public async Task <AuthResponse> Handle(OTPLoginCommand request, CancellationToken cancellationToken)
{
var response = new AuthResponse {
Status = new APIResponseStatus {
IsSuccessful = true, Message = new APIResponseMessage()
}
};
try
{
var lockoutSetting = new List <ScrewIdentifierGrid>();
var cachedSetting = await _cacheService.GetCacheResponseAsync(CacheKeys.AuthSettings);
if (!string.IsNullOrEmpty(cachedSetting))
{
lockoutSetting = JsonConvert.DeserializeObject <List <ScrewIdentifierGrid> >(cachedSetting);
}
else
{
lockoutSetting = await _dataContext.ScrewIdentifierGrid.ToListAsync();
}
await _cacheService.CatcheResponseAsync(CacheKeys.AuthSettings, lockoutSetting, TimeSpan.FromSeconds(3600));
var user = await _userManager.FindByEmailAsync(request.Email);
await _measure.RemoveOtpAsync(request.OTP);
var result = await _service.LoginAsync(user);
var measure = Measures.CollectAsMuchAsPossible(user, result, request);
await _measure.GetMeasuresAsync(measure);
var session = _dataContext.SessionChecker.Find(user.Id);
if (session != null)
{
session.LastRefreshed = DateTime.UtcNow.Add(lockoutSetting.FirstOrDefault(v => v.Module == (int)Modules.CENTRAL).InActiveSessionTimeout);
session.Userid = user.Id;
session.Module = (int)Modules.CENTRAL;
_dataContext.Entry(session).CurrentValues.SetValues(session);
await _dataContext.SaveChangesAsync();
}
response.Token = result.Token;
response.RefreshToken = result.RefreshToken;
return(response);
}
catch (Exception ex)
{
response.Status.Message.FriendlyMessage = ex?.Message ?? ex?.InnerException?.Message;
response.Status.Message.TechnicalMessage = ex.ToString();
return(response);
}
}
public async Task OnActionExecutionAsync(ActionExecutingContext context, ActionExecutionDelegate next)
{
var response = new MiddlewareResponse {
Status = new APIResponseStatus {
IsSuccessful = false, Message = new APIResponseMessage()
}
};
using (var scope = context.HttpContext.RequestServices.CreateScope())
{
try
{
IServiceProvider scopedServices = scope.ServiceProvider;
RedisCacheSettings redisSettings = scopedServices.GetRequiredService <RedisCacheSettings>();
if (!redisSettings.Enabled)
{
await next();
return;
}
DataContext _dataContext = scopedServices.GetRequiredService <DataContext>();
IResponseCacheService responseCacheService = scopedServices.GetRequiredService <IResponseCacheService>();
var cacheKey = Cache.GenerateCacheKeyFromRequest(context.HttpContext.Request);
if (context.HttpContext.Request.Method != "GET")
{
await responseCacheService.ResetCacheAsync(cacheKey);
}
var cachedResponse = await responseCacheService.GetCacheResponseAsync(cacheKey);
if (!string.IsNullOrEmpty(cachedResponse))
{
var contentResult = new ContentResult
{
Content = cachedResponse,
ContentType = "application/json",
StatusCode = 200
};
context.Result = contentResult;
return;
}
var executedContext = await next();
if (executedContext.Result is OkObjectResult okObjectResult)
{
await responseCacheService.CatcheResponseAsync(cacheKey, okObjectResult, TimeSpan.FromSeconds(1000));
context.HttpContext.Response.StatusCode = 200;
context.Result = new OkObjectResult(okObjectResult);
return;
}
await next();
}
catch (Exception ex)
{
context.HttpContext.Response.StatusCode = 500;
response.Status.IsSuccessful = false;
response.Status.Message.FriendlyMessage = ex.Message;
response.Status.Message.TechnicalMessage = ex.ToString();
context.Result = new InternalServerErrorObjectResult(response);
return;
}
}
}
public async Task <Responder> Handle(AuthSettupCreate request, CancellationToken cancellationToken)
{
var response = new Responder {
Status = new APIResponseStatus {
IsSuccessful = true, Message = new APIResponseMessage()
}
};
try
{
var domain = _security.ScrewIdentifierGrid.FirstOrDefault(t => t.Media == request.Media && request.Module == t.Module);
var other = _security.ScrewIdentifierGrid.FirstOrDefault(t => t.Media != request.Media && request.Module == t.Module);
domain.ActiveOnMobileApp = request.ActiveOnMobileApp;
domain.ActiveOnWebApp = request.ActiveOnWebApp;
domain.ActiveDirectory = request.ActiveDirectory;
domain.EnableLoginFailedLockout = request.EnableLoginFailedLockout;
domain.InActiveSessionTimeout = TimeSpan.FromMinutes(request.InActiveSessionTimeout);
domain.NumberOfFailedLoginBeforeLockout = request.NumberOfFailedLoginBeforeLockout;
domain.PasswordUpdateCycle = request.PasswordUpdateCycle;
domain.SecuritySettingActiveOnMobileApp = request.SecuritySettingActiveOnMobileApp;
domain.SecuritySettingsActiveOnWebApp = request.SecuritySettingsActiveOnWebApp;
domain.ShouldAthenticate = request.ShoulAthenticate;
domain.UseActiveDirectory = request.UseActiveDirectory;
domain.ShouldRetryAfterLockoutEnabled = request.ShouldRetryAfterLockoutEnabled;
domain.RetryTimeInMinutes = TimeSpan.FromMinutes(request.RetryTimeInMinutes);
domain.EnableRetryOnMobileApp = request.EnableRetryOnMobileApp;
domain.EnableRetryOnWebApp = request.EnableRetryOnWebApp;
domain.EnableLoadBalance = request.EnableLoadBalance;
domain.LoadBalanceInHours = request.LoadBalanceInHours;
_security.Entry(domain).CurrentValues.SetValues(domain);
other.ActiveDirectory = request.ActiveDirectory;
other.EnableLoginFailedLockout = request.EnableLoginFailedLockout;
other.InActiveSessionTimeout = TimeSpan.FromMinutes(request.InActiveSessionTimeout);
other.NumberOfFailedLoginBeforeLockout = request.NumberOfFailedLoginBeforeLockout;
other.PasswordUpdateCycle = request.PasswordUpdateCycle;
other.SecuritySettingActiveOnMobileApp = request.SecuritySettingActiveOnMobileApp;
other.SecuritySettingsActiveOnWebApp = request.SecuritySettingsActiveOnWebApp;
other.UseActiveDirectory = request.UseActiveDirectory;
other.ShouldRetryAfterLockoutEnabled = request.ShouldRetryAfterLockoutEnabled;
other.RetryTimeInMinutes = TimeSpan.FromMinutes(request.RetryTimeInMinutes);
other.EnableRetryOnMobileApp = request.EnableRetryOnMobileApp;
other.EnableRetryOnWebApp = request.EnableRetryOnWebApp;
other.EnableLoadBalance = request.EnableLoadBalance;
other.LoadBalanceInHours = request.LoadBalanceInHours;
_security.Entry(other).CurrentValues.SetValues(other);
using (var trans = await _security.Database.BeginTransactionAsync())
{
try
{
if (domain.Module == (int)Modules.CENTRAL)
{
var allUser = await _security.Users.ToListAsync();
if (allUser.Count() > 0)
{
foreach (var user in allUser)
{
user.NextPasswordChangeDate = DateTime.UtcNow.AddDays(domain.PasswordUpdateCycle);
}
}
}
await _security.SaveChangesAsync();
await trans.CommitAsync();
}
catch (Exception e)
{
await trans.RollbackAsync();
response.Status.Message.FriendlyMessage = e?.Message;
response.Status.IsSuccessful = false;
return(response);
}
finally { await trans.DisposeAsync(); }
}
var authsetting = await _security.ScrewIdentifierGrid.ToListAsync();
await _cacheService.ResetCacheAsync(CacheKeys.AuthSettings);
await _cacheService.CatcheResponseAsync(CacheKeys.AuthSettings, authsetting, TimeSpan.FromSeconds(3600));
response.ResponderId = domain.ScrewIdentifierGridId;
response.Status.IsSuccessful = true;
return(response);
}
catch (Exception ex)
{
return(response);
}
}
public async Task <LogingFailedRespObj> CheckForFailedTrailsAsync(bool isSuccessful, int module, string userid)
{
var usergent = string.Empty;
if (string.IsNullOrEmpty(userid))
{
usergent = _detectionService.UserAgent.ToLower().Trim();
}
else
{
usergent = userid;
}
var response = new LogingFailedRespObj {
IsSecurityQuestion = false, Status = new APIResponseStatus {
IsSuccessful = true, Message = new APIResponseMessage()
}
};
var lockoutSetting = new List <ScrewIdentifierGrid>();
var cachedSetting = await _cacheService.GetCacheResponseAsync(CacheKeys.AuthSettings);
if (!string.IsNullOrEmpty(cachedSetting))
{
lockoutSetting = JsonConvert.DeserializeObject <List <ScrewIdentifierGrid> >(cachedSetting);
}
else
{
lockoutSetting = await _security.ScrewIdentifierGrid.ToListAsync();
}
if (lockoutSetting.Count() > 0)
{
await _cacheService.CatcheResponseAsync(CacheKeys.AuthSettings, lockoutSetting, TimeSpan.FromSeconds(3600));
}
if (_detectionService.Device.Type.ToString() == Device.Desktop.ToString() && lockoutSetting.Any(e => e.EnableLoginFailedLockout && e.EnableRetryOnWebApp && e.Module == module))
{
var setup = lockoutSetting.FirstOrDefault(e => e.EnableLoginFailedLockout && e.EnableRetryOnWebApp && e.Module == module);
var loginFailed = _security.LogingFailedChecker.FirstOrDefault(r => r.Userid == usergent);
if (isSuccessful)
{
if (loginFailed != null)
{
_security.LogingFailedChecker.Remove(loginFailed);
await _security.SaveChangesAsync();
return(response);
}
}
if (!isSuccessful)
{
if (loginFailed == null)
{
loginFailed = new LogingFailedChecker();
loginFailed.Counter = 1;
loginFailed.QuestionTimeCount = 1;
loginFailed.RetryTime = DateTime.UtcNow.Add(setup.RetryTimeInMinutes);
loginFailed.Userid = usergent;
_security.LogingFailedChecker.Add(loginFailed);
await _security.SaveChangesAsync();
return(response);
}
else
{
if (loginFailed.QuestionTimeCount >= setup.NumberOfFailedAttemptsBeforeSecurityQuestions && !setup.ShouldRetryAfterLockoutEnabled && setup.Module != (int)Modules.CENTRAL)
{
response.Status.Message.FriendlyMessage = "Please proceed to answer security question";
response.IsSecurityQuestion = true;
response.Status.IsSuccessful = false;
return(response);
}
loginFailed.Counter = loginFailed.Counter + 1;
loginFailed.QuestionTimeCount = loginFailed.QuestionTimeCount + 1;
_security.Entry(loginFailed).CurrentValues.SetValues(loginFailed);
await _security.SaveChangesAsync();
if (loginFailed.Counter >= setup.NumberOfFailedLoginBeforeLockout)
{
var timeRemain = (loginFailed.RetryTime - DateTime.UtcNow).Minutes + 1;
if (DateTime.UtcNow < loginFailed.RetryTime)
{
string TimeVariable = string.Empty;
TimeVariable = $"{timeRemain} minutes";
if (timeRemain == 1)
{
TimeVariable = $"{(loginFailed.RetryTime - DateTime.UtcNow).Seconds} seconds";
}
response.Status.IsSuccessful = false;
response.UnLockAt = loginFailed.RetryTime;
response.Status.Message.FriendlyMessage = $"Please retry after {TimeVariable}";
return(response);
}
else
{
loginFailed.Counter = 0;
loginFailed.QuestionTimeCount = loginFailed.QuestionTimeCount + 1;
_security.Entry(loginFailed).CurrentValues.SetValues(loginFailed);
await _security.SaveChangesAsync();
return(response);
}
}
loginFailed.RetryTime = DateTime.UtcNow.Add(setup.RetryTimeInMinutes);
loginFailed.Userid = usergent;
loginFailed.QuestionTimeCount = loginFailed.QuestionTimeCount + 1;
_security.Entry(loginFailed).CurrentValues.SetValues(loginFailed);
await _security.SaveChangesAsync();
return(response);
}
}
}
if (_detectionService.Device.Type.ToString() == Device.Mobile.ToString() &&
lockoutSetting.Any(e => e.EnableLoginFailedLockout && e.EnableRetryOnMobileApp && e.Module == module))
{
var setup = lockoutSetting.FirstOrDefault(e => e.EnableLoginFailedLockout && e.EnableRetryOnMobileApp && e.Module == module);
if (setup != null)
{
var failedCached = _security.LogingFailedChecker.FirstOrDefault(r => r.Userid == usergent);
if (isSuccessful)
{
if (failedCached != null)
{
_security.LogingFailedChecker.Remove(failedCached);
await _security.SaveChangesAsync();
return(response);
}
}
if (!isSuccessful)
{
var loginFailed = _security.LogingFailedChecker.Find(usergent);
if (loginFailed == null)
{
loginFailed = new LogingFailedChecker();
loginFailed.Counter = 1;
loginFailed.QuestionTimeCount = 1;
loginFailed.RetryTime = DateTime.UtcNow.Add(setup.RetryTimeInMinutes);
loginFailed.Userid = usergent;
_security.LogingFailedChecker.Add(loginFailed);
await _security.SaveChangesAsync();
return(response);
}
else
{
if (loginFailed.QuestionTimeCount >= setup.NumberOfFailedAttemptsBeforeSecurityQuestions && !setup.ShouldRetryAfterLockoutEnabled && setup.Module != (int)Modules.CENTRAL)
{
response.Status.Message.FriendlyMessage = "Please proceed to answer security question";
response.IsSecurityQuestion = true;
response.Status.IsSuccessful = false;
return(response);
}
loginFailed.Counter = loginFailed.Counter + 1;
loginFailed.QuestionTimeCount = loginFailed.QuestionTimeCount + 1;
_security.Entry(loginFailed).CurrentValues.SetValues(loginFailed);
await _security.SaveChangesAsync();
if (loginFailed.Counter >= setup.NumberOfFailedLoginBeforeLockout)
{
var timeRemain = (loginFailed.RetryTime - DateTime.UtcNow).Minutes + 1;
if (DateTime.UtcNow < loginFailed.RetryTime)
{
string TimeVariable = string.Empty;
TimeVariable = $"{timeRemain} minutes";
if (timeRemain == 1)
{
TimeVariable = $"{(loginFailed.RetryTime - DateTime.UtcNow).Seconds} seconds";
}
response.Status.IsSuccessful = false;
response.UnLockAt = loginFailed.RetryTime;
response.Status.Message.FriendlyMessage = $"Please retry after {TimeVariable}";
return(response);
}
else
{
loginFailed.Counter = 0;
loginFailed.QuestionTimeCount = loginFailed.QuestionTimeCount + 1;
_security.Entry(loginFailed).CurrentValues.SetValues(loginFailed);
await _security.SaveChangesAsync();
return(response);
}
}
loginFailed.RetryTime = DateTime.UtcNow.Add(setup.RetryTimeInMinutes);
loginFailed.Userid = usergent;
loginFailed.QuestionTimeCount = loginFailed.QuestionTimeCount + 1;
_security.Entry(loginFailed).CurrentValues.SetValues(loginFailed);
await _security.SaveChangesAsync();
return(response);
}
}
}
}
return(response);
}
public async Task <AuthResponse> Handle(LoginCommand request, CancellationToken cancellationToken)
{
var response = new AuthResponse {
Status = new APIResponseStatus {
IsSuccessful = true, Message = new APIResponseMessage()
}
};
try
{
if (!await _measure.ReturnStatusAsync(request.UserName))
{
response.Status.IsSuccessful = false;
return(response);
}
var lockoutSetting = new List <ScrewIdentifierGrid>();
var cachedSetting = await _cacheService.GetCacheResponseAsync(CacheKeys.AuthSettings);
if (!string.IsNullOrEmpty(cachedSetting))
{
lockoutSetting = JsonConvert.DeserializeObject <List <ScrewIdentifierGrid> >(cachedSetting);
}
else
{
lockoutSetting = await _securityContext.ScrewIdentifierGrid.ToListAsync();
}
await _cacheService.CatcheResponseAsync(CacheKeys.AuthSettings, lockoutSetting, TimeSpan.FromSeconds(86400));
if (!await IsPasswordCharactersValid(request.Password))
{
response.Status.IsSuccessful = false;
response.Status.Message.FriendlyMessage = "Invalid Password";
return(response);
}
if (!await UserExist(request))
{
response.Status.IsSuccessful = false;
response.Status.Message.FriendlyMessage = "User does not exist";
return(response);
}
if (!await IsValidPassword(request))
{
response.Status.IsSuccessful = false;
response.Status.Message.FriendlyMessage = "User/Password Combination is wrong";
return(response);
}
var user = await _userManager.FindByNameAsync(request.UserName);
var otp = await OTPOptionsAsync(user.Id);
if (otp.Status.IsSuccessful)
{
otp.Status.Message.MessageId = user.Email;
return(otp);
}
var result = await _service.LoginAsync(user);
var measure = Measures.CollectAsMuchAsPossible(user, result, _detectionService);
var res = await _measure.GetMeasuresAsync(measure);
await ReplaceDeviceAsync(user.Id, measure.Token);
var session = _securityContext.SessionChecker.Find(user.Id);
if (session != null)
{
session.LastRefreshed = DateTime.UtcNow.Add(lockoutSetting.FirstOrDefault(v => v.Module == (int)Modules.CENTRAL).InActiveSessionTimeout);
session.Userid = user.Id;
session.Module = (int)Modules.CENTRAL;
_securityContext.Entry(session).CurrentValues.SetValues(session);
await _securityContext.SaveChangesAsync();
}
response.Token = result.Token;
response.RefreshToken = result.RefreshToken;
return(response);
}
catch (Exception ex)
{
response.Status.Message.FriendlyMessage = ex?.Message ?? ex?.InnerException?.Message;
response.Status.Message.TechnicalMessage = ex.ToString();
return(response);
}
}
