public async Task <IActionResult> Post([FromBody] CredentialViewModel credentials) { if (!ModelState.IsValid) { return(BadRequest(ModelState)); } var user = await GetUser(credentials.UserName, credentials.Password); if (user == null) { return(BadRequest(Errors.AddErrorToModelState("login failure", "Invalid username or password", ModelState))); } if (!await userManager.IsEmailConfirmedAsync(user)) { return(BadRequest(Errors.AddErrorToModelState("login failure", "You haven't confirm your email", ModelState))); } var identity = GetClaimsIdentity(user); var jwt = await Tokens.GenerateJwt(identity, jwtFactory, credentials.UserName, jwtOptions, new JsonSerializerSettings { Formatting = Formatting.Indented }); return(new OkObjectResult(jwt)); }
public async Task <IActionResult> Edit(string email, string newEmail, string username) { if (!ModelState.IsValid) { return(BadRequest(ModelState)); } var user = await _userManager.FindByEmailAsync(email); if (user == null) { return(BadRequest(Errors.AddErrorToModelState("user_search_failure", "Could not find user in database.", ModelState))); } if (user.alias != username) { user.alias = username; } if (user.Email != newEmail || user.UserName != newEmail) { user.Email = newEmail; user.UserName = newEmail; } await _userManager.UpdateAsync(user); return(new OkObjectResult("User profile updated")); }
public async Task <IActionResult> Post([FromBody] CredentialsViewModel credentials) { if (!ModelState.IsValid) { return(BadRequest(ModelState)); } var identity = await GetClaimsIdentity(credentials.UserName, credentials.Password); if (identity == null) { return(BadRequest(Errors.AddErrorToModelState("login_failure", "Invalid username or password.", ModelState))); } var jwt = await Tokens.GenerateJwt( identity, _jwtFactory, credentials.UserName, string.Empty, string.Empty, false, false, _jwtOptions, new JsonSerializerSettings { Formatting = Formatting.Indented } ); return(new OkObjectResult(jwt)); }
//[ValidateAntiForgeryToken] public async Task <IActionResult> ChangePassword([FromBody] ChangePasswordViewModel model) { // await _antiforgery.ValidateRequestAsync(_contextAccessor.HttpContext); if (!ModelState.IsValid) { return(BadRequest(Errors.AddErrorToModelState("", "", ModelState))); } var user = await GetCurrentUserAsync(); if (user != null) { var result = await _userManager.ChangePasswordAsync(user, model.OldPassword, model.NewPassword); if (result.Succeeded) { await _signInManager.SignInAsync(user, isPersistent : false); _logger.LogInformation(3, "User changed their password successfully."); return(new OkObjectResult(ManageMessageId.ChangePasswordSuccess)); } AddErrors(result); return(BadRequest(Errors.AddErrorToModelState("", "", ModelState))); } AddErrors(new IdentityResult()); return(BadRequest(Errors.AddErrorToModelState("", "No user found.", ModelState))); }
public async Task <IActionResult> Password([FromBody] PasswordViewModel model) { if (!ModelState.IsValid) { return(BadRequest(ModelState)); } var user = await _userManager.FindByEmailAsync(model.Email); if (user == null) { return(BadRequest(Errors.AddErrorToModelState("user_search_failure", "Could not find user in database.", ModelState))); } if (await _userManager.CheckPasswordAsync(user, model.OldPassword)) { if (model.OldPassword == model.NewPassword) { return(BadRequest(Errors.AddErrorToModelState("user_search_failure", "New password cannot match old password", ModelState))); } await _userManager.ChangePasswordAsync(user, model.OldPassword, model.NewPassword); await _appDbContext.SaveChangesAsync(); return(new OkObjectResult("Password Updated")); } else { return(BadRequest(Errors.AddErrorToModelState("user_search_failure", "Old password is invalid", ModelState))); } }
public async Task <IActionResult> SignIn([FromBody] SignInViewModel credentials) { if (!ModelState.IsValid) { return(BadRequest(ModelState)); } var identity = await GetClaimsIdentity(credentials.UserName, credentials.Password); if (identity == null) { return(BadRequest(Errors.AddErrorToModelState("login_failure", "Invalid username or password.", ModelState))); } // Serialize and return the response var response = new { id = identity.Claims.Single(c => c.Type == "id").Value, auth_token = await _jwtFactory.GenerateEncodedToken(credentials.UserName, identity), expires_in = (int)_jwtOptions.ValidFor.TotalSeconds }; var json = JsonConvert.SerializeObject(response, _serializerSettings); return(new OkObjectResult(json)); }
public async Task <IActionResult> Post([FromBody] CredentialsViewModel credentials) { if (!ModelState.IsValid) { return(BadRequest(Errors.AddErrorToModelState("login_failure", "Incorrect data transferred.", ModelState))); } var authService = new AuthService(_userManager, _jwtFactory); var userFirstName = await _userManager.FindByNameAsync(credentials.UserName); var identity = await authService.GetClaimsIdentity(credentials.UserName, credentials.Password); if (identity == null) { return(BadRequest(Errors.AddErrorToModelState("login_failure", "Invalid username or password.", ModelState))); } var jwt = await Tokens.GenerateJwt( identity, _jwtFactory, _jwtOptions, new JsonSerializerSettings { Formatting = Formatting.Indented }, credentials.UserName, userFirstName.FirstName); return(new OkObjectResult(jwt)); }
public async Task <IActionResult> Post([FromBody] CredentialsViewModel credentials) { try { if (!ModelState.IsValid) { return(BadRequest(ModelState)); } var identity = await GetClaimsIdentity(credentials.Login, credentials.Senha); if (identity == null) { return(BadRequest(Errors.AddErrorToModelState("login_failure", "Usuário ou Senha Inválidos", ModelState))); } // Serialize and return the response var response = new { id = identity.Claims.Single(c => c.Type == "id").Value, auth_token = await _jwtFactory.GenerateEncodedToken(credentials.Login, identity), expires_in = (int)_jwtOptions.ValidFor.TotalSeconds }; var json = JsonConvert.SerializeObject(response, _serializerSettings); return(new OkObjectResult(json)); } catch (Exception ex) { return(BadRequest(ex)); } }
public async Task <IActionResult> LogIn([FromBody] LogInViewModel model) { if (!ModelState.IsValid) { return(BadRequest(ModelState)); } var user = await _userManager.FindByNameAsync(model.Name); if (user != null && (await _userManager.CheckPasswordAsync(user, model.Password))) { var roles = await _userManager.GetRolesAsync(user); var response = new { auth_token = await _jwtFactory.GenerateToken(user.UserName, user.Id, roles) }; var jwt = JsonConvert.SerializeObject(response); var obj = new ReturnObject { jwt = jwt, userInfo = user }; return(new OkObjectResult(obj)); } return(BadRequest(Errors.AddErrorToModelState("login_failure", "Invalid username or password.", ModelState))); }
public async Task <IActionResult> Post([FromBody] LoginViewModel credentials) { if (!ModelState.IsValid) { return(BadRequest(ModelState)); } var identity = await GetClaimsIdentity(credentials.Email, credentials.Password); if (identity == null) { return(BadRequest(Errors.AddErrorToModelState("login_failure", "Invalid username or password.", ModelState))); } var jwt = await Tokens.GenerateJwt(identity, _jwtFactory, credentials.Email, _jwtOptions, new JsonSerializerSettings { Formatting = Formatting.Indented }); JObject jwtObject = JObject.Parse(jwt); ApplicationUser user = await _userManager.FindByNameAsync(identity.Name); var isAdmin = await _userManager.IsInRoleAsync(user, "Admin"); jwtObject.Add("is_admin", isAdmin); return(new OkObjectResult(JsonConvert.SerializeObject(jwtObject))); }
public async Task <IActionResult> ResendEmail([FromBody] CreditionalsDto creditionals) { var user = await _userManager.FindByNameAsync(creditionals.UserName); if (user == null) { return(NotFound()); } if (await _userManager.IsEmailConfirmedAsync(user)) { ModelState.AddModelError(nameof(user.Email), "Email already confirmed."); return(BadRequest(ModelState)); } if (!await _userManager.CheckPasswordAsync(user, creditionals.Password)) { return(BadRequest(Errors.AddErrorToModelState("login_failure", "Invalid username or password.", ModelState))); } var confirmToken = await _userManager.GenerateEmailConfirmationTokenAsync(user); var emailConfirmUrl = Url.RouteUrl("ConfirmEmail", new { uid = user.Id, token = confirmToken }, this.Request.Scheme); try { await _emailSender.SendEmailAsync(user.Email, "Confirm your account", $"Please confirm your account by this ref <a href=\"{emailConfirmUrl}\">link</a>"); } catch { ModelState.AddModelError("email", "Failed to send confirmation letter"); return(BadRequest(ModelState)); } return(NoContent()); }
public async Task <IActionResult> Post([FromBody] CredentialsViewModel credentials) { if (!ModelState.IsValid) { return(BadRequest(ModelState)); } var identity = await GetClaimsIdentity(credentials.EmployeeNumber, credentials.Password); if (identity == null) { return(BadRequest(Errors.AddErrorToModelState("login_failure", "The EmployeeNumber/Password combination that you've entered doesn't match any account.Sign up for an account.", ModelState))); } // Serialize and return the response var response = new { id = identity.Claims.Single(c => c.Type == "id").Value, auth_token = await _jwtFactory.GenerateEncodedToken(credentials.EmployeeNumber, identity), expires_in = (int)_jwtOptions.ValidFor.TotalSeconds }; var json = JsonConvert.SerializeObject(response, _serializerSettings); return(new OkObjectResult(json)); }
public async Task <IActionResult> Delete(int id) { var userId = _userManager.GetUserId(HttpContext.User); if (userId == null) { return(BadRequest(Errors.AddErrorToModelState( "delete_revenue_failure", "Unable to find a user for this revenue", ModelState))); } var revenue = await _db.Revenues .Include(x => x.Budget) .FirstOrDefaultAsync(x => x.Budget.UserId == userId && x.Id == id); if (revenue == null) { return(BadRequest(Errors.AddErrorToModelState( "delete_revenue_failure", "Unable to find revenue to delete", ModelState))); } _db.Revenues.Remove(revenue); await _db.SaveChangesAsync(); return(new OkObjectResult(new { message = "success" })); }
public async Task <IActionResult> Create([FromBody] PostViewModel model) { if (!ModelState.IsValid) { return(BadRequest(ModelState)); } var p = _mapper.Map <Post>(model); if (p == null) { return(BadRequest(Errors.AddErrorToModelState("createpost_failure", "Error occupied while mapping", ModelState))); } var userId = _claimPrincipalService.GetClaimFromHttp(); var user = await _userService.GetUserByClaimAsync(userId); if (user == null) { return(BadRequest(Errors.AddErrorToModelState("createpost_failure", "User did not found", ModelState))); } var post = new Post { User = user, UserId = user.Id, Body = p.Body, Title = p.Title, Color = p.Color }; _postService.InsertPost(post); return(new OkObjectResult("Post created")); }
public async Task <IActionResult> Post([FromBody] LoginViewModel model) { if (!ModelState.IsValid) { return(BadRequest(ModelState)); } AppUser user = await _userManager.FindByEmailAsync(model.Email); if (user == null || !await _userManager.CheckPasswordAsync(user, model.Password)) { return(BadRequest(Errors.AddErrorToModelState("login_failure", "Invalid username or password.", ModelState))); } Claim[] claims = new Claim[] { new Claim(JwtRegisteredClaimNames.Sub, user.UserName) }; SymmetricSecurityKey signingKey = new SymmetricSecurityKey( Encoding.UTF8.GetBytes(_configuration["JwtAuthentication:SecretKey"])); int minutesUntilExpiry = Convert.ToInt32(_configuration["JwtAuthentication:minutesUntilExpiry"]); var token = new JwtSecurityToken( issuer: _configuration["JwtAuthentication:Issuer"], audience: _configuration["JwtAuthentication:Audience"], expires: DateTime.UtcNow.AddMinutes(minutesUntilExpiry), signingCredentials: new SigningCredentials(signingKey, SecurityAlgorithms.HmacSha256), claims: claims ); return(new OkObjectResult( new { token = new JwtSecurityTokenHandler().WriteToken(token), expiration = token.ValidTo })); }
public async Task <IActionResult> Post([FromBody] CredentialsViewModel credentials) { if (!ModelState.IsValid) { return(BadRequest(ModelState)); } var identity = await GetClaimsIdentity(credentials.UserName, credentials.Password); if (identity == null) { return(BadRequest(Errors.AddErrorToModelState("login_failure", "Invalid username or password.", ModelState))); } var jwt = await Tokens.GenerateJwt(identity, _jwtFactory, credentials.UserName, _jwtOptions, new JsonSerializerSettings { Formatting = Formatting.Indented }); var user = await _appDbContext.UserInfo.FirstOrDefaultAsync(u => u.Email == credentials.UserName); if (user == null) { if (jwt != null) { return(Ok(jwt)); } } var response = _mapper.Map <UserInfo, UserProfileResponse>(user); return(Ok(response)); }
public async Task <IActionResult> CreateUser([FromBody] CreateUserResource model) { try { if (!ModelState.IsValid) { return(BadRequest(ModelState)); } var userIdentity = _mapper.Map <CreateUserResource, ApplicationUser>(model); var result = await _userManager.CreateAsync(userIdentity, model.Password); if (result.Succeeded) { await _userManager.AddToRoleAsync(userIdentity, "member"); // Send token trough email string confirmationToken = _userManager.GenerateEmailConfirmationTokenAsync(userIdentity).Result; return(Ok(result)); } return(BadRequest(Errors.AddErrorToModelState("register_failure", result.ToString(), ModelState))); } catch (Exception ex) { return(BadRequest(ex.ToString())); } }
public async Task <ActionResult <bool> > Delete(long id) { //Check if gear item exists GearItemViewModel gearItemToDelete = await this._supervisor.GetGearItemByIdAsync(id); if (gearItemToDelete == null) { return(BadRequest(Errors.AddErrorToModelState(ErrorCodes.GearItemNotFound, ErrorDescriptions.GearItemDeleteFailure, ModelState))); } if (gearItemToDelete.Images.Count() > 0) { DelResResult deletedFromCloudinary = await this._cloudinary.DeleteResources(gearItemToDelete); if (deletedFromCloudinary.StatusCode != HttpStatusCode.OK) { return(BadRequest(Errors.AddErrorToModelState(ErrorCodes.CloudinaryDelete, ErrorDescriptions.CloudinaryImageDeleteFailure, ModelState))); } } if (!await _supervisor.DeleteGearItemAsync(id)) { return(BadRequest(Errors.AddErrorToModelState(ErrorCodes.GearItemDelete, ErrorDescriptions.GearItemDeleteFailure, ModelState))); } return(new OkObjectResult(true)); }
public async Task <IActionResult> Login([FromBody] LoginModel model) { if (!ModelState.IsValid) { return(BadRequest(ModelState)); } var identity = await GetClaimsIdentity(model.Email, model.Password); if (identity == null) { return(BadRequest(Errors.AddErrorToModelState("login_failure", "Invalid username or password.", ModelState))); } var userToVerify = await _userManager.FindByNameAsync(model.Email); List <string> ListRoles = new List <string>(await _userManager.GetRolesAsync(userToVerify)); var response = new { id = identity.Claims.Single(c => c.Type == "id").Value, auth_token = await _jwtFactory.GenerateEncodedToken(model.Email, identity, ListRoles), expires_in = (int)_jwtOptions.ValidFor.TotalSeconds }; var json = JsonConvert.SerializeObject(response, _serializerSettings); return(new OkObjectResult(json)); }
public async Task <ActionResult <GearItemViewModel> > Update([FromForm] List <IFormFile> gearImages) { // Retrieve gearItem object from the request form GearItemViewModel gearItem = JsonConvert.DeserializeObject <GearItemViewModel>(Request.Form["gearItem"]); // Check if we are uploading any new images if (gearImages.Count() > 0) { IList <GearImageViewModel> gearItemImages = await this._cloudinary.UploadNewImages <GearImageViewModel>(gearImages); if (gearItemImages.Any(gI => gI == null)) { return(BadRequest(Errors.AddErrorToModelState(ErrorCodes.CloudinaryUpload, ErrorDescriptions.CloudinaryImageUploadFailure, ModelState))); } gearItem.NewImages = gearItemImages; } if (!await this._supervisor.UpdateGearItemAsync(gearItem)) { return(BadRequest(Errors.AddErrorToModelState(ErrorCodes.GearItemUpdate, ErrorDescriptions.GearItemUpdateFailure, ModelState))); } gearItem = await this._supervisor.GetGearItemByIdAsync(gearItem.Id); return(new OkObjectResult(gearItem)); }
public async Task <IActionResult> Delete(int id) { var userId = _userManager.GetUserId(HttpContext.User); if (userId == null) { return(BadRequest(Errors.AddErrorToModelState( "delete_item_failure", "Unable to find a user for this item", ModelState))); } var item = await _db.Items .Include(x => x.Class) .FirstOrDefaultAsync(x => x.Class.UserId == userId && x.Id == id); if (item == null) { return(NotFound(Errors.AddErrorToModelState( "delete_item_failure", "Unable to find item to delete", ModelState))); } _db.Items.Remove(item); await _db.SaveChangesAsync(); return(new OkObjectResult(new { message = "success" })); }
public async Task <IActionResult> Facebook([FromBody] FacebookAuthViewModel model) { // 1.generate an app access token var appAccessTokenResponse = await Client.GetStringAsync($"https://graph.facebook.com/oauth/access_token?client_id={_fbAuthSettings.AppId}&client_secret={_fbAuthSettings.AppKey}&grant_type=client_credentials"); var appAccessToken = JsonConvert.DeserializeObject <FacebookAppAccessToken>(appAccessTokenResponse); // 2. validate the user access token var userAccessTokenValidationResponse = await Client.GetStringAsync($"https://graph.facebook.com/debug_token?input_token={model.AccessToken}&access_token={appAccessToken.AccessToken}"); var userAccessTokenValidation = JsonConvert.DeserializeObject <FacebookUserAccessTokenValidation>(userAccessTokenValidationResponse); if (!userAccessTokenValidation.Data.IsValid) { return(BadRequest(Errors.AddErrorToModelState("login_failure", "Invalid facebook token.", ModelState))); } // 3. we've got a valid token so we can request user data from fb var userInfoResponse = await Client.GetStringAsync($"https://graph.facebook.com/v3.2/me?fields=id,email,first_name,name,birthday,picture&access_token={model.AccessToken}"); var userInfo = JsonConvert.DeserializeObject <FacebookUserData>(userInfoResponse); // 4. ready to create the local user account (if necessary) and jwt var user = await _userManager.FindByEmailAsync(userInfo.Email); if (user == null) { var appUser = new AppUser { FirstName = userInfo.FirstName, FacebookId = userInfo.Id, Email = userInfo.Email, UserName = userInfo.Email, PictureUrl = userInfo.Picture.Data.Url }; var result = await _userManager.CreateAsync(appUser, Convert.ToBase64String(Guid.NewGuid().ToByteArray()).Substring(0, 8)); if (!result.Succeeded) { return(new BadRequestObjectResult(Errors.AddErrorsToModelState(result, ModelState))); } await _appDbContext.Trainers.AddAsync(new Trainers { IdentityId = appUser.Id }); await _appDbContext.SaveChangesAsync(); } // generate the jwt for the local user... var localUser = await _userManager.FindByNameAsync(userInfo.Email); if (localUser == null) { return(BadRequest(Errors.AddErrorToModelState("login_failure", "Failed to create local user account.", ModelState))); } var jwt = await Token.GenerateJwt(_jwtFactory.GenerateClaimsIdentity(localUser.UserName, localUser.Id), _jwtFactory, localUser.UserName, _jwtOptions, new JsonSerializerSettings { Formatting = Formatting.Indented }); return(new OkObjectResult(jwt)); }
public async Task <IActionResult> Post([FromBody] CredentialsViewModel model) { if (!ModelState.IsValid) { return(BadRequest(ModelState)); } // This doesn't count login failures towards account lockout // To enable password failures to trigger account lockout, set lockoutOnFailure: true var signedUser = await _signInManager.UserManager.FindByEmailAsync(model.Email).ConfigureAwait(false); if (signedUser == null) { return(BadRequest(Errors.AddErrorToModelState("login_failure", "Invalid email address.", ModelState))); } var result = await _signInManager.UserManager.CheckPasswordAsync(signedUser, model.Password) .ConfigureAwait(false); if (!result) { return(BadRequest(Errors.AddErrorToModelState("login_failure", "Invalid password.", ModelState))); } _logger.Information("User logged in."); var roles = await _signInManager.UserManager.GetRolesAsync(signedUser).ConfigureAwait(false); var identity = _jwtFactory.GenerateClaimsIdentity(signedUser.UserName, signedUser.Id); var jwt = await Tokens.GenerateJwt(identity, _jwtFactory, signedUser.UserName, roles?.FirstOrDefault(), _jwtOptions, new JsonSerializerSettings { Formatting = Formatting.Indented }).ConfigureAwait(false); return(new OkObjectResult(jwt)); }
public async Task <object> Login([FromBody] CredentialsViewModel credentials) { if (!ModelState.IsValid) { return(BadRequest(ModelState)); } var identity = await GetClaimsIdentity(credentials.UserName, credentials.Password); if (identity == null) { return(BadRequest(Errors.AddErrorToModelState("login_failure", "Invalid username or password.", ModelState))); } var jwt = await Tokens.GenerateJwt(identity, _jwtFactory, credentials.UserName, _jwtOptions, new JsonSerializerSettings { Formatting = Formatting.Indented }); var appUser = await _userManager.FindByEmailAsync(credentials.UserName); var userModel = new SimpleUserModel { Email = appUser.Email, FirstName = appUser.FirstName, LastName = appUser.LastName, Id = appUser.Id, EmailIsConfirmed = appUser.EmailConfirmed, Token = jwt }; return(Ok(userModel)); }
public async Task <IActionResult> Deletes([FromBody] DeleteAccountViewModel model) { if (!ModelState.IsValid) { return(BadRequest(ModelState)); } var user = await _userManager.FindByEmailAsync(model.Email); if (user == null) { return(BadRequest(Errors.AddErrorToModelState("user_search_failure", "Could not find user in database.", ModelState))); } if (await _userManager.CheckPasswordAsync(user, model.Password)) { var temp = _appDbContext.Users.First(u => u.Identity.Email.Equals(model.Email)); _appDbContext.Users.Remove(temp); await _userManager.DeleteAsync(user); await _appDbContext.SaveChangesAsync(); return(new OkObjectResult("Account Deleted")); } else { return(BadRequest(Errors.AddErrorToModelState("user_search_failure", "Password is invalid", ModelState))); } }
public async Task <ActionResult <bool> > Logout(long userId, CancellationToken ct = default(CancellationToken)) { // Retrieve the application_token from cookies to retrieve user's username string jwt = Request.Cookies.SingleOrDefault(cookie => cookie.Key == TokenOptionsStrings.ApplicationToken).Value; if (jwt != null) { // We do not care if the token is valid, we only care that the token is ClaimsPrincipal principal = this._token.GetPrincipalFromExpiredToken(jwt); string userName = principal.Identity.Name; ApplicationUser user = _userManager.Users.SingleOrDefault(u => u.UserName == userName); if (user == null) { return(BadRequest(Errors.AddErrorToModelState(ErrorCodes.Logout, ErrorDescriptions.UserNotFoundFailure, ModelState))); } // Remove the refresh token from the database IdentityResult result = await _userManager.RemoveAuthenticationTokenAsync(user, TokenOptionsStrings.RefreshTokenProvider, TokenOptionsStrings.RefreshToken); if (!result.Succeeded) { return(BadRequest(Errors.AddErrorToModelState(ErrorCodes.Logout, ErrorDescriptions.RefreshTokenDeleteFailure, ModelState))); } // Delete cookie with the token Response.Cookies.Delete(TokenOptionsStrings.ApplicationToken); } return(new OkObjectResult(true)); }
public async Task <IActionResult> Post([FromBody] CredentialsViewModel credentials) { CredentialsViewModelValidator validator = new CredentialsViewModelValidator(); FluentValidation.Results.ValidationResult results = validator.Validate(credentials); if (!results.IsValid) { foreach (var failure in results.Errors) { Errors.AddErrorToModelState(failure.PropertyName, failure.ErrorMessage, ModelState); } } if (!ModelState.IsValid) { return(BadRequest(ModelState)); } // Checks if Username Password combination is correct. var identity = await GetClaimsIdentity(credentials.EmailAddress, credentials.UserPassword); if (identity == null) { return(BadRequest(Errors.AddErrorToModelState("login_failure", "Onjuiste email of wachtwoord.", ModelState))); } // Generates Token var jwt = await Tokens.GenerateJwt(identity, _jwtGenerator, credentials.EmailAddress, _jwtOptions, new JsonSerializerSettings { Formatting = Formatting.Indented }); return(new OkObjectResult(jwt)); }
public async Task <ActionResult> Login([FromBody] LoginViewModel login, CancellationToken ct = default(CancellationToken)) { ApplicationUser user = _userManager.Users.SingleOrDefault(u => u.UserName == login.UserName); ClaimsIdentity identity = await _getIdentity.GetClaimsIdentity(user, login.Password); if (identity == null) { return(Unauthorized(Errors.AddErrorToModelState(ErrorCodes.Login, ErrorDescriptions.LoginFailure, ModelState))); } // Remove existing refresh tokens await _userManager.RemoveAuthenticationTokenAsync(user, TokenOptionsStrings.RefreshTokenProvider, TokenOptionsStrings.RefreshToken); // Generate a new Token string newRefreshToken = await _userManager.GenerateUserTokenAsync(user, TokenOptionsStrings.RefreshTokenProvider, TokenOptionsStrings.RefreshToken); // Issue new refresh token to the user await _userManager.SetAuthenticationTokenAsync(user, TokenOptionsStrings.RefreshTokenProvider, TokenOptionsStrings.RefreshToken, newRefreshToken); ApplicationToken token = await Token.GenerateJwt(user.UserName, identity, this._jwtFactory, this._jwtOptions, this._jsonSerializerSettings); Utilities.CookieUtility.GenerateHttpOnlyCookie(Response, TokenOptionsStrings.ApplicationToken, token); return(new OkObjectResult(token)); }
public async Task <IActionResult> LoginDriver([FromBody] CreditionalsDto credentials) { if (!ModelState.IsValid) { return(BadRequest(ModelState)); } var identity = await GetClaimsIdentity(credentials.UserName, credentials.Password); if (identity == null) { return(BadRequest(Errors.AddErrorToModelState("login_failure", "Invalid username or password.", ModelState))); } // Ensure the email is confirmed. var driver = _userRepository.GetDriverByIdentityId(identity.Claims.Single(c => c.Type == Constants.Strings.JwtClaimIdentifiers.Id).Value); if (driver == null) { return(NotFound()); } var ip = _httpContextAccessor.HttpContext.Connection.RemoteIpAddress.ToString(); var userAgent = _httpContextAccessor.HttpContext.Request.Headers["User-Agent"]; var jwt = await Tokens.GenerateJwt(identity, _jwtFactory, credentials.UserName, _jwtOptions, driver.Id, ip, userAgent); return(Ok(JsonConvert.DeserializeObject(jwt))); }
public async Task <IActionResult> Post([FromBody] VerifyPhoneNumberViewModel model) { ApplicationUser currentUser = await _userManager.FindByIdAsync(model.UserId); if (currentUser == null) { return(BadRequest(Errors.AddErrorToModelState("user loading failure", "Unable to load user", ModelState))); } var result = await _userManager.VerifyChangePhoneNumberTokenAsync(currentUser, model.Code, model.PhoneNumber); if (result) { //change PhoneNumber, PhoneNumberConfirmed fields currentUser.PhoneNumber = model.PhoneNumber; currentUser.PhoneNumberConfirmed = true; await _userManager.UpdateAsync(currentUser); return(new OkResult()); } else { return(BadRequest(Errors.AddErrorToModelState("verify phone number failure", "Invalid code.", ModelState))); } }