public virtual async Task <object> AuthenticateUserAsync([FromBody] Login login)
{
if (ModelState.IsValid)
{
var result = await _service.AuthenticateUserAsync(login.UserName, login.Password);
if (result)
{
var token = await _tokenProvider.GenerateToken(login.UserName, login.Password);
var user = await _userService.GetUserByUsername(login.UserName);
var permissions = await _permissionService.GetPermissionByRolesAsync(user.Roles.Select(r => r.ID));
var fRole = user.Roles.OrderBy(r => r.CreatedDate).FirstOrDefault();
var tResult = new
{
User = new
{
ID = user.ID,
FullName = user.FirstName + ' ' + user.LastName,
Username = user.Username,
Email = user.Email,
RowGuid = user.RowGuid,
RoleID = fRole.ID,
Role = fRole.Name,
RoleCode = fRole.RoleCode,
Roles = user.Roles,
//Agent Rule: if user has single role(Agent)
IsAgent = (new List <string> {
"IPA", "PIPA"
}).Contains(fRole.RoleCode)
},
Token = token,
Permissions = permissions?.Select(p => p?.Name).Distinct()
};
//last login
user.LastLogin = System.DateTime.UtcNow;
await _userService.UpdateAsync(user);
//log UserLogin
if (login.ClientInfo != null)
{
try
{
login.ClientInfo.UserID = user.ID;
await _userLoginService.CreateAsync(login.ClientInfo);
}
catch (Exception ex)
{
_logger.Log(PDX.Logging.Models.LogType.Warning, ex);
}
}
return(tResult);
}
}
return(null);
}
/// <summary>
/// 登陆接口
/// </summary>
/// <param name="loginCode"></param>
/// <param name="tokenOptions"></param>
/// <returns></returns>
public Result <LoginOutput> Login(string weChatOpenId, TokenProvider tokenOptions)
{
//Questions();
//_unitOfWork.SaveChanges();
if (_user.Any(u => u.WeChatOpenId == weChatOpenId))//如果用户存在
{
User userInfo = _user.FirstOrDefault(u => u.WeChatOpenId == weChatOpenId);
if (string.IsNullOrEmpty(userInfo.UserName) ||
string.IsNullOrEmpty(userInfo.PhoneNumber) || string.IsNullOrEmpty(userInfo.Department))
{ //资料不完善,返回false让用户完善信息
return(Result <LoginOutput> .Success(new LoginOutput
{
UserName = userInfo.UserName,
Token = tokenOptions.GenerateToken(userInfo.Id.ToString()).access_token,
Perfect = false,
PhoneNumber = userInfo.PhoneNumber,
Dempartment = userInfo.Department
}));
}
else
{
return(Result <LoginOutput> .Success(new LoginOutput
{
UserName = userInfo.UserName,
Token = tokenOptions.GenerateToken(userInfo.Id.ToString()).access_token,
Perfect = true,
PhoneNumber = userInfo.PhoneNumber,
Dempartment = userInfo.Department
}));;
}
}
else //用户不存在创建用户(相当于注册),返回false让用户完善信息
{
_user.Insert(new User()
{
WeChatOpenId = weChatOpenId
});
_unitOfWork.SaveChanges();
string userId = (_user.FirstOrDefault(u => u.WeChatOpenId == weChatOpenId)).Id.ToString();
return(Result <LoginOutput> .Success(new LoginOutput
{
UserName = null,
Token = tokenOptions.GenerateToken(userId).access_token,
Perfect = false,
PhoneNumber = null,
Dempartment = null
}));
}
}
public IHttpActionResult Authenticate([FromBody] LoginRequest request)
{
var response = new Response();
var user = userRepo.Get(request.Username);
if (user != null)
{
MD5 md5Hash = MD5.Create();
string hash = PasswordManager.GetMd5Hash(md5Hash, request.Password);
if (PasswordManager.VerifyMd5Hash(md5Hash, request.Password, hash))
{
var token = TokenProvider.GenerateToken(request.Username);
return(Ok(new Response
{
Data = token,
Message = "Login successful",
Status = true
}));
}
}
return(Ok(new Response {
Data = null,
Message = "Invalid credentials",
Status = false
}));
}
public LoginResponseModel Login(string userName, string password)
{
LoginResponseModel responseModel = new LoginResponseModel();
try
{
using (JWTSampleDbContext dbContext = new JWTSampleDbContext())
{
//Check user exists in db
var appUser = dbContext.ApplicationUser.Where(a => a.Username == userName && a.Password == password).FirstOrDefault();
if (appUser != null)
{
//Generate token
responseModel.Token = TokenProvider.GenerateToken(appUser);
UserInfo userInfo = new UserInfo();
userInfo.UserId = appUser.UserId;
userInfo.UserName = appUser.Username;
userInfo.Email = appUser.Password;
responseModel.User = userInfo;
}
}
return(responseModel);
}
catch (Exception ex)
{
throw new Exception("Invalid Login");
}
}
public async Task <IActionResult> Login([FromForm] ApiLoginModel model)
{
var result = await _signInManager.PasswordSignInAsync(model.Name, model.Pwd, true, false);
if (result.Succeeded)
{
var signingKey = new SymmetricSecurityKey(Encoding.UTF8.GetBytes(_settings.Value.SecretKey));
var options = new TokenProviderOptions()
{
Issuer = "EntityAbstract",
Audience = "EntityAbstractAudience",
SigningCredentials = new SigningCredentials(signingKey, SecurityAlgorithms.HmacSha256)
};
var tpm = new TokenProvider(options);
var token = await tpm.GenerateToken(model.Name, model.Pwd);
var user = await _userManager.FindByNameAsync(model.Name);
return(token != null ? (IActionResult)Json(token) : BadRequest());
}
if (result.IsLockedOut)
{
return(BadRequest("Lockout"));
}
else
{
return(BadRequest("Invalid login attempt"));
}
}
/// <summary>
/// This method will store the credit card and return a token that can be used outside the billing system
/// </summary>
/// <param name="billingAccountId"></param>
/// <param name="creditCard"></param>
/// <param name="expirationDate"></param>
/// <returns></returns>
public string StoreCreditCard(int billingAccountId, string creditCard, int expirationMonth, int expirationYear)
{
CreditCardPaymentValidator.Validate(billingAccountId.ToString(), creditCard, expirationMonth, expirationYear);
//Method name must be business specific.
//Create a tokenNumber for the end user.
var tokenNumber = TokenProvider.GenerateToken();
//Store Billing account and token.
//I could put the rest on the queue for processing because I can't do anything else
//Then the other process will update DC and get the PEC and handle failures.
//That would give me autmatice retry. Would need to encrypt CC# for that.
//Get the PEC from the billing providere
var pec = PaymentGateway.StoreCreditCardAtTokenProviders(creditCard, expirationMonth, expirationYear);
//Need to expect a specific exception and catch and handle it.
//What do I do if the payment gateway is down.
//Store both the tokenNumber the PEC in the billing system
//BillingGateway.CreateCreditCardBillingPaymentMethod(billingAccountId, pec, tokenNumber);
//Now that I have a pec save it to the db with a new tokenNumber
DataFacade.CreateToken(new Token(pec, tokenNumber));
return(tokenNumber);
}
public IActionResult Post(string username, string password)
{
if (username != null && password != null)
{
if (true)
{
return(new ObjectResult(token.GenerateToken(username)));
}
}
//Si llega hasta aqui, algo salio mal...
return(BadRequest());
}
public JsonResult Login(LoginForm login)
{
using (SoHoaEntities db = new SoHoaEntities())
{
S_Users user = db.S_Users.SingleOrDefault(x => x.UserName == login.Username);
if (user != null)
{
string passwordSalt = user.PasswordSalt;
string passwordInput = AuthenticationHelper.GetMd5Hash(passwordSalt + login.Password);
string passwordUser = user.Password;
if (passwordInput.Equals(passwordUser))
{
TokenProvider tokenProvider = new TokenProvider();
TokenIdentity token = tokenProvider.GenerateToken(login.Username,
Request.Headers["User-Agent"].ToString(),
HttpContext.Request.UserHostAddress, Guid.NewGuid().ToString(),
DateTime.Now.AddHours(7).Ticks);
token.SetAuthenticationType("Custom");
token.SetIsAuthenticated(true);
db.AccessTokens.Add(new AccessToken()
{
Token = token.Token,
EffectiveTime = new DateTime(token.EffectiveTime),
ExpiresIn = token.ExpiresTime,
IP = token.IP,
UserAgent = token.UserAgent,
UserName = token.Name
});
db.SaveChanges();
return(Json(
new
{
Token = token,
Profile = new
{
Username = token.UserName,
FullName = user.UserName,
},
User = new
{
UserName = user.UserName,
UserId = user.UserID
}
}));
}
}
}
return(Json("Login failed!"));
}
public IHttpActionResult Login(LoginForm loginForm)
{
using (ApplicationDbContext db = new ApplicationDbContext())
{
Users user = db.Users.Include(x => x.LoaiTaiKhoan).SingleOrDefault(x => x.UserName == loginForm.Username);
if (user != null)
{
string passwordSalt = user.PasswordSalt;
string passwordInput = AuthenticationHelper.GetMd5Hash(passwordSalt + loginForm.Password);
string passwordUser = user.Password;
if (String.Equals(passwordInput, passwordUser, StringComparison.InvariantCulture) && user.Active == true)
{
TokenProvider tokenProvider = new TokenProvider();
TokenIdentity token = tokenProvider.GenerateToken(user.UserId, loginForm.Username,
Request.Headers.UserAgent.ToString(),
"", Guid.NewGuid().ToString(),
DateTime.Now.Ticks);
token.SetAuthenticationType("Custom");
token.SetIsAuthenticated(true);
db.AccessTokens.Add(new AccessTokens()
{
Token = token.Token,
EffectiveTime = new DateTime(token.EffectiveTime),
ExpiresIn = token.ExpiresTime,
IP = token.IP,
UserAgent = token.UserAgent,
UserName = token.Name
});
db.SaveChanges();
return(Ok(
new
{
AccessToken = token,
Profile = new
{
UserId = user.UserId,
Username = user.UserName,
Email = user.Email,
LoaiTaiKhoanID = user.LoaiTaiKhoanID,
LoaiTaiKhoan = user.LoaiTaiKhoan.TenLoai,
CoSoID = user.CoSoID
}
}));
}
}
return(Ok("Login failed!"));
}
}
public ActionResult <AuthenticateResponseDTO> Authenticate([FromBody] AuthenticateRequestDTO model)
{
var dbUser = _userService.Get(u => u.Name == model.Name).FirstOrDefault();
if (null == dbUser)
{
return(BadRequest(new { error = "User does not exist" }));
}
else if (PasswordManager.GeneratePasshash(dbUser.Salt, model.Password) != dbUser.Passhash)
{
return(BadRequest(new { error = "Email or password is incorrect" }));
}
var userToken = TokenProvider.GenerateToken(dbUser);
return(Ok(new AuthenticateResponseDTO(dbUser, userToken)));
}
public async Task <User> Authorize(AuthenticationModel model)
{
var user = await _context.Users.FirstOrDefaultAsync(x => x.Username == model.Username && x.Password == model.Password);
if (user != null)
{
user.Token = TokenProvider.GenerateToken(user.Username, user.Id.ToString());
user.LastLogin = DateTime.UtcNow;
_context.Entry(await _context.Users.FirstOrDefaultAsync(x => x.Id == user.Id)).CurrentValues.SetValues(user);
await _context.SaveChangesAsync();
return(user);
}
else
{
return(null);
}
}
public ActionResult <dynamic> GetByEmail(string email)
{
if (string.IsNullOrEmpty(email) || !email.IsValidEmail())
{
return(BadRequest(new { Error = "Email invalido!" }));
}
var user = _repository.GetByEmail(email);
if (user == null)
{
return(Ok());
}
var token = TokenProvider.GenerateToken(_mapper.Map <UserDTO>(user));
try
{
var absoluteUri = string.Concat(
Request.Scheme,
"://",
Request.Host.ToUriComponent(),
Request.PathBase.ToUriComponent(),
Request.Path.ToUriComponent()
);
var endPointHome = absoluteUri.Replace("api/user/recovery", "");
var endPointPassword = endPointHome + "#alterarSenha/" + Helpers.Base64Encode(token);
var templates = Helpers.GetTemplete("EmailRecovery.html").Replace("END_POINT", endPointPassword).Replace("SITE_HOME", endPointHome);
Helpers.SendEmail(email, "Sistema - Recuperação de Senha", templates, null);
}
catch (Exception ex)
{
_logger.LogError(ex.StackTrace);
}
return(Ok());
}
public IActionResult Get(string grant_type, string appid, string secret)
{
CommonResult result = new CommonResult();
if (!grant_type.Equals(GrantType.ClientCredentials))
{
result.ErrCode = "40003";
result.ErrMsg = ErrCode.err40003;
return(ToJsonContent(result));
}
else if (string.IsNullOrEmpty(grant_type))
{
result.ErrCode = "40003";
result.ErrMsg = ErrCode.err40003;
return(ToJsonContent(result));
}
string strHost = Request.Host.ToString();
APP app = _iAPPService.GetAPP(appid, secret);
if (app == null)
{
result.ErrCode = "40001";
result.ErrMsg = ErrCode.err40001;
}
else
{
if (!app.RequestUrl.Contains(strHost) || !strHost.Contains("localhost"))
{
result.ErrCode = "40002";
result.ErrMsg = ErrCode.err40002 + ",你当前请求主机:" + strHost;
}
else
{
TokenProvider tokenProvider = new TokenProvider(_jwtModel);
TokenResult tokenResult = tokenProvider.GenerateToken(grant_type, appid, secret);
result.ResData = tokenResult;
result.ErrCode = "0";
return(ToJsonContent(result));
}
}
return(ToJsonContent(result));
}
public async Task <User> Authenticate(Authentication model)
{
var user = await _context.Users.FirstOrDefaultAsync(x => x.Username == model.Username && x.Password == model.Password);
if (user != null)
{
user.Token = TokenProvider.GenerateToken(user.Username, user.Id.ToString());
user.TokenExpireTime = DateTime.UtcNow.AddMinutes(20);
user.LastLogin = DateTime.UtcNow;
var task = Task.Run(() => _context.Entry(_context.Users.FirstOrDefault(x => x.Id == user.Id)).CurrentValues.SetValues(user));
await task.ContinueWith(task => _context.SaveChangesAsync());
return(user);
}
else
{
return(null);
}
}
public async Task <IActionResult> Login(string username, string password, string role)
{
var signingKey = new SymmetricSecurityKey(Encoding.UTF8.GetBytes("ThisIsASecretKeyForAspNetCoreAPIToken"));
var options = new TokenProviderOptions
{
Audience = "audience",
Issuer = "issuer",
Credentials = new SigningCredentials(signingKey, SecurityAlgorithms.HmacSha256)
};
var tpm = new TokenProvider(options);
var token = await tpm.GenerateToken(HttpContext, username, password, role);
if (null != token)
{
return(new JsonResult(token));
}
else
{
return(NotFound());
}
}
public async Task <IActionResult> Login([FromBody] LoginAPIModel loginModel)
{
Microsoft.AspNetCore.Identity.SignInResult result = await _signInManager.PasswordSignInAsync(
loginModel.UserID, loginModel.Password, true, lockoutOnFailure : false);
if (result.Succeeded)
{
_logger.LogInformation(1, "User logged in.");
var signingKey = new SymmetricSecurityKey(Encoding.UTF8.GetBytes(_settings.Value.SecretKey));
var options = new TokenProviderOptions
{
Audience = "MuscleFellowAudience",
Issuer = "MuscleFellow",
SigningCredentials = new SigningCredentials(signingKey, SecurityAlgorithms.HmacSha256),
};
TokenProvider tpm = new TokenProvider(options);
TokenEntity token = await tpm.GenerateToken(HttpContext, loginModel.UserID, loginModel.Password);
if (null != token)
{
return(new JsonResult(token));
}
else
{
return(NotFound());
}
}
if (result.IsLockedOut)
{
_logger.LogWarning(2, "User account locked out.");
return(Ok("Lockout"));
}
else
{
_logger.LogWarning(2, "Invalid login attempt.");
return(Ok("Invalid login attempt."));
}
}
public async Task <IActionResult> Login([FromBody] LoginViewModel model)
{
if (ModelState.IsValid)
{
AppUser user = await _userManager.FindByEmailAsync(model.Email);
Identity.SignInResult result = await _signInManager.PasswordSignInAsync(user.UserName, model.Password, model.RememberMe, false);
if (result == Identity.SignInResult.Success)
{
string _token = tokenProvider.GenerateToken(user);
if (_token != null)
{
//Save token in session object
HttpContext.Response.Cookies.Append("JWToken", _token);
HttpContext.Session.SetString("JWToken", _token);
}
return(StatusCode(StatusCodes.Status200OK, _token));
}
}
return(StatusCode(StatusCodes.Status500InternalServerError, "Invalid user"));
}
public ActionResult <dynamic> Authenticate([FromBody] LoginDTO model)
{
if (!ModelState.IsValid)
{
return(BadRequest(ModelState));
}
var user = _repository.GetByNameAndPassword(model.Login, model.Password);
if (user == null)
{
return(Unauthorized(new { Error = "Invalid user!" }));
}
var token = TokenProvider.GenerateToken(_mapper.Map <UserDTO>(user));
return(new
{
User = user.Login,
token
});
}
public async Task <User> Login(LoginModel obj)
{
var userList = await Task.Run(() => _context.User.ToList()); //(u => u.UserName == obj.Username && u.Password == obj.Password);
User user = null;
foreach (var item in userList)
{
if (item.UserName == obj.Username && item.Password == obj.Password)
{
user = item;
}
}
if (user != null)
{
user.Token = TokenProvider.GenerateToken(user);
user.Role = new Role()
{
RoleName = "admin", Id = 1
};
return(user);
}
return(null);
}
public async Task <IActionResult> RefreshToken(string token)
{
CommonResult result = new CommonResult();
TokenProvider tokenProvider = new TokenProvider(_jwtModel);
if (!string.IsNullOrEmpty(token))
{
JwtSecurityToken jwtToken = new JwtSecurityTokenHandler().ReadJwtToken(token);
#if DEBUG
Log4NetHelper.Debug(jwtToken.ToJson());
#endif
if (jwtToken != null)
{
//根据应用获取token
if (jwtToken.Subject == GrantType.ClientCredentials)
{
TokenResult tresult = new TokenResult();
var claimlist = jwtToken?.Payload.Claims as List <Claim>;
string strHost = Request.Host.ToString();
APP app = _iAPPService.GetAPP(claimlist[0].Value);
if (app == null)
{
result.ErrCode = "40001";
result.ErrMsg = ErrCode.err40001;
}
else
{
if (!app.RequestUrl.Contains(strHost) && !strHost.Contains("localhost"))
{
result.ErrCode = "40002";
result.ErrMsg = ErrCode.err40002 + ",你当前请求主机:" + strHost;
}
else
{
TokenResult tokenResult = tokenProvider.GenerateToken(GrantType.ClientCredentials, app.AppId, app.AppSecret);
result.ResData = tokenResult;
result.ErrCode = "0";
result.Success = true;
}
}
}
// 用户账号密码登录获取token类型
if (jwtToken.Subject == GrantType.Password)
{
var claimlist = jwtToken?.Payload.Claims as List <Claim>;
User user = await userService.GetByUserName(claimlist[2].Value);
TokenResult tokenResult = tokenProvider.LoginToken(user, claimlist[0].Value);
result.ResData = tokenResult;
result.ErrCode = "0";
result.Success = true;
}
}
else
{
result.ErrMsg = ErrCode.err40004;
result.ErrCode = "40004";
}
}
else
{
result.ErrMsg = ErrCode.err40004;
result.ErrCode = "40004";
}
return(ToJsonContent(result));
}
