public async Task <IActionResult> LoginAsync(string token)
{
_logger.LogInformation("Validate token");
if (!Guid.TryParse(token, out Guid masterQrCodeId))
{
_logger.LogWarning("Token is no valid GUID.");
return(AccessDenied());
}
MasterQrCode masterQrCode =
await _context.MasterQrCodes.FindAsync(masterQrCodeId);
if (masterQrCode == null)
{
_logger.LogWarning("Token not found in the database.");
return(AccessDenied());
}
if (masterQrCode.RevokedAt != null)
{
_logger.LogWarning(
"The master qr code has been revoked at {date}",
masterQrCode.RevokedAt);
return(AccessDenied());
}
await SignInAsync(masterQrCode);
return(LogonSuccess());
}
public async Task <IActionResult> DownloadMyMasterQrCodeAsync(Guid eventId)
{
Guid userId = User.GetUserId();
MasterQrCode masterQrCode = await _context.MasterQrCodes
.Where(e => e.EventId == eventId &&
e.OwnerId == userId &&
e.RevokedAt == null)
.FirstOrDefaultAsync();
if (masterQrCode == null)
{
masterQrCode = new MasterQrCode
{
EventId = eventId,
OwnerId = userId,
CreatedAt = DateTime.UtcNow
};
_context.Add(masterQrCode);
await _context.SaveChangesAsync();
}
string loginUrl = Url.ActionAbsoluteUrl <MasterQrCodeLoginController>(
nameof(MasterQrCodeLoginController.LoginAsync),
new { token = masterQrCode.Id.ToString() });
return(new QrCodeResult(loginUrl));
}
private Task SignInAsync(MasterQrCode masterQrCode)
{
string authenticationScheme = EventManagementConstants.MasterQrCode.AuthenticationScheme;
var claims = new List <Claim>
{
new Claim(JwtClaimTypes.Subject, masterQrCode.OwnerId.ToString()),
new Claim(EventManagementClaimTypes.EventId, masterQrCode.EventId.ToString())
};
var claimsIdentity = new ClaimsIdentity(claims, authenticationScheme);
var authProperties = new AuthenticationProperties
{
IsPersistent = true
};
return(HttpContext.SignInAsync(
authenticationScheme,
new ClaimsPrincipal(claimsIdentity),
authProperties));
}
