public async Task <IActionResult> Post([FromBody] CredentialViewModel credentials)
{
if (!ModelState.IsValid)
{
return(BadRequest(ModelState));
}
var user = await GetUser(credentials.UserName, credentials.Password);
if (user == null)
{
return(BadRequest(Errors.AddErrorToModelState("login failure", "Invalid username or password", ModelState)));
}
if (!await userManager.IsEmailConfirmedAsync(user))
{
return(BadRequest(Errors.AddErrorToModelState("login failure", "You haven't confirm your email", ModelState)));
}
var identity = GetClaimsIdentity(user);
var jwt = await Tokens.GenerateJwt(identity, jwtFactory, credentials.UserName, jwtOptions, new JsonSerializerSettings
{
Formatting = Formatting.Indented
});
return(new OkObjectResult(jwt));
}
public async Task <IActionResult> Edit(string email, string newEmail, string username)
{
if (!ModelState.IsValid)
{
return(BadRequest(ModelState));
}
var user = await _userManager.FindByEmailAsync(email);
if (user == null)
{
return(BadRequest(Errors.AddErrorToModelState("user_search_failure", "Could not find user in database.", ModelState)));
}
if (user.alias != username)
{
user.alias = username;
}
if (user.Email != newEmail || user.UserName != newEmail)
{
user.Email = newEmail;
user.UserName = newEmail;
}
await _userManager.UpdateAsync(user);
return(new OkObjectResult("User profile updated"));
}
public async Task <IActionResult> Post([FromBody] CredentialsViewModel credentials)
{
if (!ModelState.IsValid)
{
return(BadRequest(ModelState));
}
var identity = await GetClaimsIdentity(credentials.UserName, credentials.Password);
if (identity == null)
{
return(BadRequest(Errors.AddErrorToModelState("login_failure", "Invalid username or password.", ModelState)));
}
var jwt = await Tokens.GenerateJwt(
identity,
_jwtFactory,
credentials.UserName,
string.Empty,
string.Empty,
false,
false,
_jwtOptions,
new JsonSerializerSettings { Formatting = Formatting.Indented }
);
return(new OkObjectResult(jwt));
}
//[ValidateAntiForgeryToken]
public async Task <IActionResult> ChangePassword([FromBody] ChangePasswordViewModel model)
{
// await _antiforgery.ValidateRequestAsync(_contextAccessor.HttpContext);
if (!ModelState.IsValid)
{
return(BadRequest(Errors.AddErrorToModelState("", "", ModelState)));
}
var user = await GetCurrentUserAsync();
if (user != null)
{
var result = await _userManager.ChangePasswordAsync(user, model.OldPassword, model.NewPassword);
if (result.Succeeded)
{
await _signInManager.SignInAsync(user, isPersistent : false);
_logger.LogInformation(3, "User changed their password successfully.");
return(new OkObjectResult(ManageMessageId.ChangePasswordSuccess));
}
AddErrors(result);
return(BadRequest(Errors.AddErrorToModelState("", "", ModelState)));
}
AddErrors(new IdentityResult());
return(BadRequest(Errors.AddErrorToModelState("", "No user found.", ModelState)));
}
public async Task <IActionResult> Password([FromBody] PasswordViewModel model)
{
if (!ModelState.IsValid)
{
return(BadRequest(ModelState));
}
var user = await _userManager.FindByEmailAsync(model.Email);
if (user == null)
{
return(BadRequest(Errors.AddErrorToModelState("user_search_failure", "Could not find user in database.", ModelState)));
}
if (await _userManager.CheckPasswordAsync(user, model.OldPassword))
{
if (model.OldPassword == model.NewPassword)
{
return(BadRequest(Errors.AddErrorToModelState("user_search_failure", "New password cannot match old password", ModelState)));
}
await _userManager.ChangePasswordAsync(user, model.OldPassword, model.NewPassword);
await _appDbContext.SaveChangesAsync();
return(new OkObjectResult("Password Updated"));
}
else
{
return(BadRequest(Errors.AddErrorToModelState("user_search_failure", "Old password is invalid", ModelState)));
}
}
public async Task <IActionResult> SignIn([FromBody] SignInViewModel credentials)
{
if (!ModelState.IsValid)
{
return(BadRequest(ModelState));
}
var identity = await GetClaimsIdentity(credentials.UserName, credentials.Password);
if (identity == null)
{
return(BadRequest(Errors.AddErrorToModelState("login_failure", "Invalid username or password.", ModelState)));
}
// Serialize and return the response
var response = new
{
id = identity.Claims.Single(c => c.Type == "id").Value,
auth_token = await _jwtFactory.GenerateEncodedToken(credentials.UserName, identity),
expires_in = (int)_jwtOptions.ValidFor.TotalSeconds
};
var json = JsonConvert.SerializeObject(response, _serializerSettings);
return(new OkObjectResult(json));
}
public async Task <IActionResult> Post([FromBody] CredentialsViewModel credentials)
{
if (!ModelState.IsValid)
{
return(BadRequest(Errors.AddErrorToModelState("login_failure", "Incorrect data transferred.", ModelState)));
}
var authService = new AuthService(_userManager, _jwtFactory);
var userFirstName = await _userManager.FindByNameAsync(credentials.UserName);
var identity = await authService.GetClaimsIdentity(credentials.UserName, credentials.Password);
if (identity == null)
{
return(BadRequest(Errors.AddErrorToModelState("login_failure", "Invalid username or password.", ModelState)));
}
var jwt = await Tokens.GenerateJwt(
identity,
_jwtFactory,
_jwtOptions,
new JsonSerializerSettings { Formatting = Formatting.Indented },
credentials.UserName,
userFirstName.FirstName);
return(new OkObjectResult(jwt));
}
public async Task <IActionResult> Post([FromBody] CredentialsViewModel credentials)
{
try
{
if (!ModelState.IsValid)
{
return(BadRequest(ModelState));
}
var identity = await GetClaimsIdentity(credentials.Login, credentials.Senha);
if (identity == null)
{
return(BadRequest(Errors.AddErrorToModelState("login_failure", "Usuário ou Senha Inválidos", ModelState)));
}
// Serialize and return the response
var response = new
{
id = identity.Claims.Single(c => c.Type == "id").Value,
auth_token = await _jwtFactory.GenerateEncodedToken(credentials.Login, identity),
expires_in = (int)_jwtOptions.ValidFor.TotalSeconds
};
var json = JsonConvert.SerializeObject(response, _serializerSettings);
return(new OkObjectResult(json));
}
catch (Exception ex)
{
return(BadRequest(ex));
}
}
public async Task <IActionResult> LogIn([FromBody] LogInViewModel model)
{
if (!ModelState.IsValid)
{
return(BadRequest(ModelState));
}
var user = await _userManager.FindByNameAsync(model.Name);
if (user != null && (await _userManager.CheckPasswordAsync(user, model.Password)))
{
var roles = await _userManager.GetRolesAsync(user);
var response = new
{
auth_token = await _jwtFactory.GenerateToken(user.UserName, user.Id, roles)
};
var jwt = JsonConvert.SerializeObject(response);
var obj = new ReturnObject
{
jwt = jwt,
userInfo = user
};
return(new OkObjectResult(obj));
}
return(BadRequest(Errors.AddErrorToModelState("login_failure", "Invalid username or password.", ModelState)));
}
public async Task <IActionResult> Post([FromBody] LoginViewModel credentials)
{
if (!ModelState.IsValid)
{
return(BadRequest(ModelState));
}
var identity = await GetClaimsIdentity(credentials.Email, credentials.Password);
if (identity == null)
{
return(BadRequest(Errors.AddErrorToModelState("login_failure", "Invalid username or password.", ModelState)));
}
var jwt = await Tokens.GenerateJwt(identity, _jwtFactory, credentials.Email, _jwtOptions, new JsonSerializerSettings { Formatting = Formatting.Indented });
JObject jwtObject = JObject.Parse(jwt);
ApplicationUser user = await _userManager.FindByNameAsync(identity.Name);
var isAdmin = await _userManager.IsInRoleAsync(user, "Admin");
jwtObject.Add("is_admin", isAdmin);
return(new OkObjectResult(JsonConvert.SerializeObject(jwtObject)));
}
public async Task <IActionResult> ResendEmail([FromBody] CreditionalsDto creditionals)
{
var user = await _userManager.FindByNameAsync(creditionals.UserName);
if (user == null)
{
return(NotFound());
}
if (await _userManager.IsEmailConfirmedAsync(user))
{
ModelState.AddModelError(nameof(user.Email), "Email already confirmed.");
return(BadRequest(ModelState));
}
if (!await _userManager.CheckPasswordAsync(user, creditionals.Password))
{
return(BadRequest(Errors.AddErrorToModelState("login_failure", "Invalid username or password.", ModelState)));
}
var confirmToken = await _userManager.GenerateEmailConfirmationTokenAsync(user);
var emailConfirmUrl = Url.RouteUrl("ConfirmEmail", new { uid = user.Id, token = confirmToken }, this.Request.Scheme);
try
{
await _emailSender.SendEmailAsync(user.Email, "Confirm your account",
$"Please confirm your account by this ref <a href=\"{emailConfirmUrl}\">link</a>");
}
catch
{
ModelState.AddModelError("email", "Failed to send confirmation letter");
return(BadRequest(ModelState));
}
return(NoContent());
}
public async Task <IActionResult> Post([FromBody] CredentialsViewModel credentials)
{
if (!ModelState.IsValid)
{
return(BadRequest(ModelState));
}
var identity = await GetClaimsIdentity(credentials.EmployeeNumber, credentials.Password);
if (identity == null)
{
return(BadRequest(Errors.AddErrorToModelState("login_failure", "The EmployeeNumber/Password combination that you've entered doesn't match any account.Sign up for an account.", ModelState)));
}
// Serialize and return the response
var response = new
{
id = identity.Claims.Single(c => c.Type == "id").Value,
auth_token = await _jwtFactory.GenerateEncodedToken(credentials.EmployeeNumber, identity),
expires_in = (int)_jwtOptions.ValidFor.TotalSeconds
};
var json = JsonConvert.SerializeObject(response, _serializerSettings);
return(new OkObjectResult(json));
}
public async Task <IActionResult> Delete(int id)
{
var userId = _userManager.GetUserId(HttpContext.User);
if (userId == null)
{
return(BadRequest(Errors.AddErrorToModelState(
"delete_revenue_failure",
"Unable to find a user for this revenue",
ModelState)));
}
var revenue = await _db.Revenues
.Include(x => x.Budget)
.FirstOrDefaultAsync(x => x.Budget.UserId == userId && x.Id == id);
if (revenue == null)
{
return(BadRequest(Errors.AddErrorToModelState(
"delete_revenue_failure",
"Unable to find revenue to delete",
ModelState)));
}
_db.Revenues.Remove(revenue);
await _db.SaveChangesAsync();
return(new OkObjectResult(new { message = "success" }));
}
public async Task <IActionResult> Create([FromBody] PostViewModel model)
{
if (!ModelState.IsValid)
{
return(BadRequest(ModelState));
}
var p = _mapper.Map <Post>(model);
if (p == null)
{
return(BadRequest(Errors.AddErrorToModelState("createpost_failure", "Error occupied while mapping", ModelState)));
}
var userId = _claimPrincipalService.GetClaimFromHttp();
var user = await _userService.GetUserByClaimAsync(userId);
if (user == null)
{
return(BadRequest(Errors.AddErrorToModelState("createpost_failure", "User did not found", ModelState)));
}
var post = new Post {
User = user, UserId = user.Id, Body = p.Body, Title = p.Title, Color = p.Color
};
_postService.InsertPost(post);
return(new OkObjectResult("Post created"));
}
public async Task <IActionResult> Post([FromBody] LoginViewModel model)
{
if (!ModelState.IsValid)
{
return(BadRequest(ModelState));
}
AppUser user = await _userManager.FindByEmailAsync(model.Email);
if (user == null || !await _userManager.CheckPasswordAsync(user, model.Password))
{
return(BadRequest(Errors.AddErrorToModelState("login_failure", "Invalid username or password.", ModelState)));
}
Claim[] claims = new Claim[]
{
new Claim(JwtRegisteredClaimNames.Sub, user.UserName)
};
SymmetricSecurityKey signingKey = new SymmetricSecurityKey(
Encoding.UTF8.GetBytes(_configuration["JwtAuthentication:SecretKey"]));
int minutesUntilExpiry = Convert.ToInt32(_configuration["JwtAuthentication:minutesUntilExpiry"]);
var token = new JwtSecurityToken(
issuer: _configuration["JwtAuthentication:Issuer"],
audience: _configuration["JwtAuthentication:Audience"],
expires: DateTime.UtcNow.AddMinutes(minutesUntilExpiry),
signingCredentials: new SigningCredentials(signingKey, SecurityAlgorithms.HmacSha256),
claims: claims
);
return(new OkObjectResult(
new {
token = new JwtSecurityTokenHandler().WriteToken(token),
expiration = token.ValidTo
}));
}
public async Task <IActionResult> Post([FromBody] CredentialsViewModel credentials)
{
if (!ModelState.IsValid)
{
return(BadRequest(ModelState));
}
var identity = await GetClaimsIdentity(credentials.UserName, credentials.Password);
if (identity == null)
{
return(BadRequest(Errors.AddErrorToModelState("login_failure", "Invalid username or password.", ModelState)));
}
var jwt = await Tokens.GenerateJwt(identity, _jwtFactory, credentials.UserName, _jwtOptions, new JsonSerializerSettings { Formatting = Formatting.Indented });
var user = await _appDbContext.UserInfo.FirstOrDefaultAsync(u => u.Email == credentials.UserName);
if (user == null)
{
if (jwt != null)
{
return(Ok(jwt));
}
}
var response = _mapper.Map <UserInfo, UserProfileResponse>(user);
return(Ok(response));
}
public async Task <IActionResult> CreateUser([FromBody] CreateUserResource model)
{
try
{
if (!ModelState.IsValid)
{
return(BadRequest(ModelState));
}
var userIdentity = _mapper.Map <CreateUserResource, ApplicationUser>(model);
var result = await _userManager.CreateAsync(userIdentity, model.Password);
if (result.Succeeded)
{
await _userManager.AddToRoleAsync(userIdentity, "member");
// Send token trough email
string confirmationToken = _userManager.GenerateEmailConfirmationTokenAsync(userIdentity).Result;
return(Ok(result));
}
return(BadRequest(Errors.AddErrorToModelState("register_failure", result.ToString(), ModelState)));
}
catch (Exception ex)
{
return(BadRequest(ex.ToString()));
}
}
public async Task <ActionResult <bool> > Delete(long id)
{
//Check if gear item exists
GearItemViewModel gearItemToDelete = await this._supervisor.GetGearItemByIdAsync(id);
if (gearItemToDelete == null)
{
return(BadRequest(Errors.AddErrorToModelState(ErrorCodes.GearItemNotFound, ErrorDescriptions.GearItemDeleteFailure, ModelState)));
}
if (gearItemToDelete.Images.Count() > 0)
{
DelResResult deletedFromCloudinary = await this._cloudinary.DeleteResources(gearItemToDelete);
if (deletedFromCloudinary.StatusCode != HttpStatusCode.OK)
{
return(BadRequest(Errors.AddErrorToModelState(ErrorCodes.CloudinaryDelete, ErrorDescriptions.CloudinaryImageDeleteFailure, ModelState)));
}
}
if (!await _supervisor.DeleteGearItemAsync(id))
{
return(BadRequest(Errors.AddErrorToModelState(ErrorCodes.GearItemDelete, ErrorDescriptions.GearItemDeleteFailure, ModelState)));
}
return(new OkObjectResult(true));
}
public async Task <IActionResult> Login([FromBody] LoginModel model)
{
if (!ModelState.IsValid)
{
return(BadRequest(ModelState));
}
var identity = await GetClaimsIdentity(model.Email, model.Password);
if (identity == null)
{
return(BadRequest(Errors.AddErrorToModelState("login_failure", "Invalid username or password.", ModelState)));
}
var userToVerify = await _userManager.FindByNameAsync(model.Email);
List <string> ListRoles = new List <string>(await _userManager.GetRolesAsync(userToVerify));
var response = new
{
id = identity.Claims.Single(c => c.Type == "id").Value,
auth_token = await _jwtFactory.GenerateEncodedToken(model.Email, identity, ListRoles),
expires_in = (int)_jwtOptions.ValidFor.TotalSeconds
};
var json = JsonConvert.SerializeObject(response, _serializerSettings);
return(new OkObjectResult(json));
}
public async Task <ActionResult <GearItemViewModel> > Update([FromForm] List <IFormFile> gearImages)
{
// Retrieve gearItem object from the request form
GearItemViewModel gearItem = JsonConvert.DeserializeObject <GearItemViewModel>(Request.Form["gearItem"]);
// Check if we are uploading any new images
if (gearImages.Count() > 0)
{
IList <GearImageViewModel> gearItemImages = await this._cloudinary.UploadNewImages <GearImageViewModel>(gearImages);
if (gearItemImages.Any(gI => gI == null))
{
return(BadRequest(Errors.AddErrorToModelState(ErrorCodes.CloudinaryUpload, ErrorDescriptions.CloudinaryImageUploadFailure, ModelState)));
}
gearItem.NewImages = gearItemImages;
}
if (!await this._supervisor.UpdateGearItemAsync(gearItem))
{
return(BadRequest(Errors.AddErrorToModelState(ErrorCodes.GearItemUpdate, ErrorDescriptions.GearItemUpdateFailure, ModelState)));
}
gearItem = await this._supervisor.GetGearItemByIdAsync(gearItem.Id);
return(new OkObjectResult(gearItem));
}
public async Task <IActionResult> Delete(int id)
{
var userId = _userManager.GetUserId(HttpContext.User);
if (userId == null)
{
return(BadRequest(Errors.AddErrorToModelState(
"delete_item_failure",
"Unable to find a user for this item",
ModelState)));
}
var item = await _db.Items
.Include(x => x.Class)
.FirstOrDefaultAsync(x => x.Class.UserId == userId && x.Id == id);
if (item == null)
{
return(NotFound(Errors.AddErrorToModelState(
"delete_item_failure",
"Unable to find item to delete",
ModelState)));
}
_db.Items.Remove(item);
await _db.SaveChangesAsync();
return(new OkObjectResult(new { message = "success" }));
}
public async Task <IActionResult> Facebook([FromBody] FacebookAuthViewModel model)
{
// 1.generate an app access token
var appAccessTokenResponse = await Client.GetStringAsync($"https://graph.facebook.com/oauth/access_token?client_id={_fbAuthSettings.AppId}&client_secret={_fbAuthSettings.AppKey}&grant_type=client_credentials");
var appAccessToken = JsonConvert.DeserializeObject <FacebookAppAccessToken>(appAccessTokenResponse);
// 2. validate the user access token
var userAccessTokenValidationResponse = await Client.GetStringAsync($"https://graph.facebook.com/debug_token?input_token={model.AccessToken}&access_token={appAccessToken.AccessToken}");
var userAccessTokenValidation = JsonConvert.DeserializeObject <FacebookUserAccessTokenValidation>(userAccessTokenValidationResponse);
if (!userAccessTokenValidation.Data.IsValid)
{
return(BadRequest(Errors.AddErrorToModelState("login_failure", "Invalid facebook token.", ModelState)));
}
// 3. we've got a valid token so we can request user data from fb
var userInfoResponse = await Client.GetStringAsync($"https://graph.facebook.com/v3.2/me?fields=id,email,first_name,name,birthday,picture&access_token={model.AccessToken}");
var userInfo = JsonConvert.DeserializeObject <FacebookUserData>(userInfoResponse);
// 4. ready to create the local user account (if necessary) and jwt
var user = await _userManager.FindByEmailAsync(userInfo.Email);
if (user == null)
{
var appUser = new AppUser
{
FirstName = userInfo.FirstName,
FacebookId = userInfo.Id,
Email = userInfo.Email,
UserName = userInfo.Email,
PictureUrl = userInfo.Picture.Data.Url
};
var result = await _userManager.CreateAsync(appUser, Convert.ToBase64String(Guid.NewGuid().ToByteArray()).Substring(0, 8));
if (!result.Succeeded)
{
return(new BadRequestObjectResult(Errors.AddErrorsToModelState(result, ModelState)));
}
await _appDbContext.Trainers.AddAsync(new Trainers { IdentityId = appUser.Id });
await _appDbContext.SaveChangesAsync();
}
// generate the jwt for the local user...
var localUser = await _userManager.FindByNameAsync(userInfo.Email);
if (localUser == null)
{
return(BadRequest(Errors.AddErrorToModelState("login_failure", "Failed to create local user account.", ModelState)));
}
var jwt = await Token.GenerateJwt(_jwtFactory.GenerateClaimsIdentity(localUser.UserName, localUser.Id),
_jwtFactory, localUser.UserName, _jwtOptions, new JsonSerializerSettings { Formatting = Formatting.Indented });
return(new OkObjectResult(jwt));
}
public async Task <IActionResult> Post([FromBody] CredentialsViewModel model)
{
if (!ModelState.IsValid)
{
return(BadRequest(ModelState));
}
// This doesn't count login failures towards account lockout
// To enable password failures to trigger account lockout, set lockoutOnFailure: true
var signedUser = await _signInManager.UserManager.FindByEmailAsync(model.Email).ConfigureAwait(false);
if (signedUser == null)
{
return(BadRequest(Errors.AddErrorToModelState("login_failure", "Invalid email address.", ModelState)));
}
var result = await _signInManager.UserManager.CheckPasswordAsync(signedUser, model.Password)
.ConfigureAwait(false);
if (!result)
{
return(BadRequest(Errors.AddErrorToModelState("login_failure", "Invalid password.", ModelState)));
}
_logger.Information("User logged in.");
var roles = await _signInManager.UserManager.GetRolesAsync(signedUser).ConfigureAwait(false);
var identity = _jwtFactory.GenerateClaimsIdentity(signedUser.UserName, signedUser.Id);
var jwt = await Tokens.GenerateJwt(identity, _jwtFactory, signedUser.UserName, roles?.FirstOrDefault(), _jwtOptions,
new JsonSerializerSettings { Formatting = Formatting.Indented }).ConfigureAwait(false);
return(new OkObjectResult(jwt));
}
public async Task <object> Login([FromBody] CredentialsViewModel credentials)
{
if (!ModelState.IsValid)
{
return(BadRequest(ModelState));
}
var identity = await GetClaimsIdentity(credentials.UserName, credentials.Password);
if (identity == null)
{
return(BadRequest(Errors.AddErrorToModelState("login_failure", "Invalid username or password.", ModelState)));
}
var jwt = await Tokens.GenerateJwt(identity, _jwtFactory, credentials.UserName, _jwtOptions,
new JsonSerializerSettings { Formatting = Formatting.Indented });
var appUser = await _userManager.FindByEmailAsync(credentials.UserName);
var userModel = new SimpleUserModel
{
Email = appUser.Email,
FirstName = appUser.FirstName,
LastName = appUser.LastName,
Id = appUser.Id,
EmailIsConfirmed = appUser.EmailConfirmed,
Token = jwt
};
return(Ok(userModel));
}
public async Task <IActionResult> Deletes([FromBody] DeleteAccountViewModel model)
{
if (!ModelState.IsValid)
{
return(BadRequest(ModelState));
}
var user = await _userManager.FindByEmailAsync(model.Email);
if (user == null)
{
return(BadRequest(Errors.AddErrorToModelState("user_search_failure", "Could not find user in database.", ModelState)));
}
if (await _userManager.CheckPasswordAsync(user, model.Password))
{
var temp = _appDbContext.Users.First(u => u.Identity.Email.Equals(model.Email));
_appDbContext.Users.Remove(temp);
await _userManager.DeleteAsync(user);
await _appDbContext.SaveChangesAsync();
return(new OkObjectResult("Account Deleted"));
}
else
{
return(BadRequest(Errors.AddErrorToModelState("user_search_failure", "Password is invalid", ModelState)));
}
}
public async Task <ActionResult <bool> > Logout(long userId, CancellationToken ct = default(CancellationToken))
{
// Retrieve the application_token from cookies to retrieve user's username
string jwt = Request.Cookies.SingleOrDefault(cookie => cookie.Key == TokenOptionsStrings.ApplicationToken).Value;
if (jwt != null)
{
// We do not care if the token is valid, we only care that the token is
ClaimsPrincipal principal = this._token.GetPrincipalFromExpiredToken(jwt);
string userName = principal.Identity.Name;
ApplicationUser user = _userManager.Users.SingleOrDefault(u => u.UserName == userName);
if (user == null)
{
return(BadRequest(Errors.AddErrorToModelState(ErrorCodes.Logout, ErrorDescriptions.UserNotFoundFailure, ModelState)));
}
// Remove the refresh token from the database
IdentityResult result = await _userManager.RemoveAuthenticationTokenAsync(user, TokenOptionsStrings.RefreshTokenProvider, TokenOptionsStrings.RefreshToken);
if (!result.Succeeded)
{
return(BadRequest(Errors.AddErrorToModelState(ErrorCodes.Logout, ErrorDescriptions.RefreshTokenDeleteFailure, ModelState)));
}
// Delete cookie with the token
Response.Cookies.Delete(TokenOptionsStrings.ApplicationToken);
}
return(new OkObjectResult(true));
}
public async Task <IActionResult> Post([FromBody] CredentialsViewModel credentials)
{
CredentialsViewModelValidator validator = new CredentialsViewModelValidator();
FluentValidation.Results.ValidationResult results = validator.Validate(credentials);
if (!results.IsValid)
{
foreach (var failure in results.Errors)
{
Errors.AddErrorToModelState(failure.PropertyName, failure.ErrorMessage, ModelState);
}
}
if (!ModelState.IsValid)
{
return(BadRequest(ModelState));
}
// Checks if Username Password combination is correct.
var identity = await GetClaimsIdentity(credentials.EmailAddress, credentials.UserPassword);
if (identity == null)
{
return(BadRequest(Errors.AddErrorToModelState("login_failure", "Onjuiste email of wachtwoord.", ModelState)));
}
// Generates Token
var jwt = await Tokens.GenerateJwt(identity, _jwtGenerator, credentials.EmailAddress, _jwtOptions, new JsonSerializerSettings { Formatting = Formatting.Indented });
return(new OkObjectResult(jwt));
}
public async Task <ActionResult> Login([FromBody] LoginViewModel login, CancellationToken ct = default(CancellationToken))
{
ApplicationUser user = _userManager.Users.SingleOrDefault(u => u.UserName == login.UserName);
ClaimsIdentity identity = await _getIdentity.GetClaimsIdentity(user, login.Password);
if (identity == null)
{
return(Unauthorized(Errors.AddErrorToModelState(ErrorCodes.Login, ErrorDescriptions.LoginFailure, ModelState)));
}
// Remove existing refresh tokens
await _userManager.RemoveAuthenticationTokenAsync(user, TokenOptionsStrings.RefreshTokenProvider, TokenOptionsStrings.RefreshToken);
// Generate a new Token
string newRefreshToken = await _userManager.GenerateUserTokenAsync(user, TokenOptionsStrings.RefreshTokenProvider, TokenOptionsStrings.RefreshToken);
// Issue new refresh token to the user
await _userManager.SetAuthenticationTokenAsync(user, TokenOptionsStrings.RefreshTokenProvider, TokenOptionsStrings.RefreshToken, newRefreshToken);
ApplicationToken token = await Token.GenerateJwt(user.UserName, identity, this._jwtFactory, this._jwtOptions, this._jsonSerializerSettings);
Utilities.CookieUtility.GenerateHttpOnlyCookie(Response, TokenOptionsStrings.ApplicationToken, token);
return(new OkObjectResult(token));
}
public async Task <IActionResult> LoginDriver([FromBody] CreditionalsDto credentials)
{
if (!ModelState.IsValid)
{
return(BadRequest(ModelState));
}
var identity = await GetClaimsIdentity(credentials.UserName, credentials.Password);
if (identity == null)
{
return(BadRequest(Errors.AddErrorToModelState("login_failure", "Invalid username or password.", ModelState)));
}
// Ensure the email is confirmed.
var driver = _userRepository.GetDriverByIdentityId(identity.Claims.Single(c => c.Type == Constants.Strings.JwtClaimIdentifiers.Id).Value);
if (driver == null)
{
return(NotFound());
}
var ip = _httpContextAccessor.HttpContext.Connection.RemoteIpAddress.ToString();
var userAgent = _httpContextAccessor.HttpContext.Request.Headers["User-Agent"];
var jwt = await Tokens.GenerateJwt(identity, _jwtFactory, credentials.UserName, _jwtOptions, driver.Id, ip, userAgent);
return(Ok(JsonConvert.DeserializeObject(jwt)));
}
public async Task <IActionResult> Post([FromBody] VerifyPhoneNumberViewModel model)
{
ApplicationUser currentUser = await _userManager.FindByIdAsync(model.UserId);
if (currentUser == null)
{
return(BadRequest(Errors.AddErrorToModelState("user loading failure", "Unable to load user", ModelState)));
}
var result = await _userManager.VerifyChangePhoneNumberTokenAsync(currentUser, model.Code, model.PhoneNumber);
if (result)
{
//change PhoneNumber, PhoneNumberConfirmed fields
currentUser.PhoneNumber = model.PhoneNumber;
currentUser.PhoneNumberConfirmed = true;
await _userManager.UpdateAsync(currentUser);
return(new OkResult());
}
else
{
return(BadRequest(Errors.AddErrorToModelState("verify phone number failure", "Invalid code.", ModelState)));
}
}
