [FromQuery] bool throwErrors = true)
{
if (!AzureADAuthenticationServer.LoginAzureADAuthentication(ControllerContext, jwt, throwErrors))
{
return(null);
}
var token = AuthTokenServer.CreateToken(UserEntity.Current);
return(new LoginResponse {
userEntity = UserEntity.Current, token = token, authenticationType = "azureAD"
});
}
public ActionResult <LoginResponse> ChangePassword([Required, FromBody] ChangePasswordRequest request)
{
if (string.IsNullOrEmpty(request.newPassword))
{
return(ModelError("newPassword", LoginAuthMessage.PasswordMustHaveAValue.NiceToString()));
}
var error = UserEntity.OnValidatePassword(request.newPassword);
if (error.HasText())
{
return(ModelError("newPassword", error));
}
var user = UserEntity.Current;
if (string.IsNullOrEmpty(request.oldPassword))
{
if (user.PasswordHash != null)
{
return(ModelError("oldPassword", LoginAuthMessage.PasswordMustHaveAValue.NiceToString()));
}
}
else
{
if (user.PasswordHash == null || !user.PasswordHash.SequenceEqual(Security.EncodePassword(request.oldPassword)))
{
return(ModelError("oldPassword", LoginAuthMessage.InvalidPassword.NiceToString()));
}
}
user.PasswordHash = Security.EncodePassword(request.newPassword);
using (AuthLogic.Disable())
using (OperationLogic.AllowSave <UserEntity>())
{
user.Save();
}
return(new LoginResponse {
userEntity = user, token = AuthTokenServer.CreateToken(UserEntity.Current), authenticationType = "changePassword"
});
}
public ActionResult <LoginResponse> ResetPassword([Required, FromBody] ResetPasswordRequest request)
{
if (string.IsNullOrEmpty(request.newPassword))
{
return(ModelError("newPassword", LoginAuthMessage.PasswordMustHaveAValue.NiceToString()));
}
var error = UserEntity.OnValidatePassword(request.newPassword);
if (error != null)
{
return(ModelError("newPassword", error));
}
var rpr = ResetPasswordRequestLogic.ResetPasswordRequestExecute(request.code, request.newPassword);
return(new LoginResponse {
userEntity = rpr.User, token = AuthTokenServer.CreateToken(rpr.User), authenticationType = "resetPassword"
});
}
public LoginResponse?LoginWindowsAuthentication(bool throwError)
{
string?error = WindowsAuthenticationServer.LoginWindowsAuthentication(ControllerContext);
if (error != null)
{
if (throwError)
{
throw new InvalidOperationException(error);
}
return(null);
}
var token = AuthTokenServer.CreateToken(UserEntity.Current);
return(new LoginResponse {
userEntity = UserEntity.Current, token = token, authenticationType = "windows"
});
}
public ActionResult <LoginResponse> Login([Required, FromBody] LoginRequest data)
{
if (string.IsNullOrEmpty(data.userName))
{
return(ModelError("userName", LoginAuthMessage.UserNameMustHaveAValue.NiceToString()));
}
if (string.IsNullOrEmpty(data.password))
{
return(ModelError("password", LoginAuthMessage.PasswordMustHaveAValue.NiceToString()));
}
string authenticationType;
// Attempt to login
UserEntity user;
try
{
if (AuthLogic.Authorizer == null)
{
user = AuthLogic.Login(data.userName, Security.EncodePassword(data.password), out authenticationType);
}
else
{
user = AuthLogic.Authorizer.Login(data.userName, data.password, out authenticationType);
}
}
catch (Exception e) when(e is IncorrectUsernameException || e is IncorrectPasswordException)
{
if (AuthServer.MergeInvalidUsernameAndPasswordMessages)
{
return(ModelError("login", LoginAuthMessage.InvalidUsernameOrPassword.NiceToString()));
}
else if (e is IncorrectUsernameException)
{
return(ModelError("userName", LoginAuthMessage.InvalidUsername.NiceToString()));
}
else if (e is IncorrectPasswordException)
{
return(ModelError("password", LoginAuthMessage.InvalidPassword.NiceToString()));
}
throw;
}
catch (Exception e)
{
return(ModelError("login", e.Message));
}
AuthServer.OnUserPreLogin(ControllerContext, user);
AuthServer.AddUserSession(ControllerContext, user);
if (data.rememberMe == true)
{
UserTicketServer.SaveCookie(ControllerContext);
}
var token = AuthTokenServer.CreateToken(user);
return(new LoginResponse {
userEntity = user, token = token, authenticationType = authenticationType
});
}