public IActionResult LoginEmployee(LoginRequestDto request) { if (!_dbService.CheckCredentials(request)) { return(Unauthorized()); } var claims = new[] { new Claim(ClaimTypes.Name, request.Login), new Claim(ClaimTypes.Role, "employee") }; var key = new SymmetricSecurityKey(Encoding.UTF8.GetBytes(Configuration["SecretKey"])); var creds = new SigningCredentials(key, SecurityAlgorithms.HmacSha256); var token = new JwtSecurityToken ( issuer: "s18660", audience: "Students", claims: claims, expires: DateTime.Now.AddMinutes(5), signingCredentials: creds ); return(Ok(new { token = new JwtSecurityTokenHandler().WriteToken(token), refreshToken = Guid.NewGuid() })); }
public string Login(LoginRequestDto request) { var userName = request.UserName; var userPwd = request.UserPwd; var imgCode = request.ImgCode; if (string.IsNullOrEmpty(userName) || string.IsNullOrEmpty(userPwd)) { Exception(LoginResultEnum.UserNameOrPasswordEmpty.ToString(), "用户名或密码不能为空"); } var objCode = ContextHelper.ReadSession(Constant.UserImgCodeKey); if (objCode == null) { Exception(LoginResultEnum.ImgCodeExpired.ToString(), "验证码过期,请刷新验证码"); } if (!objCode.ToString().Equals(imgCode, StringComparison.CurrentCultureIgnoreCase)) { Exception(LoginResultEnum.ImgCodeError.ToString(), "验证码错误"); } userPwd = Tools.EncryptDESByUserPwd(userPwd); var model = _userInfoDal.GetByNameAndPwd(userName, userPwd); if (model == null) { Exception(LoginResultEnum.LoginError.ToString(), "用户名或密码不正确"); } var token = LoginAfter(model); return(token); }
public async Task <IActionResult> Login([FromBody] LoginRequestDto model) { var user = await _userManager.FindByEmailAsync(model.Email); if (user != null) { if (!user.IsActive) { return(Unauthorized()); } if (!user.EmailConfirmed) { return(BadRequest(new List <IdentityError> { new IdentityError { Code = Messages.EmailNotConfirmedCode, Description = Messages.EmailNotConfirmedDescription } })); } if (await _userManager.CheckPasswordAsync(user, model.Password)) { return(Ok(await _authService.GenerateLoginResponse(user))); } } return(Unauthorized()); }
public IActionResult ValidateLogin([FromBody] LoginRequestDto loginRequest) { try { _log.Info($"ValidateLogin Callling: {loginRequest?.LoginName}"); var user = _userViewRepository.ValidateLogin(loginRequest.LoginName, loginRequest.Password); if (user == null) { return(StatusCode(401, new ErrorModel { HttpStatusCode = 401, Message = "Invalid UserName and Password" })); } var userDto = _mapper.Map <UserDto>(user); return(Ok(userDto)); } catch (Exception ex) { _log.Error($"Error in ValidateLogin - ", ex); return(StatusCode(500, new ErrorModel { HttpStatusCode = 500, Message = "Internal Server Error" })); } }
public bool CheckCredentials(LoginRequestDto request) { using (var connection = new SqlConnection(connectionString)) using (var command = new SqlCommand()) { connection.Open(); command.Connection = connection; command.CommandText = "select Salt from Student where IndexNumber = @index"; command.Parameters.AddWithValue("index", request.Login); var dr = command.ExecuteReader(); dr.Read(); var salt = dr["Salt"].ToString(); dr.Close(); var hash = CreateHash(request.Password, salt); command.Connection = connection; command.CommandText = "select count(1) from Student where IndexNumber = @index and Password = @password"; command.Parameters.AddWithValue("password", hash); dr = command.ExecuteReader(); dr.Read(); int count = (int)dr.GetValue(0); dr.Close(); return(count > 0 ? true : false); } }
public async Task <ActionResult <LoginResultDto> > LoginAsync([FromBody] LoginRequestDto requestDto) { var user = await _userManager.FindByNameAsync(requestDto.UserName); LoginResultDto result; if (user != null && await _userManager.CheckPasswordAsync(user, requestDto.Password)) { var claims = new List <Claim> { new Claim(ClaimTypes.Name, user.UserName) }; var token = _jwtTokenFactory.CreateToken(claims); result = new LoginResultDto { Claims = claims, LoginSuccess = true, Token = token, }; } else { result = new LoginResultDto { LoginSuccess = false }; } return(Ok(result)); }
public LoginResp Login(LoginRequestDto loginRequest) { using (var client = new SqlConnection(connString)) using (var com = new SqlCommand()) { com.CommandText = "select * from Salt where saltID=@id"; com.Parameters.AddWithValue("id", 1); client.Open(); com.Connection = client; var dr = com.ExecuteReader(); dr.Read(); var saltc = dr["salt"].ToString(); loginRequest.password = PasswordGenerator.Create(loginRequest.password, saltc); com.CommandText = "select * from student where Indexnumber=@index and password=@pass"; com.Parameters.AddWithValue("pass", loginRequest.password); com.Parameters.AddWithValue("index", loginRequest.login); dr.Close(); var dr2 = com.ExecuteReader(); if (!dr2.Read()) { return(null); } var response = new LoginResp(); response.login = dr2["IndexNumber"].ToString(); response.name = dr2["LastName"].ToString(); return(response); } }
public async Task <IActionResult> Login(LoginRequestDto loginRequest) { if (loginRequest == null) { return(StatusCode(StatusCodes.Status400BadRequest, $"Parâmetro '{nameof(loginRequest)}' incorreto.")); } var user = await userManager.FindByEmailAsync(loginRequest.Email); if (user == null) { return(StatusCode(StatusCodes.Status401Unauthorized, "Email incorreto!")); } var result = await signInManager.CheckPasswordSignInAsync(user, loginRequest.Password, false); if (result.Succeeded) { var userDto = mapper.Map <UserDto>(user); var roles = await userManager.GetRolesAsync(user); //var token = authService.GenerateJWToken(user).Result; var token = await new JwtService().GenerateToken(user, roles, config["JWT_SECRET"]); var response = new LoginResponseDto { token = token, user = userDto }; return(Ok(response)); } return(StatusCode(StatusCodes.Status401Unauthorized, "Senha incorreta!")); }
public IActionResult Login([FromBody] LoginRequestDto model) { var user = _userViewRepository.ValidateLogin(model.LoginName, model.Password); if (user != null) { var role = _roleViewRepository.GetRoleById(user.RoleId); var authClaims = new List <Claim> { new Claim(ClaimTypes.Name, user.LoginName), new Claim(JwtRegisteredClaimNames.Jti, Guid.NewGuid().ToString()), new Claim(ClaimTypes.Role, role.RoleName) }; var authSigningKey = new SymmetricSecurityKey(Encoding.UTF8.GetBytes(_configuration["JWT:Secret"])); var token = new JwtSecurityToken( //issuer: _configuration["JWT:ValidIssuer"], //audience: _configuration["JWT:ValidAudience"], expires: DateTime.Now.AddHours(10), claims: authClaims, signingCredentials: new SigningCredentials(authSigningKey, SecurityAlgorithms.HmacSha256Signature) ); var userDto = _mapper.Map <UserDto>(user); userDto.Token = new JwtSecurityTokenHandler().WriteToken(token); userDto.TokenExpiration = token.ValidTo; userDto.LastLogin = DateTime.Now; return(Ok(userDto)); } return(Unauthorized()); }
public async Task <IActionResult> Login([FromBody] LoginRequestDto model) { if (!ModelState.IsValid) { return(BadRequest(ModelState)); } var appUser = _userManager.Users.SingleOrDefault(r => r.UserName == model.UserName); if (appUser == null) { return(NotFound(new { error = "The email does not exist" })); } var result = await _signInManager.PasswordSignInAsync(model.UserName, model.Password, false, false); if (result.Succeeded) { var isAdmin = (await _userManager.GetRolesAsync(appUser)).Any(x => x == "admin"); var token = await GenerateJwtToken(model.UserName, appUser); return(Ok(new LoginResponseDto() { User = new UserDto() { Token = token.ToString(), UserName = appUser.UserName, IsAdmin = isAdmin } })); } else { return(BadRequest()); } }
public ApiResponseDto <LoginRequestDto> Login(LoginRequestDto requestDto) { try { var user = BUser.LoginResponse(requestDto); if (user != null) { LoginRequestDto loginResponse = new LoginRequestDto() { UserName = user.UserName, Password = user.Password }; return(ApiResponseDto <LoginRequestDto> .SuccessResponse(loginResponse, "basarili")); } return(ApiResponseDto <LoginRequestDto> .FailedResponse("basarisiz")); } catch { return(ApiResponseDto <LoginRequestDto> .FailedResponse("basarisiz")); } }
public async Task <ActionResult <LoginResponseDto> > Login(LoginRequestDto model) { var user = await this._userManager.FindByNameAsync(model.UserName); if (user == null) { return(Unauthorized()); } var passwordValid = await this._userManager.CheckPasswordAsync(user, model.Password); if (!passwordValid) { return(Unauthorized()); } var token = this._identityService.GenerateJwtToken( user.Id, user.UserName, this._appSettings.Secret); return(new LoginResponseDto { Token = token }); }
public string Authenticated(LoginRequestDto request) { //rsa解密 var code = SecurityRsa.Decrypt(request.Password); if (code is null) { return(null); } //获取用户 var user = _context.User.Find(request.UserName); if (user is null || user.Password != SecurityAes.Encrypt(code)) { return(null); } //获取用户角色 var roles = user.Role.Split("::", StringSplitOptions.RemoveEmptyEntries).ToList(); //创建claim var claims = new List <Claim>() { new Claim(ClaimTypes.Name, user.UserName) }; claims.AddRange(roles.Select(role => new Claim(ClaimTypes.Role, role))); //生成token var key = new SymmetricSecurityKey(Encoding.UTF8.GetBytes(_tokenManagement.Secret)); var credentials = new SigningCredentials(key, SecurityAlgorithms.HmacSha256); var jwtToken = new JwtSecurityToken(_tokenManagement.Issuer, _tokenManagement.Audience, claims, expires: DateTime.Now.AddMinutes(_tokenManagement.AccessExpiration), signingCredentials: credentials); var token = new JwtSecurityTokenHandler().WriteToken(jwtToken); return(token); }
public Guid IsAuthenticated(LoginRequestDto request, out string token) { token = string.Empty; var userId = userService.IsValid(request); if (userId == Guid.Empty) { return(Guid.Empty); } var claims = new[] { new Claim(ClaimTypes.Name, request.UserName) }; var key = new SymmetricSecurityKey(Encoding.UTF8.GetBytes(tokenManagement.Secret)); var credentials = new SigningCredentials(key, SecurityAlgorithms.HmacSha256); var jwtToken = new JwtSecurityToken(tokenManagement.Issuer, tokenManagement.Audience, claims, expires: DateTime.Now.AddMinutes(tokenManagement.AccessExpiration), signingCredentials: credentials); token = new JwtSecurityTokenHandler().WriteToken(jwtToken); return(userId); }
// public async Task<object> Login([FromBody] LoginDto dto, [FromServices] ILoginService service) public async Task <object> Login([FromBody] LoginRequestDto requestDto) { if (!ModelState.IsValid) { return(BadRequest(ModelState)); } if (requestDto == null) { return(BadRequest()); } try { var result = await _service.FindByLogin(requestDto); if (result == null) { return(NotFound()); } return(Ok(result)); } catch (ArgumentException e) { Console.WriteLine(e); return(StatusCode((int)HttpStatusCode.InternalServerError, e.Message)); } }
public async Task <LoginResponseDto> CheckLogin(string username, string encryptedPassword) { LoginRequestDto dto = new LoginRequestDto { MobileNo = username, Password = encryptedPassword }; //IRestClient<LoginRequestDto, LoginResponseDto> rest = new RestClient<LoginRequestDto, LoginResponseDto>(); //LoginResponseDto res = await rest.Post(dto, "Login/CheckLogin", MediaType.Json, Encoding.UTF8); // Temp Login LoginResponseDto res = new LoginResponseDto() { Message = "success", Name = "Emp1", Status = true, UserId = 100 }; if (res.Status) { // Save in Shared Preferance. SharedPreferences.UserId = res.UserId; UpdateNotificationToken(); } return(res); }
public async Task <LoginResponseDto> FindByLogin(LoginRequestDto requestDto) { var response = new LoginResponseDto(false, "Falha ao autenticar"); if (requestDto != null && !string.IsNullOrWhiteSpace(requestDto.Email)) { UserEntity entity = await _repository.FindByLogin(requestDto.Email); if (entity == null) { return(response); } var identity = new ClaimsIdentity( new GenericIdentity(entity.Email), new [] { new Claim(JwtRegisteredClaimNames.Jti, Guid.NewGuid().ToString()), new Claim(JwtRegisteredClaimNames.UniqueName, entity.Email), } ); DateTime createDate = DateTime.Now; DateTime expirationDate = createDate + TimeSpan.FromSeconds(Convert.ToDouble(Environment.GetEnvironmentVariable("Seconds"))); var handler = new JwtSecurityTokenHandler(); string token = CreateToken(identity, createDate, expirationDate, handler); return(SuccessObject(createDate, expirationDate, token, requestDto)); } return(response); }
public async Task E_Possivel_Executar_Metodo_FindByLogin() { var email = Internet.Email(); LoginResponseDto objRetorno = new LoginResponseDto( true, DateTime.UtcNow, DateTime.UtcNow.AddHours(8), Guid.NewGuid().ToString(), Name.FullName(), "Login efetuado com sucesso." ); var loginDto = new LoginRequestDto { Email = email }; _serviceMock = new Mock <ILoginService>(); _serviceMock.Setup(m => m.FindByLogin(loginDto)).ReturnsAsync(objRetorno); _serviceLogin = _serviceMock.Object; var result = await _serviceLogin.FindByLogin(loginDto); Assert.NotNull(result); }
public async void Login_WithValidUsernameAndPassword_ReturnsOkResponseWithTokenInformation() { var now = DateTime.UtcNow; var request = new LoginRequestDto { Username = "******", Password = "******" }; var mockResponse = new LoginResponse { Success = true, Token = "token", Expires = now }; _accountServiceMock.Setup(x => x.AttemptLoginAsync(It.IsAny <string>(), It.IsAny <string>())) .ReturnsAsync(mockResponse); var result = await _accountController.Login(request); var actionResult = Assert.IsType <ActionResult <LoginResponseDto> >(result); var okResult = Assert.IsType <OkObjectResult>(actionResult.Result); var returnValue = Assert.IsType <LoginResponseDto>(okResult.Value); Assert.NotNull(returnValue.Token); Assert.Equal(now, returnValue.Expires); }
public IActionResult GetToken([FromBody] LoginRequestDto login) { var state = _accountService.Login(login.UserName, login.Password, login.IsDomainAccount); // var state =1; if (state == -1) { return(Ok(new ResponseDto(StatusCodeEnum.AccountError, "账号不存在"))); } if (state == -2) { return(Ok(new ResponseDto(StatusCodeEnum.AccountError, "账号密码错误"))); } var tokenString = _tokenService.WriteToken(new AccountModel() { UserName = login.UserName }); return(Ok(new DataResponseDto() { Data = new TokenResponseDto { Token = tokenString, ExpireIn = 60 * 60 } })); }
public async Task <UserResponseDto> Login(LoginRequestDto dto) { var user = await this.dbContext .Users .SingleOrDefaultAsync(u => u.Username == dto.Username); if (user == null) { throw new InvalidOperationException("Invalid username"); } var passwordHash = PasswordEncrypt.ComputeHash(dto.Password, user.PasswordSalt); if (user.Password != passwordHash) { throw new InvalidOperationException("Invalid password"); } return(new UserResponseDto { Id = user.Id, Username = user.Username, Token = tokenService.CreateToken(user), Role = user.Role, FirstName = user.FirstName, LastName = user.LastName }); }
public IActionResult Login(LoginRequestDto request) { var result = _service.LoginCheck(request); var okResult = result as OkObjectResult; Console.Write(okResult); if (result.Equals(okResult)) { var claims = new[] { new Claim(ClaimTypes.NameIdentifier, request.Login), new Claim(ClaimTypes.Role, "admin") }; var key = new SymmetricSecurityKey(Encoding.UTF8.GetBytes(Configuration["SecretKey"])); var creds = new SigningCredentials(key, SecurityAlgorithms.HmacSha256); var token = new JwtSecurityToken ( issuer: "Gakko", audience: "Students", claims: claims, expires: DateTime.Now.AddMinutes(10), signingCredentials: creds ); return(Ok(new { token = new JwtSecurityTokenHandler().WriteToken(token), refreshToken = Guid.NewGuid() //saved to the db })); } return(StatusCode(401)); }
public IActionResult Login(LoginRequestDto log) { var claim = new[] { new Claim(ClaimTypes.NameIdentifier, "1"), new Claim(ClaimTypes.Name, "jan123"), new Claim(ClaimTypes.Role, "admin"), new Claim(ClaimTypes.Role, "student") }; var key = new SymmetricSecurityKey(Encoding.UTF8.GetBytes(Configuration["SecretKey"])); var creds = new SigningCredentials(key, SecurityAlgorithms.HmacSha256); var token = new JwtSecurityToken( issuer: "Gakko", audience: "Students", claims: claim, expires: DateTime.Now.AddMinutes(10), signingCredentials: creds ); return(Ok(new { token = new JwtSecurityTokenHandler().WriteToken(token), refreshToken = Guid.NewGuid() } )); }
public async Task <IActionResult> Login([FromBody] LoginRequestDto model) { var user = _userManager.Users.SingleOrDefault(r => r.UserName == model.UserName); if (user == null) { ModelState.AddModelError("notExists", "Username or password are incorrect."); return(BadRequest(ModelState)); } var result = await _signInManager.PasswordSignInAsync(model.UserName, model.Password, true, false); if (!result.Succeeded) { ModelState.AddModelError("notExists", "Username or password are incorrect."); return(BadRequest(ModelState)); } else { var jsonWebToken = _tokenService.GenerateJwtToken(user); var requestedAt = DateTime.UtcNow; var returnModel = _mapper.Map <LoggedInUserDto>(user); returnModel.LastLoginDate = user.LastLoginDate; user.LastLoginDate = requestedAt; await _userManager.UpdateAsync(user); returnModel.Token = jsonWebToken.Token; returnModel.Expires = jsonWebToken.Expiration - requestedAt.Ticks; return(Ok(returnModel)); } }
public LoginResponseDto Login_Obsolete(LoginRequestDto request) { var userName = request.UserName; var userPwd = request.UserPwd; var imgCode = request.ImgCode; if (string.IsNullOrEmpty(userName) || string.IsNullOrEmpty(userPwd)) { return(new LoginResponseDto(LoginResultEnum.UserNameOrPasswordEmpty)); } var objCode = ContextHelper.ReadSession(Constant.UserImgCodeKey); if (objCode == null) { return(new LoginResponseDto(LoginResultEnum.ImgCodeExpired)); } if (!objCode.ToString().Equals(imgCode, StringComparison.CurrentCultureIgnoreCase)) { return(new LoginResponseDto(LoginResultEnum.ImgCodeError)); } userPwd = Tools.EncryptDESByUserPwd(userPwd); var model = _userInfoDal.GetByNameAndPwd(userName, userPwd); if (model == null) { return(new LoginResponseDto(LoginResultEnum.LoginError)); } var token = LoginAfter(model); return(new LoginResponseDto(LoginResultEnum.Success, token)); }
public IActionResult Login(LoginRequestDto request) { // TODO: Move all this logic to DBService var student = _studentsDbService.GetStudent(request.Login); if (_studentsDbService.CheckUserPassword(student, request.Password)) { Console.WriteLine("Password confirmed"); } else { return(BadRequest("Password dont match")); } var token = _studentsDbService.GetJwtToken(); var refreshToken = Guid.NewGuid(); // is unique and has no information _studentsDbService.SaveRefreshTokenInDb(refreshToken, student); return(Ok(new { accessToken = new JwtSecurityTokenHandler().WriteToken(token), refreshToken })); }
public void WhenLoginReturnsAnError() { // Arrange var model = new LoginRequestDto { Password = "******", UserName = "******" }; var loggedInUser = new LoggedInUserDto { UserName = "******" }; var users = new List <ApplicationUser> { new ApplicationUser { UserName = "******" } }.AsQueryable(); _userManager = new FakeUserManager(_userStore, users); _signInManager = new FakeSignInManager(_userStore, users, Microsoft.AspNetCore.Identity.SignInResult.Failed); _tokenService.Setup(x => x.GenerateJwtToken(It.IsAny <ApplicationUser>())).Returns(new Logic.Models.JsonWebToken("123", 1)); _mapper.Setup(x => x.Map <LoggedInUserDto>(It.IsAny <ApplicationUser>())).Returns(loggedInUser); var controller = new AccountController(_userManager, _signInManager, _mapper.Object, _tokenService.Object); // Act var result = controller.Login(model).Result; // Assert Assert.Equal(typeof(BadRequestObjectResult), result.GetType()); }
public LoginResponseDto Login(LoginRequestDto loginRequestDto) { if (loginRequestDto == null) { return(null); } var potentialUser = _userRepository.TryGetUserByName(loginRequestDto.Username); if (potentialUser == null) { return(new LoginResponseDto { LoginSuccess = LoginResult.WrongUsername }); } var passwordMatch = _userRepository.ValidatePassword(potentialUser, loginRequestDto.Password); if (passwordMatch) { return(potentialUser.ToLoginResponseDto()); } else { return(new LoginResponseDto { LoginSuccess = LoginResult.WrongPassword }); } }
public async Task ShouldFail_ForIncorrectGoogleToken() { const string token = "TOKEN"; _googleAuthService.Setup(s => s.FindGoogleToken(It.IsAny <string>(), It.IsAny <CancellationToken>())) .ReturnsAsync((GoogleTokenInfo)null); var request = new LoginRequestDto { Token = token }; var response = await Client.PostJson("/account/login", request); response.IsSuccessStatusCode.Should().Be(false); response.StatusCode.Should().Be(HttpStatusCode.Unauthorized); var payload = await response.Content.ReadAsStringAsync(); payload.Should().NotBeEmpty(); RecreateContext(); var savedUser = Context .Users .SingleOrDefault(); savedUser.Should().BeNull(); _googleAuthService.Verify(s => s.FindGoogleToken(token, It.IsAny <CancellationToken>()), Times.Once); _googleAuthService.VerifyNoOtherCalls(); }
public IActionResult Login(LoginRequestDto request) { //hashing function //one-way func //hash(a) = kifiyddsssuyfulgih;oj';strdtufuhpok //check the password in db var claims = new[] { new Claim(ClaimTypes.NameIdentifier, "1"), new Claim(ClaimTypes.Name, "jan123"), new Claim(ClaimTypes.Role, "admin"), new Claim(ClaimTypes.Role, "student") }; var key = new SymmetricSecurityKey(Encoding.UTF8.GetBytes(Configuration["SecretKey"])); var creds = new SigningCredentials(key, SecurityAlgorithms.HmacSha256); var token = new JwtSecurityToken( issuer: "Gakko", audience: "Students", claims: claims, expires: DateTime.Now.AddMinutes(10), signingCredentials: creds ); return(Ok(new { accessToken = new JwtSecurityTokenHandler().WriteToken(token), refreshToken = Guid.NewGuid() })); }