public async Task <SessionOutDto> Login(SessionCreateInDto loginParams)
{
#region login_user_if_existed_check
var user = await _context.Users
.Include(u => u.UserRoleAssociations)
.ThenInclude(a => a.Role)
.FirstOrDefaultAsync(u => u.Name == loginParams.Name);
if (user == null)
{
throw new NotExistedException();
}
#endregion
#region login_user_password_check
if (!ValidatePassword(user, loginParams.Password))
{
throw new BadAuthenticationException();
}
#endregion
#region login_generate_jwt_bearer_token
var roles = (from association in user.UserRoleAssociations select association.Role).ToList();
var permissions = await _permissionService.Filter(new PermissionFilterInDto
{
RoleIds = roles.Select(r => r.Id).ToList(),
});
var claims = new List <Claim>
{
new Claim(ClaimTypes.NameIdentifier, user.Id.ToString()),
new Claim(ClaimTypes.Name, user.Name),
new Claim(ClaimTypes.Expiration,
DateTime.Now.AddSeconds(_authenticationService.ExpirationTime.TotalSeconds).ToString())
};
claims.AddRange(roles.Select(r => new Claim(ClaimTypes.Role, r.Name)));
claims.AddRange(permissions.Select(p => new Claim(ClaimTypes.AuthorizationDecision, p.Name)));
var token = _authenticationService.BuildJwtToken(claims);
#endregion
#region update_last_activate_info
_context.Entry(user).State = EntityState.Modified;
user.UpdateTime = DateTime.Now;
await _context.SaveChangesAsync();
#endregion
return(new SessionOutDto {
User = user, Token = token
});
}
public async Task <ActionResult <ResultOutDto <object> > > CreateSession([FromBody] SessionCreateInDto createOptions)
{
try
{
var token = await _userService.Login(createOptions);
return(Ok(ResultOutDtoBuilder.Success(token)));
}
catch (NotExistedException e)
{
return(NotFound(
ResultOutDtoBuilder
.Fail <object>(e, "Target user not exist.")
));
}
catch (BadAuthenticationException e)
{
return(Unauthorized(
ResultOutDtoBuilder
.Fail <object>(e, "User name and password don't match.")
));
}
}
