private async Task CreateSessionAsync(Guid sessionId, User user,
string ipAddress = null, string userAgent = null)
{
var session = new UserSession(sessionId, user.UserId,
_encrypter.GetRandomSecureKey(), ipAddress, userAgent);
await _userSessionRepository.AddAsync(session);
}
public async Task <Result <SignInResult> > Handle(SignInCommand request, CancellationToken cancellationToken)
{
try
{
var checkPassword = await _userService.CheckPasswordAsync(request.UserName, request.Password);
if (!checkPassword.Succeeded)
{
Error error;
if (checkPassword.Errors != null && checkPassword.Errors.Any())
{
var identityError = checkPassword.Errors.First();
error = new Error(identityError.Code, identityError.Description);
}
else
{
error = Error.Default();
}
return(Result <SignInResult> .Fail(error));
}
var authTime = DateTime.Now;
var claims = _jwtService.GetJwtClaims(request.UserName, authTime).ToList();
var jwt = _jwtService.GenerateJsonWebToken(claims);
var userSession = new UserSession(jwt.AccessToken, jwt.RefreshToken, request.UserName)
{
AccessTokenExpiresAt = _jwtService.GetAccessTokenExpirationTime(),
RefreshTokenExpiresAt = _jwtService.GetRefreshTokenExpirationTime()
};
await _userSessionRepository.AddAsync(userSession);
return(Result <SignInResult> .Success(new SignInResult(jwt.AccessToken, jwt.RefreshToken)));
}
catch (Exception e)
{
_logger.LogError(e, e.Message);
return(Result <SignInResult> .Fail(Error.Default()));
}
}
public async Task <TokenModel> SignInAsync(LoginModel loginModel)
{
_serviceLogger.Info("User Login {$loginModel}", loginModel.ToJson());
var user = await _userManager.FindByNameAsync(loginModel.Username);
if (user != null)
{
var validationResult = await _signInManager.PasswordSignInAsync(user, loginModel.Password, false, true);
if (validationResult.Succeeded)
{
var userClaims = await _userManager.GetClaimsAsync(user);
var token = SignedToken(userClaims);
// Create UserSession
var userSession = new UserSession
{
Id = DataUtil.GenerateUniqueId(),
RequestIpAddress = loginModel.ClientIp,
SoftwareAgent = loginModel.SoftwareAgent,
InstalledVersion = loginModel.VersionInstalled,
SignInDate = DateTime.UtcNow,
UserId = user.Id,
Username = user.Username,
UserActivities = new List <UserActivity>
{
new UserActivity
{
Id = DataUtil.GenerateUniqueId(),
ActivityName = "USER_SIGNIN",
Content = "Signin successfully",
ActivityDate = DateTime.UtcNow,
ActivityType = ActivityType.Info
}
}
};
await _userSessionRepository.AddAsync(userSession);
// Create refresh token
var expToken = DateTime.UtcNow.AddMinutes(_jwtBearerOptions.CurrentValue.TokenExpiration);
var expRefreshToken = DateTime.UtcNow.AddMinutes(_jwtBearerOptions.CurrentValue.RefreshTokenExpiration);
var issuedToken = new IssuedToken
{
Id = DataUtil.GenerateUniqueId(),
UserId = user.Id,
JwtToken = token,
ExpiredJwtToken = expToken,
ExpiredRefreshToken = expRefreshToken,
RefreshToken = CryptoUtil.ToSHA256(Guid.NewGuid().ToString()),
UserSessionId = userSession.Id,
Deactive = false
};
await _issuedTokenRepository.AddAsync(issuedToken);
_serviceLogger.Info("User Login Successfully {$issuedToken}", issuedToken.ToJson());
return(new TokenModel
{
Token = token,
Exp = ((DateTimeOffset)expToken).ToUnixTimeSeconds(),
ExpRefresh = ((DateTimeOffset)expRefreshToken).ToUnixTimeSeconds(),
RefreshToken = issuedToken.RefreshToken,
UserSessionId = userSession.Id
});
}
}
throw new IdentityException(ErrorCodes.CannotSignIn);
}
