public async Task <LoginResponse> LoginAsync(LoginRequest loginRequest, CancellationToken cancellationToken)
        {
            // ensure we have a user with the given user name
            var user = await _userManager.FindByNameAsync(loginRequest.Username);

            // validate password
            if (await _userManager.CheckPasswordAsync(user, loginRequest.Password))
            {
                var appUser = await _appUsersRepository.GetAppUserByUserIdAsync(new Guid(user.Id), CancellationToken.None);

                if (appUser.HasBeenGrantedAccess)
                {
                    // generate refresh token
                    var refreshToken = _tokenFactory.GenerateToken();
                    appUser.AddRefreshToken(refreshToken, new Guid(user.Id), loginRequest.RemoteIpAddress);

                    await appUser.SaveAsync(cancellationToken);

                    // generate access token
                    var accessToken = await _jwtTokenFactory.GenerateEncodedTokenAsync(user.Id, user.UserName, appUser.AppUserId.ToString());

                    return(new LoginResponse(accessToken, refreshToken, true));
                }
                else
                {
                    return(new LoginResponse(new List <Error> {
                        new Error(LoginResponse.LoginErrorCodes.AwaitingAccess, "Your request for access has been submitted. You'll receive an e-mail when access has been granted. Thank you!")
                    }));
                }
            }

            throw new BadRequestException("Username or password is incorrect.");
        }
Exemple #2
0
        public async Task <ExchangeRefreshTokenResponse> ExchangeRefreshTokenAsync(string accessToken, string refreshToken, CancellationToken cancellationToken)
        {
            var currentPrincipal = _jwtTokenValidator.GetPrincipalFromToken(accessToken, _settings.AuthSettings.SecretKey);

            // invalid token/signing key was passed and we can't extract user claims
            if (currentPrincipal != null)
            {
                var appUserId = currentPrincipal.Claims.First(c => c.Type == CustomClaimIdentifiers.AppUserId).Value;
                var appUser   = await _appUsersRepository.GetAppUserAsync(new Guid(appUserId), cancellationToken);

                if (appUser.HasValidRefreshToken(refreshToken))
                {
                    var jwtToken = await _jwtTokenFactory.GenerateEncodedTokenAsync(appUser.UserId.ToString(), appUser.UserName, appUser.AppUserId.ToString());

                    var newRefreshToken = _tokenFactory.GenerateToken();
                    appUser.RemoveRefreshToken(refreshToken);                     // delete the token we've exchanged
                    appUser.AddRefreshToken(newRefreshToken, appUser.UserId, ""); // add the new one
                    await appUser.SaveAsync(cancellationToken);

                    return(new ExchangeRefreshTokenResponse(jwtToken, newRefreshToken, true));
                }
            }

            return(new ExchangeRefreshTokenResponse(false, "Invalid token."));
        }