public async Task <TokenUser> CheckUserAndGetInfoAysnc(TokenLoginModel loginModel) { var expireMin = _configuration.GetValue <int>("RedisConfig:CacheExpireMin"); var cacheKey = "TokenUser"; string[] includes = { "Roles" }; TimeSpan expiresIn = TimeSpan.FromMinutes(expireMin); if (_time.AddMinutes(expireMin + 1) < DateTime.Now) { _model = null; _time = DateTime.Now; } if (_model == null) { _model = _redisRepository.GetAllCachedData(cacheKey, expiresIn, includes, true); if (_model != null) { var find = _model.FirstOrDefault(user => user.Username == loginModel.Username && user.Password == loginModel.Password && user.IsSuspended == false); return(find); } //redis patlarsa _model = await _context.TokenUsers. Include(i => i.Roles).AsNoTracking(). //// Microsoft.EntityFrameworkCore.Proxies paketini indirip UseLazyLoadingProxies() methodu da kullanılabilir ToListAsync(); } var findFaster = (_model ?? throw new InvalidOperationException()).FirstOrDefault(user => user.Username == loginModel.Username && user.Password == loginModel.Password && user.IsSuspended == false); return(findFaster); }
public IActionResult Login(TokenLoginModel model) { try { if (Globals.AllowFormsLogin == false) { return(RedirectToAction("Index", "Home")); } var authToken = _loginMananger.GetAuthToken(model.Username, model.Password); if (authToken == null) { throw new Exception("Unknown user or password"); } base.SetAuthCookie(authToken); return(RedirectToAction("Index", "Home")); } catch (Exception ex) { model.ErrorMessage = ex.Message; return(View(model)); } }
public IHttpActionResult Token(TokenLoginModel model) { if (model == null) { return(BadRequest()); } if (ModelState.IsValid) { if (model.Kind.Equals("client", StringComparison.OrdinalIgnoreCase)) { return(CreateTokenForClient(model)); } else if (model.Kind.Equals("account", StringComparison.OrdinalIgnoreCase)) { return(CreateTokenForAccount(model)); } else { return(BadRequest("Unknown token request kind")); } } else { return(BadRequest(ModelState)); } }
public async Task <IActionResult> CreateToken([FromBody] TokenLoginModel login, bool includeRefreshToken) { var user = await _userManager.FindByNameAsync(login.Username); if (user == null || !await _userManager.CheckPasswordAsync(user, login.Password)) { return(BadRequest(new { Error = "Invalid username or password" })); } var claims = await BuildClaims(user); var token = _tokenService.GenerateAccessToken(claims); if (includeRefreshToken) { var refreshToken = _tokenService.GenerateRefreshToken(); user.RefreshTokenHash = _userManager.PasswordHasher.HashPassword(user, refreshToken); await _userManager.UpdateAsync(user); return(Ok(new { token = token, refreshToken = refreshToken })); } var userVm = new { user.Id, user.UserName, user.Email, user.FullName, user.PhoneNumber, user.UserAddresses }; return(Ok(new { token = token, user = userVm })); }
public async Task <IActionResult> GetAdminToken(TokenLoginModel model) { if (!ModelState.IsValid) { return(BadRequest(ModelState)); } if (model.email == "*****@*****.**" && model.mobileNum == "+9999999") { var tokenDescriptor = new SecurityTokenDescriptor { Subject = new ClaimsIdentity(new Claim[] { //new Claim("UserID",contactID.ToString()), new Claim(ClaimTypes.Role, "Administrator") }), Expires = DateTime.UtcNow.AddMinutes(10), SigningCredentials = new SigningCredentials(new SymmetricSecurityKey(Encoding.UTF8.GetBytes(_jwtSettings.JWT_Secret)), SecurityAlgorithms.HmacSha256Signature) }; var tokenHandler = new JwtSecurityTokenHandler(); var securityToken = tokenHandler.CreateToken(tokenDescriptor); var token = tokenHandler.WriteToken(securityToken); return(Ok(new { token })); } else { return(BadRequest(new { message = "The TokenLogin input is false" })); } }
public async Task <IActionResult> GetToken(TokenLoginModel model) { if (!ModelState.IsValid) { return(BadRequest(ModelState)); } var contactID = 0; try { contactID = _context.Contact.FirstOrDefault(e => e.Email == model.email && e.MobileNum == model.mobileNum).ContactId; //if (contactID != 0) //{ var tokenDescriptor = new SecurityTokenDescriptor { Subject = new ClaimsIdentity(new Claim[] { new Claim("UserID", contactID.ToString()), }), Expires = DateTime.UtcNow.AddMinutes(10), SigningCredentials = new SigningCredentials(new SymmetricSecurityKey(Encoding.UTF8.GetBytes(_jwtSettings.JWT_Secret)), SecurityAlgorithms.HmacSha256Signature) }; var tokenHandler = new JwtSecurityTokenHandler(); var securityToken = tokenHandler.CreateToken(tokenDescriptor); var token = tokenHandler.WriteToken(securityToken); return(Ok(new { token })); } catch (Exception e) { return(BadRequest("Your input parameters were false")); } }
private Client TryFetchUser(TokenLoginModel model) { Client user = null; if (model.Apikey != (default(Guid)) && user == null) { user = _data.Clients.FirstOrDefault(c => c.CurrentApiKey == model.Apikey); } return(user); }
private User TryFetchAccount(TokenLoginModel model) { User user = null; if (model.Apikey != (default(Guid)) && user == null) { user = _data.Users.FirstOrDefault(c => c.UserApiKey == model.Apikey); } return(user); }
public static void LogThisAccess(TokenLoginModel tokenLoginModel, bool isApproved, string access) { //TokenAccessLogs tokenAccessLogs = new TokenAccessLogs //{ // Access = access, // AccessTrueFalse = isApproved, // AccessRequest = tokenLoginModel.ToString() //}; //TODO: Db ye logla }
public async Task <IActionResult> CreateToken([FromBody] TokenLoginModel login) { Dictionary <string, string> keyValuePairs = new Dictionary <string, string>(); keyValuePairs.Add("ConsoleType", "0"); var client = _httpClientFactory.CreateClient("token_client"); var tokenClient = new TokenClient(client, new TokenClientOptions { Address = $"{CommonHelper.GetWebLocation()}connect/token", ClientId = "client", ClientSecret = "secret", Parameters = keyValuePairs, }); var tokenResponse = await tokenClient.RequestPasswordTokenAsync(login.Username, login.Password, "api" + " " + IdentityServerConstants.StandardScopes.OfflineAccess); if (tokenResponse.IsError) { return(Error(500, tokenResponse.ErrorType.ToString(), /*tokenResponse.Error + "," + tokenResponse.ErrorDescription*/ "用户未批准或用户名密码错误")); } var user = await _userService.GetUserByUsername(login.Username); if (login.IncludeRefreshToken) { return(Success(new { token = tokenResponse.AccessToken, refreshToken = tokenResponse.RefreshToken, expiresIn = tokenResponse.ExpiresIn, // 秒 expiresAtUtc = DateTime.UtcNow.AddSeconds(tokenResponse.ExpiresIn), IsAdmin = user.IsAdmin })); } return(Success(new { token = tokenResponse.AccessToken, expiresIn = tokenResponse.ExpiresIn, // 秒 expiresAtUtc = DateTime.UtcNow.AddSeconds(tokenResponse.ExpiresIn), IsAdmin = user.IsAdmin })); }
public async Task <IActionResult> GetToken([FromBody] TokenLoginModel loginModel) { if (ModelState.IsValid) { var user = await _tokenRepository.CheckUserAndGetInfoAysnc(loginModel); if (user != null) { string token = TokenHelper.GenerateToken(_configuration, user); //TODO:Girişi logla. Db ye kaydedilebilir takibi kolay olacaktır. //TokenHelper.LogThisAccess(loginModel,true, "Approved"); return(Ok(new { User = user.Username, Access = "Approved", Token = token })); } //TokenHelper.LogThisAccess(loginModel,false, "Not Approved"); return(BadRequest(new { User = loginModel.Username, Access = "Not Approved" })); } return(Unauthorized()); }
private IHttpActionResult CreateTokenForClient(TokenLoginModel model) { Client user = TryFetchUser(model); if (user == null) { return(this.ResponseMessage(new HttpResponseMessage(HttpStatusCode.Unauthorized))); } if (model.Apikey != default(Guid) && user.CurrentApiKey != model.Apikey) { return(BadRequest("Api Key Invalid")); } return(this.ResponseMessage(new HttpResponseMessage(HttpStatusCode.OK) { Content = GetClientTicket(user) })); }