public UserProviderResult Provide(int userId) { var user = _activeUserProvider.Provide(x => x.IsBrowseable && x.UserId == userId); if (user == null) { return(null); } return(new UserProviderResult { Login = user.Login, Permissions = user.UserPermissions.Select(x => x.Permission).ToArray() }); }
public CommandResult Execute(AuthenticateUserCommand command, CommandContext context) { if (command.Pin.IsNullOrEmpty() && command.Password.IsNullOrEmpty()) { return(CommandResult.WithValidationError(Localization.ValidationMessage.PinOrPasswordRequired)); } var user = _activeUserProvider.Provide(x => x.Login == command.Login); if (user == null || (!command.Pin.IsNullOrEmpty() && user.QuickLoginPinHash != command.Pin.CalculateHash()) || (!command.Password.IsNullOrEmpty() && user.PasswordHash != command.Password.CalculateHash())) { return(CommandResult.WithValidationError(Localization.ValidationMessage.UnknownUserOrWrongPassword)); } _userUpdater.Update(new UserLastLogonUpdaterInput { UserId = user.UserId, LastLogonDate = DateTime.UtcNow, LastSeenIpAddress = command.IpAddress }); var signingCredentials = new SigningCredentials(JwtSigningKey, SecurityAlgorithms.HmacSha256); var issuer = _configuration["Jwt:Issuer"]; var claims = new List <Claim> { new Claim(JwtRegisteredClaimNames.Sub, user.UserId.ToString()) }; claims.AddRange(user.UserPermissions.Select(x => new Claim(ClaimTypes.Role, x.Permission.ToString()))); var token = new JwtSecurityToken(issuer, issuer, claims, expires: DateTime.UtcNow.AddMinutes(TokenLifetimeMinutes), signingCredentials: signingCredentials); var response = new AuthenticateUserCommandResult { Token = new JwtSecurityTokenHandler().WriteToken(token), Permissions = user.UserPermissions.Select(x => x.Permission).ToArray() }; return(CommandResult.WithResponse(response)); }