private async Task GenerateToken(HttpContext context)
{
var refreshToken = context.Request.Form["refreshToken"].ToString();
if (string.IsNullOrWhiteSpace(refreshToken))
{
context.Response.StatusCode = 400;
await context.Response.WriteAsync("User must relogin.");
return;
}
var db = context.RequestServices.GetService <ApplicationDbContext>();
var signInManager = context.RequestServices.GetService <SignInManager <ApplicationUser> >();
var userManager = context.RequestServices.GetService <UserManager <ApplicationUser> >();
var refreshTokenModel = db.RefreshTokens
.Include(x => x.User)
.SingleOrDefault(i => i.Token == refreshToken);
if (refreshTokenModel == null)
{
context.Response.StatusCode = 400;
await context.Response.WriteAsync("User must relogin.");
return;
}
if (!await signInManager.CanSignInAsync(refreshTokenModel.User))
{
context.Response.StatusCode = 400;
await context.Response.WriteAsync("User is unable to login.");
return;
}
if (userManager.SupportsUserLockout && await userManager.IsLockedOutAsync(refreshTokenModel.User))
{
context.Response.StatusCode = 400;
await context.Response.WriteAsync("User is locked out.");
return;
}
var user = refreshTokenModel.User;
var token = LoginTokenIssuer.Execute(user, db, refreshTokenModel);
context.Response.ContentType = "application/json";
await context.Response.WriteAsync(JsonConvert.SerializeObject(token, _serializerSettings));
}
private async Task GenerateToken(HttpContext context)
{
try
{
//Get username and Password from Form Request
var username = context.Request.Form["username"].ToString();
var password = context.Request.Form["password"];
var signInManager = context.RequestServices.GetService <SignInManager <ApplicationUser> >();
var userManager = context.RequestServices.GetService <UserManager <ApplicationUser> >();
var result = await signInManager.PasswordSignInAsync(username, password, false, lockoutOnFailure : false);
if (!result.Succeeded)
{
context.Response.StatusCode = 400;
await context.Response.WriteAsync("Invalid username or password.");
return;
}
var user = await userManager.Users.SingleAsync(i => i.Email == username);
var db = context.RequestServices.GetService <ApplicationDbContext>();
var response = LoginTokenIssuer.Execute(user, db);
// Serialize and return the response
context.Response.ContentType = "application/json";
await context.Response.WriteAsync(JsonConvert.SerializeObject(response, _serializerSettings));
}
catch (Exception ex)
{
//TODO log error
//throw new Exception(ex.Message);
throw new AbandonedMutexException(ex.Message);
// Microsoft.IdentityModel.Logging.GetLogger("Login").Error("Erorr logging in", ex);
}
}