public async Task <ActionResult <ResponseModel <bool> > > Autorize(AutorizeModel model) { try { return(Ok(new ResponseModel <bool>() { Result = await securityService.Autorize(model) })); } catch (ApplicationException e) { return(BadRequest(new ResponseModel <bool>() { Message = e.Message, Result = false })); } catch (Exception e) { _logger.LogError(e.Message); return(BadRequest(new ResponseModel <bool>() { Message = e.Message, Result = false })); } }
public async Task <bool> Autorize(AutorizeModel model) { try { SecurityToken validatedToken; var validations = new TokenValidationParameters { ValidateIssuerSigningKey = true, IssuerSigningKey = new SymmetricSecurityKey(Encoding.ASCII.GetBytes(key)), ValidateIssuer = false, ValidateAudience = false }; var handler = new JwtSecurityTokenHandler(); // And finally when you received token from client // you can either validate it or try to read var claims = handler.ValidateToken(model.Token, validations, out validatedToken); if (!model.IdRol.HasValue) { return(true); } var user = ((JwtSecurityToken)validatedToken).Subject; var userModel = await rep.GetUserByEmail(user); return(userModel.Roles.Any(x => x.Id == model.IdRol)); } catch (SecurityTokenException e) { _logger.LogWarning("Token no valido"); throw new ApplicationException("Token no valido"); } catch (ArgumentException ae) { _logger.LogWarning("Token no valido"); throw new ApplicationException("Token no valido"); } catch (Exception e) { _logger.LogError(e, "Error en la validacion del token"); throw e; } }
private ActionResult LoginAfterRegistration(AutorizeModel autorize) { User user = ServiceToWorkWithUsers.GetUser(autorize.LastName, autorize.Password); if (user != null) { Helpers.AuthHelper.LogInUser(HttpContext, user.Cookies); switch (user.Role.RoleName) { case "Admin": return(RedirectToAction("Admin", "Admin")); case "User": return(RedirectToAction("Index", "Home")); } } return(RedirectToAction("Login", "Account")); }
public ActionResult Registration(User user) { if (!Helpers.AuthHelper.IsAuthenticated(HttpContext)) { user.RoleId = 2; user.Cookies = Guid.NewGuid().ToString(); // cookie для авторизации user.Password = Helpers.SecurityHelper.Hash(user.Password); if (!ServiceToWorkWithUsers.FindUser(user.LastName)) { return(RedirectToAction("Registration", "Account")); } ServiceToWorkWithUsers.AddUser(user); AutorizeModel autorize = new AutorizeModel() { LastName = user.LastName, Password = user.Password }; LoginAfterRegistration(autorize); } return(RedirectToAction("Login", "Account")); }