public async Task <LogInResponseDto> GenerateTokenAsync(LogInDto logIn)
{
LogInResponseDto response = null;
var user = await _userRepository.GetUserByUserNameAsync(logIn.UserName);
if (user == null)
{
return(response);
}
var authenticate = AuthenticateUser(logIn, user);
if (authenticate)
{
var token = GenerateJSONWebToken(user);
response = new LogInResponseDto
{
FullName = user.FullName,
Token = token
};
}
return(response);
}
public async Task <IActionResult> LogInAsync(LogInDto user)
{
try
{
LogInResponseDto res = await _userService.GenerateTokenAsync(user);
if (res != null)
{
return(Ok(res));
}
return(BadRequest("رمز یا گذرواژه غلط"));
}
catch (Exception e)
{
return(Unauthorized(e));
}
}
public async Task <Response <LogInResponseDto> > LogInAsync(LogInDto logInDto)
{
var response = new Response <LogInResponseDto>();
var user = await _userManager.Users.FirstOrDefaultAsync(u => u.UserName == logInDto.UserName && u.EmailConfirmed);
if (user != null && await _userManager.CheckPasswordAsync(user, logInDto.Password))
{
var roles = await _userManager.GetRolesAsync(user);
var claim = new Claim[]
{
new Claim(JwtRegisteredClaimNames.Sub, user.Id),
new Claim(JwtRegisteredClaimNames.Jti, Guid.NewGuid().ToString()),
new Claim("Roles", roles[0]),
};
var token = new JwtSecurityToken(
expires: DateTime.Now.AddMonths(1),
claims: claim,
signingCredentials: new SigningCredentials(
new SymmetricSecurityKey(Encoding.UTF8.GetBytes(_configuration.GetSection("SecretKey").Value)),
SecurityAlgorithms.HmacSha256)
);
var handler = new JwtSecurityTokenHandler();
var dto = new LogInResponseDto()
{
Token = handler.WriteToken(token),
Exparation = token.ValidTo
};
response.Data = dto;
return(response);
}
response.Error = new Error("Username or/and password not correct");
return(response);
}
public static async Task <HttpResponseMessage> Run(
[HttpTrigger(
AuthorizationLevel.Anonymous,
"post",
Route = "users/login/{login}/")
] HttpRequestMessage req,
string login,
[Table("ExpensesApp")] CloudTable table,
[Table("ExpensesApp", "user_{login}", "user_{login}")] UserLogInData entity,
TraceWriter log)
{
log.Info("Request to LogIn");
LogInDto logInDto = null;
try
{
logInDto = await req.Content.ReadAsDeserializedJson <LogInDto>();
}
catch
{
log.Info("LogIn response: BadRequest - cannot read dto object");
return(req.CreateResponse(
statusCode: HttpStatusCode.BadRequest,
value: "Please pass a valid dto object in the request content"));
}
if (login == null)
{
log.Info("LogIn response: BadRequest - login is null");
return(req.CreateResponse(
statusCode: HttpStatusCode.BadRequest,
value: "Please pass a login on the query string or in the request body"));
}
if (logInDto == null ||
string.IsNullOrWhiteSpace(logInDto.HashedPassword))
{
log.Info("LogIn response: BadRequest - dto object content is not valid");
return(req.CreateResponse(
statusCode: HttpStatusCode.BadRequest,
value: "Please pass correct values to the dto object"));
}
if (entity == null ||
entity.PasswordHash != logInDto.HashedPassword)
{
log.Info($"LogIn response: BadRequest - wrong credentials");
return(req.CreateResponse(
statusCode: HttpStatusCode.BadRequest,
value: "User with given login does not exist or the password was incorrect"
));
}
log.Info($"LogIn response: OK - user {login} has been authenticated");
UserDetails userDetails = null;
try
{
var rertieveTableOperation = TableOperation.Retrieve <UserDetails>(entity.HouseholdId, entity.PartitionKey);
var result = await table.ExecuteAsync(rertieveTableOperation);
userDetails = result?.Result as UserDetails;
}
catch (Exception ex)
{
log.Error($"LogIn response: InternalServerError. Couldn't retreieve UserDetails PK={entity.HouseholdId}, RK={entity.PartitionKey}", ex);
return(req.CreateResponse(
statusCode: HttpStatusCode.InternalServerError,
value: "Couldn't retreieve UserDetails"
));
}
bool userBelongsToHousehold = false;
try
{
var retrieveOperation = TableOperation.Retrieve <Household>(entity.HouseholdId, entity.HouseholdId);
var result = await table.ExecuteAsync(retrieveOperation);
if (result != null && result.Result != null && result.Result is Household)
{
userBelongsToHousehold = true;
}
}
catch (Exception ex)
{
log.Error($"LogIn response: InternalServerError. Couldn't retreieve Household PK={entity.HouseholdId}, RK={entity.PartitionKey}", ex);
return(req.CreateResponse(
statusCode: HttpStatusCode.InternalServerError,
value: "Couldn't retreieve Household"
));
}
var responseDto = new LogInResponseDto()
{
Key = entity.Key,
Configured = userDetails != null,
HouseholdId = entity.HouseholdId,
BelongsToHousehold = userBelongsToHousehold
};
return(req.CreateResponse(HttpStatusCode.OK, responseDto));
}
public static async Task <HttpResponseMessage> Run(
[HttpTrigger(
AuthorizationLevel.Function,
"get", "post",
Route = "users/loginwithkey/{login}")
] HttpRequestMessage req,
string login,
[Table("ExpensesApp")] CloudTable table,
[Table("ExpensesApp", "user_{login}", "user_{login}")] UserLogInData entity,
TraceWriter log)
{
if (login == null)
{
log.Info("LogIn response: BadRequest - login is null");
return(req.CreateResponse(
statusCode: HttpStatusCode.BadRequest,
value: "Please pass a login on the query string or in the request body"));
}
if (entity == null)
{
log.Info($"LogIn response: BadRequest - no such user");
return(req.CreateResponse(
statusCode: HttpStatusCode.BadRequest,
value: "User with given login does not exist"
));
}
string key = req.GetQueryNameValuePairs()
.FirstOrDefault(q => string.Compare(q.Key, "code", true) == 0)
.Value;
if (entity.Key != key)
{
log.Info($"LogIn response: BadRequest - key doesn't belong to this user");
log.Info($"-----------------was: {key}");
log.Info($"but should have been: {entity.Key}");
int i = 0;
for (; i < key.Length; ++i)
{
if (entity.Key.Length < i + 1 || entity.Key[i] != key[i])
{
break;
}
}
log.Info($"at char: {i}");
return(req.CreateResponse(
statusCode: HttpStatusCode.BadRequest,
value: "Given key doesn't belong to this user"
));
}
log.Info($"LogIn response: OK - user {login} has been authenticated");
UserDetails userDetails = null;
try
{
var rertieveTableOperation = TableOperation.Retrieve <UserDetails>(entity.HouseholdId, entity.PartitionKey);
var result = await table.ExecuteAsync(rertieveTableOperation);
userDetails = result?.Result as UserDetails;
}
catch (Exception ex)
{
log.Error($"LogIn response: InternalServerError. Couldn't retreieve UserDetails PK={entity.HouseholdId}, RK={entity.PartitionKey}", ex);
return(req.CreateResponse(
statusCode: HttpStatusCode.InternalServerError,
value: "Couldn't retreieve UserDetails"
));
}
bool userBelongsToHousehold = false;
try
{
var retrieveOperation = TableOperation.Retrieve <Household>(entity.HouseholdId, entity.HouseholdId);
var result = await table.ExecuteAsync(retrieveOperation);
if (result != null && result.Result != null && result.Result is Household)
{
userBelongsToHousehold = true;
}
}
catch (Exception ex)
{
log.Error($"LogIn response: InternalServerError. Couldn't retreieve Household PK={entity.HouseholdId}, RK={entity.PartitionKey}", ex);
return(req.CreateResponse(
statusCode: HttpStatusCode.InternalServerError,
value: "Couldn't retreieve Household"
));
}
var responseDto = new LogInResponseDto()
{
Key = entity.Key,
Configured = userDetails != null,
HouseholdId = entity.HouseholdId,
BelongsToHousehold = userBelongsToHousehold
};
return(req.CreateResponse(HttpStatusCode.OK, responseDto));
}
