private dynamic CreateToken(LoginApiModel model)
{
var claims = new List <Claim> //using System.Security.Claims;
{
new Claim(JwtRegisteredClaimNames.Sub, model.Id.ToString()),
new Claim(ClaimTypes.Role, Enum.GetName(typeof(Roles), model.Role)), // ROLES !!!
new Claim(JwtRegisteredClaimNames.Nbf, new DateTimeOffset(DateTime.Now).ToUnixTimeSeconds().ToString()), //using System.IdentityModel.Tokens.Jwt;
new Claim(JwtRegisteredClaimNames.Exp, new DateTimeOffset(DateTime.Now.AddDays(1)).ToUnixTimeSeconds().ToString())
};
var token = new JwtSecurityToken(
new JwtHeader(
new SigningCredentials(
new SymmetricSecurityKey(
Encoding.UTF8.GetBytes("NobodyWillGuessMeLOL")), SecurityAlgorithms.HmacSha256)),
new JwtPayload(claims));
var output = new
{
id = model.Id,
role = Enum.GetName(typeof(Roles), model.Role),
token = new JwtSecurityTokenHandler().WriteToken(token) // Core will return props in camelCase
};
return(output);
}
public IHttpActionResult Login(LoginApiModel data)
{
//var loginApiViewModel = _userService.LoginApi(data);
//return Ok(loginApiViewModel);
return(Ok(data));
}
public async Task <IActionResult> GetToken([FromBody] LoginApiModel model)
{
var errorMessage = "Invalid e-mail address and/or password.";
if (!ModelState.IsValid)
{
return(BadRequest(errorMessage));
}
var user = await _userManager.FindByEmailAsync(model.Email);
if (user == null)
{
return(BadRequest(errorMessage));
}
if (await _userManager.IsLockedOutAsync(user))
{
return(BadRequest(errorMessage));
}
var result = await _signInManager.PasswordSignInAsync(user, model.Password, true, true);
if (!result.Succeeded)
{
return(BadRequest(errorMessage));
}
var token = await GenerateToken(user);
return(Ok(token));
}
public bool CheckVerificationCode(LoginApiModel login)
{
var verification = _context.UserVerificationCode.Where(x => x.Expiration > DateTime.Now && x.IsActive == 1 &&
x.VerificationCode == login.Code && x.Phone == login.Phone).FirstOrDefault();
return(verification != null);
}
public List <Claim> GetIdentity(LoginApiModel loginApiModel)
{
var loginModelDto = _mapper.Map <LoginModelDto>(loginApiModel);
UserDto userDto;
try
{
userDto = _accountService.Login(loginModelDto);
}
catch (ServiceException)
{
return(null);
}
var role = userDto.Roles.FirstOrDefault();
var claims = new List <Claim>
{
new Claim(ClaimTypes.Role, role),
new Claim(ClaimTypes.Email, loginApiModel.Email),
new Claim("userId", userDto.Id.ToString())
};
return(claims);
}
public IHttpActionResult Login(LoginApiModel loginApiModel)
{
if (loginApiModel == null)
{
return(BadRequest());
}
if (!ModelState.IsValid)
{
return(BadRequest(ModelState));
}
if (AuthenticationProvider.ValidateUser(loginApiModel.Username, loginApiModel.Password, RoleEnum.User))
{
var token = AuthenticationProvider.GenerateApiTokenUser(loginApiModel.Username);
var result = new LoginApiResultModel()
{
Token = token.Token,
UserId = token.UserId
};
return(Ok(result));
}
return(Content(HttpStatusCode.Unauthorized, new { Message = "Invalid user name or password" }));;
}
public int Login(LoginApiModel login)
{
if (login == null)
{
throw new Exception();
}
bool usuarioValidado = usuarioCoordinator.ValidarUsuario(login.Email);
if (!usuarioValidado)
{
throw new Exception();
}
UsuarioApiModel usuario = usuarioCoordinator.ObtenerUsuarioPorMail(login.Email);
bool passwordValida = secureService.ValidarPassword(login.Password, usuario.IdUsuario);
if (!passwordValida)
{
throw new Exception();
}
if (usuarioValidado && passwordValida)
{
return(usuario.IdUsuario);
}
throw new Exception();
}
public async Task <ResponseModel> LoginUser(LoginModel loginModel)
{
ResponseModel result = new ResponseModel();
User user = null;
if (!string.IsNullOrWhiteSpace(loginModel.Email))
{
user = _userRepo.GetUserByEmailAsync(loginModel.Email, true);
}
if (user == null)
{
result.Error = ErrorMessageCode.USER_NOT_FOUND;
result.Status = HttpStatusCode.NotFound;
return(result);
}
if (user.IsDeactivate)
{
result.Error = ErrorMessageCode.USER_IS_DEACTIVATE;
result.Status = HttpStatusCode.Forbidden;
return(result);
}
try
{
var passcode = UtilCommon.GeneratePasscode(loginModel.PassCode, user.Salt);
var expireToken = 1;
if (passcode.Equals(user.PassCode))
{
result.Status = System.Net.HttpStatusCode.OK;
LoginApiModel data = new LoginApiModel();
data.IsFirstLogin = user.IsFirstLogin;
data.Token = _jwtHandler.Create(user.Id.ToString(), expireToken, user.Role);
data.Avatar = UtilCommon.GetDisplayImageUrl(user.Avatar);
data.FullName = user.FullName;
data.Role = user.Role;
data.UserId = user.Id;
result.Data = data;
await _userRepo.UpdateAsync(user);
return(result);
}
else
{
result.Error = ErrorMessageCode.PASSWORD_INCORRECT;
result.Status = System.Net.HttpStatusCode.NotFound;
var date = DateTime.UtcNow;
return(result);
}
}
catch (Exception ex)
{
result.Error = ex.ToString();
result.Status = System.Net.HttpStatusCode.NotImplemented;
return(result);
}
}
private IDictionary <string, string> CreateDictionaryFromLoginModelAndAddGrantType
(LoginApiModel model, string grantType)
{
var dictionary = model.AsDictionary();
dictionary.Add("grant_type", grantType);
return(dictionary);
}
public async Task <ActionResult <SignInApiModel> > Authentication(LoginApiModel model)
{
var user = await _service.AuthenticationAsync(model.Login, model.Password, model.ContactType);
var signIn = await _service.GenerateSignInResponseAsync(user);
return(SuccessResult(signIn));
}
public async Task <ActionResult <SignInApiModel> > SignInByEmail(LoginApiModel model)
{
var user = await _service.Login(model.Login, model.Password, UserContactTypeEnum.email);
var signIn = await GetTokenApiModel(user);
return(SuccessResult(signIn));
}
public async Task <ActionResult <ApiResultDataModel> > LoginAsync([FromBody] LoginApiModel model)
{
if (ValidateModel() == false)
{
return(new ApiResultDataModel(_ValidateModelErrors));
}
// 验证验证码
string validateCode = _ValidateCodeHelper.GetValidateCode();
if (!string.Equals(validateCode, model.VaildCode, StringComparison.OrdinalIgnoreCase))
{
return(new ApiResultDataModel()
{
IsSuccess = false, Message = "验证码错误"
});
}
LoginInput input = new LoginInput()
{
Username = model.AccountID,
Password = model.Password,
TenantId = _AbpSession.TenantId,
};
var output = await _AccountAppService.Login(input);
if (output.AbpLoginResult.Result == AbpLoginResultType.InvalidUserNameOrEmailAddress)
{
return(new ApiResultDataModel()
{
IsSuccess = false, Message = "用户名或密码错误"
});
}
if (output.AbpLoginResult.Result == AbpLoginResultType.InvalidPassword)
{
return(new ApiResultDataModel()
{
IsSuccess = false, Message = "密码错误"
});
}
IdentityUser user = output.AbpLoginResult.User;
// 触发IdentityService用户登录成功事件
await _Events.RaiseAsync(new UserLoginSuccessEvent(user.UserName, user.Id.ToString(), user.Name));
string jwtToken = _JwtTokenHandler.CreateToken(user, WebConfiguration.SymmetricKey);
return(new ApiResultDataModel()
{
IsSuccess = true, Value = new
{
access_token = jwtToken,
token_type = "Bearer"
}
});
}
public async Task <IHttpActionResult> Post(LoginApiModel loginApiModel)
{
var userManager = HttpContext.Current.GetOwinContext().GetUserManager <ApplicationUserManager>();
User user = await userManager.FindAsync(loginApiModel.UserName, loginApiModel.Password);
if (user == null)
{
return(BadRequest("could not find user"));
}
return(Ok(user));
}
public async Task Login(LoginApiModel model)
{
var tokens = await _accountService.LoginUserAsync(model);
await _jSRuntime.SetInLocalStorage(jwtKey, tokens.Token);
await _jSRuntime.SetInLocalStorage(tokenRefreshKey, tokens.RefreshToken);
var authState = BuildAuthenticationState(tokens.Token);
NotifyAuthenticationStateChanged(Task.FromResult(authState));
}
public async Task <HttpResponseMessage> TryAuthorize(LoginApiModel model)
{
using (var client = new HttpClient())
{
client.BaseAddress = new Uri(BaseAddress);
var dictionary = CreateDictionaryFromLoginModelAndAddGrantType(model, "password");
var content = new FormUrlEncodedContent(dictionary);
var response = await client.PostAsync(_tokenUrl, content);
return(response);
}
}
public ActionResult <int> Login([FromBody] LoginApiModel login)
{
try
{
var result = loginCoordinator.Login(login);
return(StatusCode(200, result));
}
catch (Exception)
{
return(StatusCode(403));
}
}
public object Login(string username, string pincode)
{
LoginApiModel model = new LoginApiModel();
if (new LoginAPIBuilder().Login(username, Convert.ToInt32(pincode)))
{
model.Result = true;
return(Json(model));
}
else
{
model.Result = false;
return(Json(model));
}
}
public IActionResult Login([FromBody] loginModel model)
{
string message = "Email Adresi hatalı veya kayıtlı değil";
if (string.IsNullOrEmpty(model.email))
{
return(BadRequest("Kullanıcı Adı Boş Bırakılamaz"));
}
if (string.IsNullOrEmpty(model.password))
{
return(BadRequest("Parola Boş Bırakılamaz"));
}
var account = _db.Set <Account>().FirstOrDefault(x => x.Email == model.email);
if (account == null)
{
return(BadRequest(message));
}
if ((bool)!account.isActive)
{
return(BadRequest("Hesap Aktif Değil. Aktif Etmek için Tıklayınız"));
}
var password = _db.Set <UserPassword>().FirstOrDefault(x => x.UserId == account.Id && x.Password == model.password);
if (password == null)
{
return(BadRequest("Parola Hatalı"));
}
if (!password.ActivePassword)
{
return(BadRequest("Eski Kullandığınız parolayı girdiniz. Lütfen Güncel parolanızı giriniz."));
}
var tokenString = GenerateJSONWebToken(model);
var loginApi = new LoginApiModel
{
id = account.Id,
name = account.Name,
surname = account.Surname,
token = tokenString,
role = account.Role
};
return(Json(loginApi));
}
public async Task Login(LoginApiModel loginApimodel)
{
if (ModelState.IsValid)
{
var result = await _signInManager.PasswordSignInAsync(loginApimodel.Email, loginApimodel.Password, loginApimodel.RememberMe, lockoutOnFailure : false);
if (result.Succeeded)
{
_logger.LogInformation("User logged in.");
}
else
{
_logger.LogWarning("Invalid login attempt.");
}
}
}
public async Task <LoginClientValueModel> LoginByClientAsync(LoginApiModel login)
{
var user = _tokenContext.Login(login);
var extend = await _userClientContext.GetIndexByUserIdAsync(user.Id);
if (extend == null)
{
throw new DefaultException("该账号还在维护基础资料, 请等待.");
}
return(new LoginClientValueModel
{
Client = extend.Client,
Id = user.Id,
User = extend.User,
Name = extend.Name,
});
}
public User Login(LoginApiModel login)
{
if (!_userVerificationCodeRespository.CheckVerificationCode(login))
{
throw new DefaultException("电话号码 或者 验证码不正确.");
}
var user = _userRespository.GetByPhone(login.Phone);
if (user == null)
{
throw new DefaultException("用户不存在.");
}
if (user.IsActive == 0)
{
throw new DefaultException("该用户已被冻结, 请联系管理员激活.");
}
return(user);
}
public async Task <IActionResult> Post([FromBody] LoginApiModel credentials)
{
if (!ModelState.IsValid)
{
return(BadRequest(ModelState));
}
var identity = await GetClaimsIdentity(credentials.UserName, credentials.Password);
if (identity == null)
{
return(BadRequest(Errors.AddErrorToModelState("login_failure", "Invalid username or password.", ModelState)));
}
var jwt = await identity.GenerateJwt(jwtFactory, credentials.UserName, jwtOptions, new JsonSerializerSettings { Formatting = Formatting.Indented });
return(new OkObjectResult(new { token = jwt, userName = credentials.UserName }));
}
public async Task <ActionResult <AbstractResponseApiModel> > Login([FromBody] LoginApiModel model)
{
UserDTO user = await _userService.CreateLoginToken(new UserDTO
{
Email = model.Email,
Password = model.Password
}, _jwtOptions.SecurityKey);
return(Ok(new OkResponseApiModel
{
Message = LOGIN_SUCCESS_TXT,
ResultInfo = new
{
id = user.Id,
token = user.LoginToken
}
}));
}
public JsonResult Post(LoginApiModel login)
{
var user = _userService.Login(login);
var identity = new ClaimsIdentity();
var key = Encoding.UTF8.GetBytes(_appConfig.Authentication.IssuerSigningKey);
identity.AddClaim(new Claim(ClaimTypes.Name, user.Id.ToString()));
identity.AddClaim(new Claim(ClaimTypes.Role, ((int)Portal.Admin).ToString()));
var descriptor = new SecurityTokenDescriptor
{
Subject = identity,
Expires = DateTime.UtcNow.AddYears(2),
SigningCredentials = new SigningCredentials(new SymmetricSecurityKey(key), SecurityAlgorithms.HmacSha256Signature),
Audience = _appConfig.Authentication.ValidAudience,
Issuer = _appConfig.Authentication.ValidIssuer
};
var handler = new JwtSecurityTokenHandler();
var token = handler.CreateJwtSecurityToken(descriptor);
return(Json(handler.WriteToken(token)));
}
public async Task <LoginResult> RequestToken([FromBody] LoginApiModel model)
{
try
{
var ctx = HttpContext.Current;
HttpClient client = new HttpClient();
var url = "http://" + ctx.Request.Url.Host + "/" + ctx.Request.ApplicationPath;
var baseAddress = ConfigurationManager.AppSettings.Get("BaselUrl");
Dictionary <string, string> param = new Dictionary <string, string>();
param.Add("grant_type", "password");
param.Add("username", model.UserName);
param.Add("password", model.Password);
HttpResponseMessage response = client.PostAsync(url + "/Token", new FormUrlEncodedContent(param)).Result;
if (response.IsSuccessStatusCode)
{
var JsonContent = response.Content.ReadAsStringAsync().Result;
var token = JsonConvert.DeserializeObject <RequestTokenModel>(JsonContent);
return(new LoginResult
{
IsOk = true,
Token = token.access_token,
Message = new Message("Success", MessageType.Success)
});
}
return(new LoginResult
{
IsOk = true,
Message = new Message("An Error Occured", MessageType.Error)
});
}
catch (Exception ex)
{
return(new LoginResult
{
IsOk = false,
Message = new Message(ex.Message + " " + ex.InnerException?.Message, MessageType.Error),
Token = null
});
}
}
public ActionResult Login(string returnUrl, string existingAccount, string externalIdProvider)
{
if (Context.User.IsAuthenticated)
{
return(this.Redirect("/accountmanagement"));
}
this.ViewBag.ReturnUrl = returnUrl;
var model = new LoginApiModel();
model.IsActivationFlow = !string.IsNullOrEmpty(existingAccount);
if (model.IsActivationFlow)
{
string message = string.Format(
CultureInfo.CurrentCulture,
"Congratulations! We were able to successfully link your '{0}' account with the {1} account belonging to '{2}'. Please sign in to access your account.",
Context.Site.Name,
externalIdProvider,
existingAccount);
model.Message = message;
}
List <IdentityProviderApiModel> providers = new List <IdentityProviderApiModel>();
IDictionary <string, IdentityProviderClientConfigurationElement> identityProviderDictionary = GetIdentityProvidersFromConfig();
foreach (IdentityProviderClientConfigurationElement provider in identityProviderDictionary.Values)
{
MediaItem providerImage = Context.Database.GetItem(provider.ImageUrl.OriginalString);
providers.Add(new IdentityProviderApiModel()
{
Name = provider.Name, Image = providerImage
});
}
model.Providers.AddRange(providers);
return(this.View(model));
}
public async Task <IActionResult> Login([FromBody] LoginApiModel model)
{
if (ModelState.IsValid)
{
var result = await _signInManager.PasswordSignInAsync(model.Email, model.Password, false, false);
if (result.Succeeded)
{
string userId = _userManager.Users.FirstOrDefault(x => x.Email == model.Email).Id;
return(Json(new
{
result.Succeeded,
userId
}));
}
return(Json(result));
}
return(Json(ModelState));
}
private string AttemptLogin(LoginApiModel loginObject)
{
var sessionProvider = ProviderFactory.Instance.CreateSessionServiceProvider();
var sessionValidityInSeconds = 43200;
try
{
sessionValidityInSeconds = Int32.Parse(WebConfigurationManager.AppSettings["session-valididity-in-seconds"]);
}
catch { }
return(sessionProvider.SignIn(new SignInRequest()
{
Email = loginObject.username,
Password = GenericUtils.CalculateMD5Hash(loginObject.password),
SessionDetails = new SessionDetails()
{
Timeout = sessionValidityInSeconds
},
UseDefaultTenant = true
}).SessionToken);
}
public async Task <ActionResult <object> > LoginAsync([FromBody] LoginApiModel model)
{
LoginInput input = new LoginInput()
{
Username = model.AccountID,
Password = model.Password,
TenantId = _AbpSession.TenantId,
};
var output = await _AccountAppService.Login(input);
if (output.AbpLoginResult.Result == AbpLoginResultType.InvalidUserNameOrEmailAddress)
{
throw new UserFriendlyException("用户名或密码错误");
}
if (output.AbpLoginResult.Result == AbpLoginResultType.InvalidPassword)
{
throw new UserFriendlyException("密码错误");
}
IdentityUser user = output.AbpLoginResult.User;
UserClaimInfo userClaimInfo = new UserClaimInfo(user.Id.ToString(), user.Permissions)
{
Name = user.Name,
UserName = user.UserName
};
string jwtToken = _JwtTokenHandler.CreateToken(userClaimInfo, WebConfiguration.SymmetricKey);
return(new
{
access_token = jwtToken,
token_type = "Bearer"
});
}
public async Task <JsonResult> PostAsync(LoginApiModel login)
{
var profile = await _userService.LoginByClientAsync(login);
var identity = new ClaimsIdentity();
var key = Encoding.UTF8.GetBytes(_appConfig.Authentication.IssuerSigningKey);
identity.AddClaim(new Claim(ClaimTypes.Name, JsonConvert.SerializeObject(profile.User)));
identity.AddClaim(new Claim(ClaimTypes.Role, ((int)Portal.Client).ToString()));
identity.AddClaim(new Claim("Client", JsonConvert.SerializeObject(profile.Client)));
var descriptor = new SecurityTokenDescriptor
{
Subject = identity,
Expires = DateTime.UtcNow.AddHours(2),
SigningCredentials = new SigningCredentials(new SymmetricSecurityKey(key), SecurityAlgorithms.HmacSha256Signature),
Audience = _appConfig.Authentication.ValidAudience,
Issuer = _appConfig.Authentication.ValidIssuer
};
var handler = new JwtSecurityTokenHandler();
var token = handler.CreateJwtSecurityToken(descriptor);
return(Json(handler.WriteToken(token)));
}
