public JsonResultModel Token(string s)
{
var jwt = new JWTServices(_config);
var token = jwt.GenerateSecurityToken(DateTime.Now.ToString());
return(new JsonResultModel(1, "thành công", token));
}
public async Task <IActionResult> Login([FromBody] IdentityModel identityModel)
{
//LoginViewModel met (Required) UserName en Password aanbrengen.
if (!ModelState.IsValid)
{
return(BadRequest("Unvalid data"));
}
try
{
//geen persistence, geen lockout -> via false, false
var result = await _signInManager.PasswordSignInAsync(identityModel.UserName,
identityModel.Password, false, false);
if (result.Succeeded)
{
var jwtsvc = new JWTServices <User>(_configuration, _logger,
_usermanager, _passwordHasher);
var token = await jwtsvc.GenerateJwtToken(identityModel);
return(Ok(token));
//return Ok("Welcome " + identityModel.UserName);
}
ModelState.AddModelError("", "Username or password not found");
return(BadRequest("Failed to login")); //zo algemeen mogelijke reactive. Vertelt niet dat het pwd niet juist is.
}
catch (Exception exc)
{
_logger.LogError($"Exception thrown when logging in: {exc}");
}
return(BadRequest("Failed to login")); //zo weinig mogelijk (hacker) info }
}
public async Task <IActionResult> GenerateJwtToken([FromBody] LoginResource identityResource)
{
try {
var jwtsvc = new JWTServices <IdentityUser>(configuration, logger, userManager, hasher);
var token = await jwtsvc.GenerateJwtToken(identityResource);
return(Ok(token));
} catch (Exception exc) {
logger.LogError($"Exception thrown when creating JWT: {exc}");
}
return(BadRequest("Failed to generate JWT token"));
}
// [ValidateAntiForgeryToken]
//CSRF: enkel nodig indien (statefull) via een browser , form ingelogd wordt
public async Task <IActionResult> Login([FromBody] LoginDTO loginDTO)
// , [FromQuery(Name = "d")] string destination = "frontend")
{
var returnMessage = "";
try
{
if (ModelState.IsValid)
{
var user = await userManager.FindByEmailAsync(loginDTO.Email);
if (user == null)
{
return(StatusCode((int)HttpStatusCode.Unauthorized, "The combination of emailadres and password is wrong. Please try again."));
}
//TODO:inkomend emailadres strippen van spaties
//geen persistence, geen lockout -> via false, false
var result = await signInMgr.PasswordSignInAsync(loginDTO.Email, loginDTO.Password, false, false);
if (result.Succeeded)
{
try
{
//password controle gebeurt ook in de JWTService
//extra checks zijn mogelijk . bvb op basis vd rol en een querystring item
var jwtsvc = new JWTServices <User>(configuration, logger, userManager, hasher);
var token = await jwtsvc.GenerateJwtToken(loginDTO);
return(Ok(token)); // HET TOKEN returnen
}
catch (Exception exc)
{
logger.LogError($"Exception thrown when creating JWT: {exc}");
}
}
return(StatusCode((int)HttpStatusCode.Unauthorized, "The combination of emailadres and password is wrong. Please try again."));
//zo algemeen mogelijke boodschap. Vertel niet dat het pwd niet juist is.
}
throw new Exception("Please fill in all information");
}
catch (Exception exc)
{
returnMessage = $"Foutief of ongeldig request: {exc.Message}";
ModelState.AddModelError("", returnMessage);
Debug.WriteLine(exc.Message);
return(new StatusCodeResult(500));
}
// return BadRequest(returnMessage); //zo weinig mogelijk (hacker) info
}
public async Task <IActionResult> GenerateJwtToken([FromBody] LoginDTO identityDTO)
{
try
{
var jwtsvc = new JWTServices <Person>(configuration, logger, usermanager, hasher);
var token = await jwtsvc.GenerateJwtToken(identityDTO);
return(Ok(token));
}
catch (Exception exc)
{
logger.LogError($"Exception thrown when creating JWT: {exc}");
} //Bij niet succesvolle authenticatie wordt een Badrequest (=zo weinig mogelijke info) teruggeven.
return(BadRequest("Failed to generate JWT token"));
}
public async Task <ActionResult> Index()
{
IEnumerable <Claim> claims = null;
try
{
claims = await JWTServices.GetTokenAsync("username", "password").ConfigureAwait(false);
}
catch (Exception e)
{
claims = null;
throw e;
}
ViewBag.Title = "Home Page";
return(View());
}
public IActionResult GenerateJwtToken()
{
// TODO
// CHECK IF USERNAME IS TAKEN INSIDE USERSCONTROLLER
try
{
var jwtsvc = new JWTServices(configuration, logger);
var token = jwtsvc.GenerateJwtToken();
return(Ok(token));
}
catch (Exception exc)
{
logger.LogError($"Exception thrown when creating JWT: {exc}");
}
//Bij niet succesvolle authenticatie wordt een Badrequest (=zo weinig mogelijke info) teruggeven.
return(BadRequest("Failed to generate JWT token"));
}
// [ValidateAntiForgeryToken]
//CSRF: enkel nodig indien (statefull) via een browser , form ingelogd wordt
public async Task <IActionResult> Login([FromBody] LoginDTO loginDTO)
// , [FromQuery(Name = "d")] string destination = "frontend")
{
var returnMessage = "";
//LoginViewModel met (Required) UserName en Password aanbrengen.
if (!ModelState.IsValid)
{
return(BadRequest("Onvolledige gegevens"));
}
try
{
//geen persistence, geen lockout -> via false, false
var result = await
signInMgr.PasswordSignInAsync(loginDTO.UserName, loginDTO.Password, false, false);
//optioneel: cardnumber controle
if (result.Succeeded)
{
try
{
//password controle gebeurt ook in de JWTService
//extra checks zijn mogelijk . bvb op basis vd rol en een querystring item
var jwtsvc = new JWTServices <User>(configuration, logger, userManager, hasher);
var token = await jwtsvc.GenerateJwtToken(loginDTO);
return(Ok(token)); // HET TOKEN returnen
}
catch (Exception exc)
{
logger.LogError($"Exception thrown when creating JWT: {exc}");
}
}
throw new Exception("User of paswoord niet gevonden.");
//zo algemeen mogelijke boodschap. Vertel niet dat het pwd niet juist is.
}
catch (Exception exc)
{
returnMessage = $"Foutief of ongeldig request: {exc.Message}";
ModelState.AddModelError("", returnMessage);
Debug.WriteLine(exc.Message);
}
return(BadRequest(returnMessage)); //zo weinig mogelijk (hacker) info
}
public async Task <IActionResult> Validate([FromQuery(Name = "email")] string email, [FromQuery(Name = "token")] string token)
{
var user = await userManager.FindByEmailAsync(email);
if (user == null)
{
return(NotFound("User not found."));
}
var jwtsvc = new JWTServices <User>(configuration, logger, userManager, hasher);
var userId = jwtsvc.ValidateToken(token);
if (userId.ToString() != user.Id)
{
return(BadRequest("Invalid token."));
}
return(new OkObjectResult(userId));
}
public async Task <IActionResult> Login(IdentityModel identityModel)
{
if (!ModelState.IsValid)
{
return(BadRequest("Unvalid data"));
}
try
{
var jwtsvc = new JWTServices <GeoPointUser>(_configuration, _userManager, _hasher, _logger);
var token = await jwtsvc.GenerateJwtToken(identityModel);
if (token.GetType() == typeof(IdentityError))
{
IdentityError error = (IdentityError)token;
return(BadRequest(error.Description));
}
return(Ok(token));
}
catch (Exception e)
{
_logger.LogError($"\r\n\r\nError thrown on AuthController - Login method (" + DateTime.UtcNow.ToString() + ") \r\nException thrown when trying to login: "******"\r\n\r\n");
}
return(BadRequest("Failed to login"));
}
public UserController(UserManager <ApplicationUser> userManager, SignInManager <ApplicationUser> signInManager, JWTServices jWTServices)
{
this.userManager = userManager;
this.signInManager = signInManager;
this.jWTServices = jWTServices;
}
public async void VerificarAction(object sender, EventArgs args)
{
string resultado = await JWTServices.Verificar();
lblResultado.Text = resultado;
}
public async void GetTokenAction(object sender, EventArgs args)
{
string resultado = await JWTServices.GetToken(nome.Text, password.Text);
lblToken.Text = resultado;
}
