public async Task <IHttpActionResult> SignIn(SignInViewModel model)
{
var token = await WebApiService.Instance.AuthenticateAsync <TokenViewModel>(model.Email, model.Password);
var loginInfo = token.LoginInfo;
token.LoginInfo = null;//remove logininfo as it increases token cookie size
token.UserId = loginInfo.UserId;
var tokenConfig = TokenConfig.GetToken();
tokenConfig.UpdateTokenSession(token);
var userPages = await WebApiService.Instance.GetAsync <List <UserPageViewModel> >($"UserPage/Get?id={token.UserId}");
var notificationCount = await WebApiService.Instance.PostAsync <int>($"Notification/Count", loginInfo);
var settings = await WebApiService.Instance.GetAsync <List <SettingViewModel> >($"AccessibleToViewSetting/List");
var isHLM = await WebApiService.Instance.GetAsync <bool>($"general/ishlm?roleid={loginInfo.RoleId}");
return(Ok(new
{
Token = GeneralService.EncryptText(token.AccessToken),
UserInfo = loginInfo,
UserPages = userPages,
NotificationCount = notificationCount,
Settings = settings,
IsHLM = isHLM
}));
}
public static async Task SendPasswordResetEmail(this ApplicationUserManager userManager, UserViewModel user, EmailTemplate emailTemplate = EmailTemplate.ResetPassword, string subject = "MBOS : Password reset")
{
var code = await userManager.GeneratePasswordResetTokenAsync(user.Id);
NameValueCollection nvc = new NameValueCollection()
{
{ "code", code }, { "userid", GeneralService.EncryptText(user.Id.ToString()) }
};
EmailRequestWithUrl <UserViewModel> model = new EmailRequestWithUrl <UserViewModel>()
{
Url = GeneralHelper.BuildUrl("/resetpassword", nvc),
Model = user
};
var mailBody = userManager.EmailComposer.GetMailContent(model, emailTemplate);
await userManager.SendEmailAsync(user.Id, subject, mailBody);
}
public override void OnActionExecuting(HttpActionContext actionContext)
{
var tokenHeader = HttpContext.Current.Request[X_TOKEN_NAME] ?? "";
if (!actionContext.ModelState.IsValid)
{
actionContext.Response = actionContext.Request.CreateResponse(HttpStatusCode.BadRequest, actionContext.ModelState);
return;
}
if (actionContext.ActionDescriptor.GetCustomAttributes <AllowAnonymousAttribute>().Any() ||
actionContext.ActionDescriptor.ControllerDescriptor.GetCustomAttributes <AllowAnonymousAttribute>().Any())
{
return;
}
var request = actionContext.Request;
var tokenConfig = TokenConfig.GetToken();
var accessToken = tokenConfig.GetTokenItems().AccessToken;
if (string.IsNullOrEmpty(accessToken))
{
actionContext.Response = actionContext.Request.CreateResponse(
HttpStatusCode.Forbidden,
new { Success = false, Message = "Session expired." },
actionContext.ControllerContext.Configuration.Formatters.JsonFormatter
);
return;
}
if ((request.Headers.Contains(X_TOKEN_NAME) &&
request.Headers.GetValues(X_TOKEN_NAME).First() == GeneralService.EncryptText(accessToken)) ||
(tokenHeader != "" && tokenHeader == GeneralService.EncryptText(accessToken)))
{
tokenConfig.UpdateTokenExpireTime();
return;
}
actionContext.Response = actionContext.Request.CreateResponse(
HttpStatusCode.Unauthorized,
new { Success = false, Message = "Unauthorized access." },
actionContext.ControllerContext.Configuration.Formatters.JsonFormatter
);
}
