public async Task <AuthenticationResult> Handle(AuthenticateCommand request, CancellationToken cancellationToken)
{
UserDto user = await _authenticateQueries.GetUserByLoginAsync(request.Login);
if (user == null)
{
return(new AuthenticationResult("Incorrect login or password"));
}
if (!user.IsActive)
{
return(new AuthenticationResult("User is not active"));
}
if (!_passwordManager.VerifyPassword(user.Password, request.Password))
{
return(new AuthenticationResult("Incorrect login or password"));
}
user.Claims ??= new List <Claim>();
// TODO: Understand why do we need to add the following in the claims
//user.Claims.Add(new Claim(CustomClaimTypes.Name, user.Name));
//user.Claims.Add(new Claim(CustomClaimTypes.Email, user.Email));
return(new AuthenticationResult(user));
}
public User ValidateLogin(LoginCredentialsForm credentials)
{
var storedUser = _userRepository.GetFromUsername(credentials.Username);
if (storedUser != null && _passwordManager.VerifyPassword(storedUser, credentials))
{
return(storedUser);
}
return(null);
}
private ServiceResult AuthUser(AppUser user, string password)
{
if (user == null)
{
return(ServiceResultFactory.BadRequestResult(nameof(AuthenticateAsync), "Username was not found."));
}
var success = _passwordManager.VerifyPassword(password, user.PasswordHash, user.PasswordSalt);
if (success == false)
{
return(ServiceResultFactory.BadRequestResult(nameof(AuthenticateAsync), "Password is wrong."));
}
return(ServiceResultFactory.SuccessResult(user));
}
public async Task <TokenDTO> Handle(LoginUserQuery query, CancellationToken cancellationToken)
{
User user = await userRepository.GetByEmail(query.Email);
if (user == null)
{
throw new AppException(ErrorCode.NotFound);
}
if (!passwordManager.VerifyPassword(query.Password, user.PasswordHash, user.Salt))
{
throw new AppException(ErrorCode.InvalidPassword);
}
var token = tokenManager.GenerateToken(user.Id, user.Email);
return(new TokenDTO(token, user.FirstName, user.LastName, user.Image));
}
public async Task <IActionResult> CreateToken([FromBody] CredentialModel model)
{
try
{
var user = await _userRepository.Get(model.Username);
if (user == null)
{
return(Unauthorized());
}
if (!await _passwordManager.VerifyPassword(user.Id, model.Password))
{
return(Unauthorized());
}
var claims = await _authManager.GetAllClaims(user);
var signingCredentials = _authManager.GetSigningCredentials();
int validForDurationMinutes = 15;
int.TryParse(_configuration[Constants.TokenDurationMinutes], out validForDurationMinutes);
var token = _authManager.CreateToken(claims, validForDurationMinutes, signingCredentials);
// Update User Last login time for audit
await _userRepository.UpdateLastLogin(user.Id);
return(Ok(new
{
token = new JwtSecurityTokenHandler().WriteToken(token),
expiration = token.ValidTo
}));
}
catch (Exception ex)
{
_logger.Error(ex, $"Exception thrown while creating JWT: {ex}");
}
return(BadRequest("Failed to create token"));
}
