public async Task <IActionResult> Login([FromBody] LoginDto applicationUser) { // Trim email, NOT PASSWORD applicationUser.Email = applicationUser.Email.Trim(); if (ModelState.IsValid) { // Get identity RequestMessageResponse errorResponse = new RequestMessageResponse() { Success = false, Message = "" }; ClaimsIdentity identity = await _jwtService.GetClaimsIdentity(applicationUser, errorResponse); if (identity == null) { return(BadRequest(errorResponse)); } // Serialize and return the response var response = new { id = identity.Claims.Single(c => c.Type == "id").Value, access_token = _jwtService.GenerateEncodedToken(applicationUser.Email, identity), expires_in = _jwtService.GetValidForTotalSeconds(), }; // Return result var json = JsonConvert.SerializeObject(response, _serializerSettings); return(new OkObjectResult(json)); } return(BadRequest(new RequestMessageResponse() { Success = false, Message = "Bad request" })); }
public async Task <ClaimsIdentity> GetClaimsIdentity(LoginDto user, RequestMessageResponse errorResponse) { var result = await _signInManager.PasswordSignInAsync(user.Email, user.Password, false, true); if (result.Succeeded) { var appUser = _userManager.Users.SingleOrDefault(r => r.Email == user.Email); var roles = await _userManager.GetRolesAsync(appUser); IList <string> claims = new List <string>(); foreach (var roleName in roles) { if (_roleManager.SupportsRoleClaims) { var role = await _roleManager.FindByNameAsync(roleName); if (role != null) { var roleclaims = await _roleManager.GetClaimsAsync(role); foreach (var item in roleclaims) { if (!claims.Any(x => x == item.Value)) { claims.Add(item.Value); } } } } } // Save Login details #region Save Login Details HttpRequest request = _httpContextAccessor.HttpContext.Request; ConnectionInfo connection = _httpContextAccessor.HttpContext.Connection; string userAgent = "", remoteIpAddress = "", localIpAddress = "", languages = ""; if (request.Headers.ContainsKey(HeaderNames.UserAgent)) { userAgent = request.Headers[HeaderNames.UserAgent].ToString(); } if (request.Headers.ContainsKey(HeaderNames.AcceptLanguage)) { languages = request.Headers[HeaderNames.AcceptLanguage].ToString(); } remoteIpAddress = connection.RemoteIpAddress?.ToString(); localIpAddress = connection.LocalIpAddress?.ToString(); ApplicationUserLogin userLogin = new ApplicationUserLogin() { UserAgent = userAgent, AcceptLanguage = languages, RemoteIpAddress = remoteIpAddress, LocalIpAddress = localIpAddress, CreatedOnUtc = DateTime.UtcNow, User = appUser, }; await _userService.SaveUserLoginDetailsAsync(userLogin); #endregion return(await Task.FromResult <ClaimsIdentity>(GenerateClaimsIdentity(appUser.Email, appUser.Id, appUser.EmailConfirmed, roles, claims))); } else { // Check error message string errorMessage = ""; var appUser = _userManager.Users.SingleOrDefault(r => r.Email == user.Email); if (appUser == null) { errorMessage = "Invalid credentials"; } else { if (!await _userManager.IsEmailConfirmedAsync(appUser)) { errorMessage = "Email is not confirmed"; } else if (await _userManager.IsLockedOutAsync(appUser)) { errorMessage = "Account locked out till:" + appUser.LockoutEnd.Value.ToLocalTime(); } else if (!await _userManager.CheckPasswordAsync(appUser, user.Password)) { errorMessage = "Invalid credentials"; } } // Set error message errorResponse.Message = errorMessage; } return(await Task.FromResult <ClaimsIdentity>(null)); }
public async Task <IActionResult> FacebookAuthentication([FromBody] FacebookAuthDto model) { // Validate model if (!ModelState.IsValid) { return(BadRequest(new RequestMessageResponse() { Success = false, Message = "Bad request." })); } // Generate an app access token var appAccessTokenResponse = await Client.GetStringAsync($"https://graph.facebook.com/oauth/access_token?client_id={_fbAuthSettings.AppId}&client_secret={_fbAuthSettings.AppSecret}&grant_type=client_credentials"); var appAccessToken = JsonConvert.DeserializeObject <FacebookAppAccessToken>(appAccessTokenResponse); // Validate the user access token var userAccessTokenValidationResponse = await Client.GetStringAsync($"https://graph.facebook.com/debug_token?input_token={model.AccessToken}&access_token={appAccessToken.AccessToken}"); var userAccessTokenValidation = JsonConvert.DeserializeObject <FacebookUserAccessTokenValidation>(userAccessTokenValidationResponse); // Invalid user token if (!userAccessTokenValidation.Data.IsValid) { return(BadRequest(new RequestMessageResponse() { Success = false, Message = "Invalid facebook token" })); } // Request data from Facebook var userInfoResponse = await Client.GetStringAsync($"https://graph.facebook.com/v2.8/me?fields=id,email,first_name,last_name,name,gender,locale,birthday,picture.type(large)&access_token={model.AccessToken}"); var userInfo = JsonConvert.DeserializeObject <FacebookUserData>(userInfoResponse); // Search for user var user = await _userManager.FindByEmailAsync(userInfo.Email); // User don't exist #region Register if (user == null) { // Create user model var appUser = new ApplicationUser { Firstname = userInfo.FirstName, Lastname = userInfo.LastName, CreatedOnUtc = DateTime.UtcNow, EmailConfirmed = true, Email = userInfo.Email, UserName = userInfo.Email, FacebookId = userInfo.Id, PictureUrl = userInfo.Picture.Data.Url }; appUser.SetGender(userInfo.Gender); // Register user var resultCreatedAccount = await _userManager.CreateAsync(appUser, Convert.ToBase64String(Guid.NewGuid().ToByteArray()).Substring(0, 8)); var resultCreatedRole = await _userManager.AddToRoleAsync(appUser, RoleConstants._USER); // If error, return message if (!resultCreatedAccount.Succeeded) { String errorMessage = ""; if (resultCreatedAccount.Errors.Any(c => c.Code.ToLower().Contains("duplicate"))) { errorMessage = "Email is already exists"; } else { errorMessage = resultCreatedAccount.Errors.ToString(); } return(BadRequest(new RequestMessageResponse() { Success = false, Message = errorMessage })); } // Continue to login user = appUser; // Create a storage folder for user System.IO.Directory.CreateDirectory(String.Format(FilePathConstants.PUBLIC_USERS_FILES, user.Id)); } #endregion // If facebook data is not completed bool saveNewData = false; // No Facebook Id if (user.FacebookId == null) { user.FacebookId = userInfo.Id; saveNewData = true; } // No Picture Url if (user.PictureUrl == null) { user.PictureUrl = userInfo.Picture.Data.Url; saveNewData = true; } // If data modified, save ot Db if (saveNewData) { await _userService.UpdateUser(user); } // User exists, generate token #region Login // Get identity RequestMessageResponse errorResponse = new RequestMessageResponse() { Success = false, Message = "" }; ClaimsIdentity identity = await _jwtService.GetClaimsIdentityForExternal(user, errorResponse); if (identity == null) { return(BadRequest(errorResponse)); } // Serialize and return the response var response = new { id = identity.Claims.Single(c => c.Type == "id").Value, access_token = _jwtService.GenerateEncodedToken(user.Email, identity), expires_in = _jwtService.GetValidForTotalSeconds() }; // Return result var json = JsonConvert.SerializeObject(response, _serializerSettings); return(new OkObjectResult(json)); #endregion }
public async Task <ClaimsIdentity> GetClaimsIdentityForExternal(ApplicationUser appUser, RequestMessageResponse errorResponse) { // If email is not confirmed, CONFIRM IT if (!await _userManager.IsEmailConfirmedAsync(appUser)) { // Confirm email appUser.EmailConfirmed = true; await _userService.UpdateUser(appUser); } // Account lock out if (await _userManager.IsLockedOutAsync(appUser)) { // Set error message errorResponse.Message = "Account locked out till:" + appUser.LockoutEnd.Value.ToLocalTime(); return(await Task.FromResult <ClaimsIdentity>(null)); } // All good from here // Get roles var roles = await _userManager.GetRolesAsync(appUser); IList <string> claims = new List <string>(); foreach (var roleName in roles) { if (_roleManager.SupportsRoleClaims) { var role = await _roleManager.FindByNameAsync(roleName); if (role != null) { var roleclaims = await _roleManager.GetClaimsAsync(role); foreach (var item in roleclaims) { if (!claims.Any(x => x == item.Value)) { claims.Add(item.Value); } } } } } // Save Login details #region Save Login Details HttpRequest request = _httpContextAccessor.HttpContext.Request; ConnectionInfo connection = _httpContextAccessor.HttpContext.Connection; string userAgent = "", remoteIpAddress = "", localIpAddress = "", languages = ""; if (request.Headers.ContainsKey(HeaderNames.UserAgent)) { userAgent = request.Headers[HeaderNames.UserAgent].ToString(); } if (request.Headers.ContainsKey(HeaderNames.AcceptLanguage)) { languages = request.Headers[HeaderNames.AcceptLanguage].ToString(); } remoteIpAddress = connection.RemoteIpAddress?.ToString(); localIpAddress = connection.LocalIpAddress?.ToString(); ApplicationUserLogin userLogin = new ApplicationUserLogin() { UserAgent = userAgent, AcceptLanguage = languages, RemoteIpAddress = remoteIpAddress, LocalIpAddress = localIpAddress, CreatedOnUtc = DateTime.UtcNow, User = appUser }; await _userService.SaveUserLoginDetailsAsync(userLogin); #endregion return(await Task.FromResult <ClaimsIdentity>(GenerateClaimsIdentity(appUser.Email, appUser.Id, appUser.EmailConfirmed, roles, claims))); }