public async Task <ApiResponse <bool> > Verify(Guid tcid, string token)
{
Guard.Against.NullOrWhiteSpace(token, nameof(token));
Guard.Against.NullOrEmpty(tcid, nameof(tcid));
var tenantContact = await _hostRepository.GetFirstAsync <TenantContact>(tc => tc.Id == tcid,
includeProperties : "Tokens");
if (tenantContact == null)
{
return(ApiResponse <bool> .Error()); //ErrorProvider.GetError("no_tenant_contact")
}
var validToken = tenantContact.Tokens.FirstOrDefault(t => t.Value == token);
if (validToken != null && !validToken.Valid)
{
return(ApiResponse <bool> .Error()); //ErrorProvider.GetError("token_issued")
}
var validDurationPassed = validToken.CreatedOn.AddHours(24) < DateTime.Now;
if (validDurationPassed)
{
return(ApiResponse <bool> .Error()); // ErrorProvider.GetError("token_expired")
}
validToken.Valid = false;
tenantContact.EmailConfirmed = true;
_hostRepository.Update(tenantContact);
await _hostRepository.SaveAsync();
await CreateTenantResources(tenantContact.Email, tenantContact.PasswordHash);
return(ApiResponse <bool> .Success());
}
public async Task <AuthResponse> GenerateAuthResponseForUser(ApplicationUser user)
{
var tokenHandler = new JwtSecurityTokenHandler();
var secretKey = _configuration.GetSection("JwtSettings")["SecretKey"];
var tokenLifeTime = _configuration.GetSection("JwtSettings")["TokenLifeTime"];
var secretKeyBytes = Encoding.ASCII.GetBytes(secretKey);
var claims = new List <Claim>
{
new Claim(JwtRegisteredClaimNames.Sub, user.Email),
new Claim(JwtRegisteredClaimNames.Email, user.Email),
new Claim(JwtRegisteredClaimNames.Jti, Guid.NewGuid().ToString()),
new Claim(JwtCustomClaimNames.Id, user.Id.ToString()),
};
var userClaims = await _userManager.GetClaimsAsync(user);
claims.AddRange(userClaims);
var userRoles = await _userManager.GetRolesAsync(user);
foreach (var userRole in userRoles)
{
claims.Add(new Claim(ClaimTypes.Role, userRole));
var role = await _roleManager.FindByNameAsync(userRole);
if (role == null)
{
continue;
}
var roleClaims = await _roleManager.GetClaimsAsync(role);
foreach (var roleClaim in roleClaims)
{
if (claims.Contains(roleClaim))
{
continue;
}
claims.Add(roleClaim);
}
}
var tokenDescriptor = new SecurityTokenDescriptor
{
Subject = new ClaimsIdentity(claims),
Expires = DateTime.Now.Add(TimeSpan.Parse(tokenLifeTime)),
SigningCredentials =
new SigningCredentials(new SymmetricSecurityKey(secretKeyBytes), SecurityAlgorithms.HmacSha256Signature)
};
var token = tokenHandler.CreateToken(tokenDescriptor);
var newToken = _tokenFactory.GenerateToken();
var refreshToken = new RefreshToken
{
Token = newToken,
JwtId = token.Id,
ApplicationUserId = user.Id,
//ExpiresOn = DateTime.Now.AddMonths(1)
ExpiresOn = DateTime.SpecifyKind(DateTime.Now.AddMonths(1), DateTimeKind.Utc)
};
_hostRepository.Create(refreshToken);
await _hostRepository.SaveAsync();
return(new AuthResponse {
AccessToken = new AccessToken(tokenHandler.WriteToken(token),
(int)TimeSpan.Parse(tokenLifeTime).TotalMinutes),
RefreshToken = refreshToken.Token
});
}
