public async Task <LogInResponseDto> GenerateTokenAsync(LogInDto logIn) { LogInResponseDto response = null; var user = await _userRepository.GetUserByUserNameAsync(logIn.UserName); if (user == null) { return(response); } var authenticate = AuthenticateUser(logIn, user); if (authenticate) { var token = GenerateJSONWebToken(user); response = new LogInResponseDto { FullName = user.FullName, Token = token }; } return(response); }
public async Task <IActionResult> LogInAsync(LogInDto user) { try { LogInResponseDto res = await _userService.GenerateTokenAsync(user); if (res != null) { return(Ok(res)); } return(BadRequest("رمز یا گذرواژه غلط")); } catch (Exception e) { return(Unauthorized(e)); } }
public async Task <Response <LogInResponseDto> > LogInAsync(LogInDto logInDto) { var response = new Response <LogInResponseDto>(); var user = await _userManager.Users.FirstOrDefaultAsync(u => u.UserName == logInDto.UserName && u.EmailConfirmed); if (user != null && await _userManager.CheckPasswordAsync(user, logInDto.Password)) { var roles = await _userManager.GetRolesAsync(user); var claim = new Claim[] { new Claim(JwtRegisteredClaimNames.Sub, user.Id), new Claim(JwtRegisteredClaimNames.Jti, Guid.NewGuid().ToString()), new Claim("Roles", roles[0]), }; var token = new JwtSecurityToken( expires: DateTime.Now.AddMonths(1), claims: claim, signingCredentials: new SigningCredentials( new SymmetricSecurityKey(Encoding.UTF8.GetBytes(_configuration.GetSection("SecretKey").Value)), SecurityAlgorithms.HmacSha256) ); var handler = new JwtSecurityTokenHandler(); var dto = new LogInResponseDto() { Token = handler.WriteToken(token), Exparation = token.ValidTo }; response.Data = dto; return(response); } response.Error = new Error("Username or/and password not correct"); return(response); }
public static async Task <HttpResponseMessage> Run( [HttpTrigger( AuthorizationLevel.Anonymous, "post", Route = "users/login/{login}/") ] HttpRequestMessage req, string login, [Table("ExpensesApp")] CloudTable table, [Table("ExpensesApp", "user_{login}", "user_{login}")] UserLogInData entity, TraceWriter log) { log.Info("Request to LogIn"); LogInDto logInDto = null; try { logInDto = await req.Content.ReadAsDeserializedJson <LogInDto>(); } catch { log.Info("LogIn response: BadRequest - cannot read dto object"); return(req.CreateResponse( statusCode: HttpStatusCode.BadRequest, value: "Please pass a valid dto object in the request content")); } if (login == null) { log.Info("LogIn response: BadRequest - login is null"); return(req.CreateResponse( statusCode: HttpStatusCode.BadRequest, value: "Please pass a login on the query string or in the request body")); } if (logInDto == null || string.IsNullOrWhiteSpace(logInDto.HashedPassword)) { log.Info("LogIn response: BadRequest - dto object content is not valid"); return(req.CreateResponse( statusCode: HttpStatusCode.BadRequest, value: "Please pass correct values to the dto object")); } if (entity == null || entity.PasswordHash != logInDto.HashedPassword) { log.Info($"LogIn response: BadRequest - wrong credentials"); return(req.CreateResponse( statusCode: HttpStatusCode.BadRequest, value: "User with given login does not exist or the password was incorrect" )); } log.Info($"LogIn response: OK - user {login} has been authenticated"); UserDetails userDetails = null; try { var rertieveTableOperation = TableOperation.Retrieve <UserDetails>(entity.HouseholdId, entity.PartitionKey); var result = await table.ExecuteAsync(rertieveTableOperation); userDetails = result?.Result as UserDetails; } catch (Exception ex) { log.Error($"LogIn response: InternalServerError. Couldn't retreieve UserDetails PK={entity.HouseholdId}, RK={entity.PartitionKey}", ex); return(req.CreateResponse( statusCode: HttpStatusCode.InternalServerError, value: "Couldn't retreieve UserDetails" )); } bool userBelongsToHousehold = false; try { var retrieveOperation = TableOperation.Retrieve <Household>(entity.HouseholdId, entity.HouseholdId); var result = await table.ExecuteAsync(retrieveOperation); if (result != null && result.Result != null && result.Result is Household) { userBelongsToHousehold = true; } } catch (Exception ex) { log.Error($"LogIn response: InternalServerError. Couldn't retreieve Household PK={entity.HouseholdId}, RK={entity.PartitionKey}", ex); return(req.CreateResponse( statusCode: HttpStatusCode.InternalServerError, value: "Couldn't retreieve Household" )); } var responseDto = new LogInResponseDto() { Key = entity.Key, Configured = userDetails != null, HouseholdId = entity.HouseholdId, BelongsToHousehold = userBelongsToHousehold }; return(req.CreateResponse(HttpStatusCode.OK, responseDto)); }
public static async Task <HttpResponseMessage> Run( [HttpTrigger( AuthorizationLevel.Function, "get", "post", Route = "users/loginwithkey/{login}") ] HttpRequestMessage req, string login, [Table("ExpensesApp")] CloudTable table, [Table("ExpensesApp", "user_{login}", "user_{login}")] UserLogInData entity, TraceWriter log) { if (login == null) { log.Info("LogIn response: BadRequest - login is null"); return(req.CreateResponse( statusCode: HttpStatusCode.BadRequest, value: "Please pass a login on the query string or in the request body")); } if (entity == null) { log.Info($"LogIn response: BadRequest - no such user"); return(req.CreateResponse( statusCode: HttpStatusCode.BadRequest, value: "User with given login does not exist" )); } string key = req.GetQueryNameValuePairs() .FirstOrDefault(q => string.Compare(q.Key, "code", true) == 0) .Value; if (entity.Key != key) { log.Info($"LogIn response: BadRequest - key doesn't belong to this user"); log.Info($"-----------------was: {key}"); log.Info($"but should have been: {entity.Key}"); int i = 0; for (; i < key.Length; ++i) { if (entity.Key.Length < i + 1 || entity.Key[i] != key[i]) { break; } } log.Info($"at char: {i}"); return(req.CreateResponse( statusCode: HttpStatusCode.BadRequest, value: "Given key doesn't belong to this user" )); } log.Info($"LogIn response: OK - user {login} has been authenticated"); UserDetails userDetails = null; try { var rertieveTableOperation = TableOperation.Retrieve <UserDetails>(entity.HouseholdId, entity.PartitionKey); var result = await table.ExecuteAsync(rertieveTableOperation); userDetails = result?.Result as UserDetails; } catch (Exception ex) { log.Error($"LogIn response: InternalServerError. Couldn't retreieve UserDetails PK={entity.HouseholdId}, RK={entity.PartitionKey}", ex); return(req.CreateResponse( statusCode: HttpStatusCode.InternalServerError, value: "Couldn't retreieve UserDetails" )); } bool userBelongsToHousehold = false; try { var retrieveOperation = TableOperation.Retrieve <Household>(entity.HouseholdId, entity.HouseholdId); var result = await table.ExecuteAsync(retrieveOperation); if (result != null && result.Result != null && result.Result is Household) { userBelongsToHousehold = true; } } catch (Exception ex) { log.Error($"LogIn response: InternalServerError. Couldn't retreieve Household PK={entity.HouseholdId}, RK={entity.PartitionKey}", ex); return(req.CreateResponse( statusCode: HttpStatusCode.InternalServerError, value: "Couldn't retreieve Household" )); } var responseDto = new LogInResponseDto() { Key = entity.Key, Configured = userDetails != null, HouseholdId = entity.HouseholdId, BelongsToHousehold = userBelongsToHousehold }; return(req.CreateResponse(HttpStatusCode.OK, responseDto)); }