public async Task <IActionResult> LoginUser([FromBody] Login body) { // email should always be lower case var lowerEmail = body.Email.ToLower(); // Establish database connection await Db.Connection.OpenAsync(); UserQuerry loginUser = new UserQuerry(Db); User user = await loginUser.GetUserByEmail(lowerEmail); LoginsessionQuerry sessions = new LoginsessionQuerry(Db); if (user != null) { if (user.Verified == "true") { if (BCryptHelper.CheckPassword(body.Password, user.Password)) //body.Password has to be hashed with { // generate authentication token (create global unique identifier and base64 encode it) string generatedToken = Helpers.SecureRandomNumber(); // check if there is a session // delete rows with that user_id // insert new one Loginsession session = await sessions.FindOneByUserId(user.Id); if (session != null) { await session.DeleteAsync(); } sessions.InsertLoginTable(user.Id, generatedToken); Db.Dispose(); return(new OkObjectResult(generatedToken)); } else { Db.Dispose(); return(new UnauthorizedObjectResult("Login incorrect")); } } else { Db.Dispose(); return(new StatusCodeResult(412)); } } // return error code if above fails Db.Dispose(); return(new BadRequestObjectResult("User not found")); }
public async Task <User> CheckAuth(string token) { LoginsessionQuerry logins = new LoginsessionQuerry(Db); Loginsession login = await logins.GetUserIdByToken(token); if (login != null) { UserQuerry users = new UserQuerry(Db); User user = await users.FindOneAsync(login.user_id); return(user); } return(null); }
public async Task <IActionResult> LogoutGet([FromHeader][Required()] string token) { // check if user is logged in await Db.Connection.OpenAsync(); AuthenticationHandler auth = new AuthenticationHandler(Db); var authToken = auth.CheckAuth(token); if (authToken.Result != null) { // if user is logged in // End that session LoginsessionQuerry sessions = new LoginsessionQuerry(Db); Loginsession session = await sessions.FindOneByUserId(authToken.Result.Id); await session.DeleteAsync(); Db.Dispose(); return(StatusCode(200)); } Db.Dispose(); return(StatusCode(500)); }