private Dictionary <string, string> GetAuthParameters(AuthenticateRequestDTO credentials)
{
var parameters = new Dictionary <string, string>();
parameters["name"] = credentials.Name;
parameters["password"] = credentials.Password;
return(parameters);
}
protected AuthenticateResponseDTO GetToken(AuthenticateRequestDTO credentials)
{
var parameters = GetAuthParameters(credentials);
var contentString = JsonParameters(parameters);
var response = _authClient.PostAsync("/api/user/authenticate", contentString).Result;
response.EnsureSuccessStatusCode();
return(response.Content.ReadAsAsync <AuthenticateResponseDTO>().Result);
}
public IActionResult Authenticate([FromBody] AuthenticateRequestDTO model)
{
// Request for token based on submitted credentials
var resp = _userService.Authenticate(model);
// No user found from service
if (resp == null)
{
return(BadRequest(new { message = "Username or password was incorrect" }));
}
// Checksout, send AuthenticateResponseDTO
return(Ok(resp));
}
public ActionResult <AuthenticateResponseDTO> Authenticate([FromBody] AuthenticateRequestDTO model)
{
var dbUser = _userService.Get(u => u.Name == model.Name).FirstOrDefault();
if (null == dbUser)
{
return(BadRequest(new { error = "User does not exist" }));
}
else if (PasswordManager.GeneratePasshash(dbUser.Salt, model.Password) != dbUser.Passhash)
{
return(BadRequest(new { error = "Email or password is incorrect" }));
}
var userToken = TokenProvider.GenerateToken(dbUser);
return(Ok(new AuthenticateResponseDTO(dbUser, userToken)));
}
public ActionResult <UserDTO> PutUpdatePass(int id, [FromBody] AuthenticateRequestDTO user)
{
var updatedUser = _userService.Get(u => u.Id == id).FirstOrDefault();
if (null == updatedUser)
{
return(NotFound(new { error = "User not found" }));
}
if (updatedUser.Name != User.FindFirst(ClaimTypes.Name).Value)
{
return(BadRequest(new { error = "Cannot update password from another user" }));
}
updatedUser.Salt = PasswordManager.GenerateSalt(updatedUser.Name);
updatedUser.Passhash = PasswordManager.GeneratePasshash(updatedUser.Salt, user.Password);
return(Ok(_mapper.Map <UserDTO>(_userService.Update(updatedUser))));
}
public ActionResult Authenticate([FromBody] AuthenticateRequestDTO request)
{
if (!ModelState.IsValid)
{
return(BadRequest(ModelState));
}
AuthenticateResponseDTO response;
if (_authService.IsAuthenticated(request, out response))
{
return(Ok(response));
}
return(Ok("Invalid request"));
}
/// <summary>
/// TODO: write docs
/// </summary>
/// <param name="model"></param>
/// <returns></returns>
public AuthenticateResponseDTO Authenticate(AuthenticateRequestDTO model) // TODO: Why did I put this DTO here
{
System.Console.WriteLine(_users.Find(x => true).ToList());
var user = _users.Find(u => u.UserName == model.Username && u.Password == model.Password).SingleOrDefault();
// no user was found
if (user == null)
{
return(null);
}
// Authenticate if succesful
var token = generateJwtToken(user);
return(new AuthenticateResponseDTO(user, token));
}
public bool IsAuthenticated(AuthenticateRequestDTO request, out AuthenticateResponseDTO response)
{
response = new AuthenticateResponseDTO();
var user = _userRepository.FindBy(u => u.Rfc == request.Rfc).SingleOrDefault();
if (user == null)
{
throw new Exception("invalid credentials");
}
if (user.Password != request.Password)
{
throw new Exception("invalid credentials");
}
var claims = new[]
{
new Claim(ClaimTypes.Name, user.Rfc),
new Claim(ClaimTypes.NameIdentifier, user.Id.ToString())
};
var key = new SymmetricSecurityKey(Encoding.ASCII.GetBytes("YiQeYPB9qH5Yxb65AkfhS5w9YzJOCnZb"));
var credentials = new SigningCredentials(key, SecurityAlgorithms.HmacSha256);
var now = DateTime.Now;
var expires = DateTime.Now.AddSeconds(Convert.ToDouble(864000));
var jwtToken = new JwtSecurityToken(
issuer: "/konfio",
audience: "konfio",
claims: claims,
expires: expires,
signingCredentials: credentials
);
response.AccessToken = new JwtSecurityTokenHandler().WriteToken(jwtToken);
response.TokenType = JwtBearerDefaults.AuthenticationScheme;
response.ExpiresIn = Convert.ToInt32(jwtToken.Claims.ToList()[2].Value);
response.UserId = user.Id;
return(true);
}
public async Task <AuthenticateResponseDTO> AuthenticationAsync(AuthenticateRequestDTO dto)
{
AuthenticateResponseDTO authenticateResponse = null;
await TryCatchExtension.ExecuteAndHandleErrorAsync(
async() =>
{
var login = await _authenticationManagementRepository
.LoginRepository
.FindAsync <Employee>(x => x.UserName == dto.UserName && x.Password == dto.Password.GetString(), x => x.Employee);
var jwtToken = await GenerateJwtTokenAsync(login, GenerateClaimsIdentity(login.UserName, login.Id));
authenticateResponse = AuthenticateResponseDTO.Create(login.Id, login.UserName, login.Employee.RoleId, jwtToken, true);
},
ex =>
{
_proLogger.Error($"An error occurred while authenticating the user having username: {dto.UserName}. Error: {ex.Message}");
return(false);
});
return(authenticateResponse);
}
public async Task <IActionResult> AuthenticateAsync([FromBody] AuthenticateRequestDTO dto)
{
return(Ok(await _authenticationService.AuthenticationAsync(dto)));
}
