private async Task GenerateToken(HttpContext context) { var serializer = new JsonSerializer(); LoginInfo loginModel; using (var stream = new StreamReader(context.Request.Body)) using (var jsonStream = new JsonTextReader(stream)) { loginModel = (LoginInfo)serializer.Deserialize(jsonStream, typeof(LoginInfo)); } if (loginModel == null) { context.Response.StatusCode = 400; await context.Response.WriteAsync("Username or Password is empty."); return; } var identity = await options.IdentityResolver(loginModel); if (identity == null || identity.User == null) { context.Response.StatusCode = 400; await context.Response.WriteAsync("Invalid username or password."); return; } var token = JwtTokenProducer.Produce(identity, options); context.Response.ContentType = "application/json"; await context.Response.WriteAsync(JsonConvert.SerializeObject(token, serializerSettings)); }
public async Task<JwtResponse> RefreshJwt(ApplicationUser user) { var jwtIdentity = await CreateJwt(user); var refreshToken = identityProvider.GenerateRefreshToken(jwtIdentity); jwtIdentity.RefreshToken = refreshToken; var options = JwtTokenProducer.InitializeOptions(configuration); return JwtTokenProducer.Produce(jwtIdentity, options); }
private async Task GenerateToken(HttpContext context) { var serializer = new JsonSerializer(); RefreshToken refreshToken; using (var stream = new StreamReader(context.Request.Body)) using (var jsonStream = new JsonTextReader(stream)) { refreshToken = (RefreshToken)serializer.Deserialize(jsonStream, typeof(RefreshToken)); } if (refreshToken == null || string.IsNullOrWhiteSpace(refreshToken.Token)) { context.Response.StatusCode = 400; await context.Response.WriteAsync("User must relogin."); return; } JwtIdentity identity; try { identity = await options.RefreshTokenResolver(refreshToken.Token); } catch (Exception ex) { context.Response.StatusCode = 400; await context.Response.WriteAsync(ex.Message); return; } var user = identity.User; var token = JwtTokenProducer.Produce(identity, options); if (token == null) { context.Response.StatusCode = 400; await context.Response.WriteAsync("refreshToken is missing."); return; } context.Response.ContentType = "application/json"; await context.Response.WriteAsync(JsonConvert.SerializeObject(token, serializerSettings)); }
public async Task<JwtResponse> CompleteUserVerification(ApplicationUser user, string phoneNumber, string code) { var result = await userManager.ChangePhoneNumberAsync(user, phoneNumber, code); if (result.Succeeded) { //CHECK: looks like I don't need it anymore (most likely uses cookie) //await signInManager.SignInAsync(user, isPersistent: false); //TODO: rethink this approach await AddClaim(user, ApplicationClaims.Verified); var jwtIdentity = await CreateJwt(user); var refreshToken = identityProvider.GenerateRefreshToken(jwtIdentity); jwtIdentity.RefreshToken = refreshToken; var options = JwtTokenProducer.InitializeOptions(configuration); return JwtTokenProducer.Produce(jwtIdentity, options); } logger.LogError($"Failed to complete user {user.UserName} verification with ex: {result.Errors.First().Description}."); return null; }