private async Task GenerateToken(HttpContext context)
{
var serializer = new JsonSerializer();
LoginInfo loginModel;
using (var stream = new StreamReader(context.Request.Body))
using (var jsonStream = new JsonTextReader(stream))
{
loginModel = (LoginInfo)serializer.Deserialize(jsonStream, typeof(LoginInfo));
}
if (loginModel == null)
{
context.Response.StatusCode = 400;
await context.Response.WriteAsync("Username or Password is empty.");
return;
}
var identity = await options.IdentityResolver(loginModel);
if (identity == null || identity.User == null)
{
context.Response.StatusCode = 400;
await context.Response.WriteAsync("Invalid username or password.");
return;
}
var token = JwtTokenProducer.Produce(identity, options);
context.Response.ContentType = "application/json";
await context.Response.WriteAsync(JsonConvert.SerializeObject(token, serializerSettings));
}
public async Task<JwtResponse> RefreshJwt(ApplicationUser user)
{
var jwtIdentity = await CreateJwt(user);
var refreshToken = identityProvider.GenerateRefreshToken(jwtIdentity);
jwtIdentity.RefreshToken = refreshToken;
var options = JwtTokenProducer.InitializeOptions(configuration);
return JwtTokenProducer.Produce(jwtIdentity, options);
}
private async Task GenerateToken(HttpContext context)
{
var serializer = new JsonSerializer();
RefreshToken refreshToken;
using (var stream = new StreamReader(context.Request.Body))
using (var jsonStream = new JsonTextReader(stream))
{
refreshToken = (RefreshToken)serializer.Deserialize(jsonStream, typeof(RefreshToken));
}
if (refreshToken == null || string.IsNullOrWhiteSpace(refreshToken.Token))
{
context.Response.StatusCode = 400;
await context.Response.WriteAsync("User must relogin.");
return;
}
JwtIdentity identity;
try
{
identity = await options.RefreshTokenResolver(refreshToken.Token);
}
catch (Exception ex)
{
context.Response.StatusCode = 400;
await context.Response.WriteAsync(ex.Message);
return;
}
var user = identity.User;
var token = JwtTokenProducer.Produce(identity, options);
if (token == null)
{
context.Response.StatusCode = 400;
await context.Response.WriteAsync("refreshToken is missing.");
return;
}
context.Response.ContentType = "application/json";
await context.Response.WriteAsync(JsonConvert.SerializeObject(token, serializerSettings));
}
public async Task<JwtResponse> CompleteUserVerification(ApplicationUser user, string phoneNumber, string code)
{
var result = await userManager.ChangePhoneNumberAsync(user, phoneNumber, code);
if (result.Succeeded)
{
//CHECK: looks like I don't need it anymore (most likely uses cookie)
//await signInManager.SignInAsync(user, isPersistent: false);
//TODO: rethink this approach
await AddClaim(user, ApplicationClaims.Verified);
var jwtIdentity = await CreateJwt(user);
var refreshToken = identityProvider.GenerateRefreshToken(jwtIdentity);
jwtIdentity.RefreshToken = refreshToken;
var options = JwtTokenProducer.InitializeOptions(configuration);
return JwtTokenProducer.Produce(jwtIdentity, options);
}
logger.LogError($"Failed to complete user {user.UserName} verification with ex: {result.Errors.First().Description}.");
return null;
}
