private async Task <UserData> AuthenticateAsync_GetUser(Users.AuthVM value)
{
try
{
// HASH THE PASSWORD
var cryptService = this.GetService <Helpers.Crypt>();
var passwordHash = cryptService.Encrypt(value.Password);
// LOCATE USER
var user = await this.dbContext.Users
.Where(x =>
x.RowStatus != (short)Base.enRowStatus.Removed &&
x.UserName == value.UserName &&
x.PasswordHash == passwordHash)
.FirstOrDefaultAsync();
return(user);
}
catch (Exception) { throw; }
}
public async Task <ActionResult <Users.TokenVM> > AuthenticateAsync([FromBody] Users.AuthVM value)
{
var service = this.GetService <UsersService>();
return(await service.AuthenticateAsync(value));
}
public async Task <ActionResult <Users.TokenVM> > AuthenticateAsync(Users.AuthVM value)
{
try
{
// LOCATE USER
UserData user = null;
if (value.GrantType == "password")
{
user = await this.AuthenticateAsync_GetUser(value);
if (user == null)
{
return(this.InformationResponse("USERS_USER_NOT_FOUND_WARNING"));
}
}
else if (value.GrantType == "refresh_token")
{
user = await this.AuthenticateAsync_GetUser(value.RefreshToken);
if (user == null)
{
return(this.InformationResponse("USERS_TOKEN_HAS_EXPIRED_WARNING"));
}
}
var result = new Users.TokenVM {
UserID = user.UserID
};
// CHECK ACTIVATION
if (user.RowStatus == (short)Base.enRowStatus.Temporary)
{
this.TrackEvent("User not yet Activated", $"userName:{user.UserName}");
await this.SendActivationMailAsync(user.UserID);
return(this.InformationResponse("USERS_USER_NOT_ACTIVATED_WARNING", "USERS_ACTIVATION_INSTRUCTIONS_WAS_SENT_MESSAGE"));
}
// GENERATE IDENTITY
var roleList = await this.AuthenticateAsync_GetRoles(user.UserID, user.SelectedResourceID);
var claimsList = new List <Claim> {
new Claim(ClaimTypes.NameIdentifier, user.UserID),
new Claim(ClaimTypes.Name, user.UserName),
new Claim(ClaimTypes.GivenName, user.Text),
new Claim(ClaimTypes.System, user.SelectedResourceID)
};
foreach (var role in roleList)
{
claimsList.Add(new Claim(ClaimTypes.Role, role));
}
var claimsIdentity = new ClaimsIdentity(
new GenericIdentity(user.UserID, "Login"),
claimsList.ToArray()
);
// CREATE TOKEN
var tokenConfig = this.GetService <Helpers.Token>();
var securityToken = new SecurityTokenDescriptor
{
Issuer = tokenConfig.Configs.Issuer,
Audience = tokenConfig.Configs.Audience,
SigningCredentials = tokenConfig.SigningCredentials,
Subject = claimsIdentity,
NotBefore = DateTime.UtcNow,
Expires = DateTime.UtcNow.AddSeconds(tokenConfig.Configs.AccessExpirationInSeconds)
};
var tokenHandler = new JwtSecurityTokenHandler();
var token = tokenHandler.CreateToken(securityToken);
result.AccessToken = tokenHandler.WriteToken(token);
// REFRESH TOKEN
result.RefreshToken = await this.AuthenticateAsync_GetRefreshToken(user.UserID, tokenConfig.Configs.RefreshExpirationInSeconds);
return(this.OkResponse(result));
}
catch (Exception ex) { return(this.ExceptionResponse(ex)); }
}
