Esempio n. 1
0
        public void Delete(TokensDto dto)
        {
            var obj    = Mapper.Map <Tokens>(dto);
            var result = Db.Tokens.Find(obj.TokensId);

            base.Delete(result);
        }
Esempio n. 2
0
        public void Add(TokensDto dto)
        {
            var result = Mapper.Map <Tokens>(dto);

            result.UserId = result.User.UserId;
            result.User   = null;
            base.Add(result);
        }
Esempio n. 3
0
 public SignupResponseDTO(bool success, long userId, AuthTokens tokens)
 {
     this.success = success;
     this.uid     = userId;
     this.tokens  = new() {
         access  = tokens.Access,
         refresh = tokens.Refresh,
     };
 }
Esempio n. 4
0
        public void Edit(TokensDto dto)
        {
            var obj    = Mapper.Map <Tokens>(dto);
            var result = Db.Tokens.Find(obj.TokensId);

            result.Token        = obj.Token;
            result.BrowserType  = obj.BrowserType;
            result.PlatformType = obj.PlatformType;
            result.UserId       = obj.UserId;
            base.Edit(result);
        }
Esempio n. 5
0
        public async Task <ActionResult> Logout([FromBody] TokensDto tokens)
        {
            if (!string.IsNullOrEmpty(tokens.refreshToken))
            {
                var response = await _userService.Logout(tokens.refreshToken);

                if (!response.IsSuccessful)
                {
                    return(new BadRequestObjectResult(response.ErrorMessage));
                }
                return(new OkObjectResult(response));
            }
            return(BadRequest());
        }
Esempio n. 6
0
        public string AddNewUser(UserMobileDto userWebApi, string jwtToken)
        {
            if (_veryficationService.Verify(jwtToken))
            {
                if (!IsEmailInDatabase(userWebApi.Email))
                {
                    var tmpUserDto = new UserDto()
                    {
                        Email       = userWebApi.Email,
                        Description = userWebApi.Description,
                        Activities  = new List <ActivityDto>(),
                        Favorites   = new List <FavoritesDto>(),
                        UserGroup   = new List <UserGroupDto>(),
                        Tokens      = new List <TokensDto>()
                    };
                    var nrId = _userRepositories.Add(tmpUserDto);

                    var t           = _veryficationService.GenereteToken();
                    var tmpTokenDto = new TokensDto()
                    {
                        Token        = t,
                        PlatformType = userWebApi.PlatformType,
                        User         = _userRepositories.Get(nrId),
                        BrowserType  = BrowserType.None
                    };
                    _tokensRepositories.Add(tmpTokenDto);

                    return(t);
                }
                else                //tokeny zostają więc możnaby zrobić ich czyszczenie bo bespieczeństwo spada
                {
                    var t           = _veryficationService.GenereteToken();
                    var tmpTokenDto = new TokensDto()
                    {
                        Token        = t,
                        PlatformType = PlatformType.Android,
                        User         = _userRepositories.Get(userWebApi.Email)
                    };
                    _tokensRepositories.Add(tmpTokenDto);
                    return(t);
                }
            }

            return(null);
        }
Esempio n. 7
0
        public void SaveUser(string email, string login, string password)
        {
            var user = new UserDto
            {
                Email = email,
                Name  = login
            };

            _userRepositories.Add(user);

            var token = new TokensDto
            {
                Token = password,
                User  = _userRepositories.Get(user.Email)
            };

            _tokensRepositories.Add(token);
        }
Esempio n. 8
0
        public List <UserMobileDto> PrintAllUserWebApi()
        {
            var listOfUsers        = _userRepositories.GetAll();
            var listOfWebApiModels = new List <UserMobileDto>();

            foreach (var tmpLoopUser in listOfUsers)
            {
                TokensDto tmpToken     = _tokensRepositories.GetAll().First(t => t.User.Email.Equals(tmpLoopUser.Email));
                var       tmpMobileDto = new UserMobileDto()
                {
                    Email        = tmpLoopUser.Email,
                    Description  = tmpLoopUser.Description,
                    Token        = tmpToken.Token,
                    PlatformType = tmpToken.PlatformType
                };
                listOfWebApiModels.Add(tmpMobileDto);
            }
            return(listOfWebApiModels);
        }
Esempio n. 9
0
        public async Task <TokensDto> RefreshToken(string refreshToken, JwtIssuerOptions jwtOptions, string ip, string userAgent)
        {
            var handler = new JwtSecurityTokenHandler();

            var tokenClaims = (handler.ReadToken(refreshToken) as JwtSecurityToken)?.Claims;

            var expirationTime = tokenClaims.FirstOrDefault(o => o.Type == "exp")?.Value;

            if (expirationTime == null)
            {
                return(null);
            }
            var date = ToUnixEpochDate(DateTime.UtcNow);

            if (long.Parse(expirationTime) < ToUnixEpochDate(DateTime.UtcNow))
            {
                return(null);
            }

            var uid = tokenClaims.FirstOrDefault(o => o.Type == "id").Value;

            if (uid == null)
            {
                return(null);
            }

            var tokensFromDb = _repository.GetTokensForUser(uid).ToList();
            //check if (token + ip) hash match one of user refresh tokens
            var curToken = tokensFromDb
                           .SingleOrDefault(t => (_userManager.PasswordHasher
                                                  .VerifyHashedPassword(new AppUser(), t.Token, refreshToken)) == PasswordVerificationResult.Success);

            if (curToken == null)
            {
                return(null);
            }


            var user = await _userManager.FindByIdAsync(curToken.IdentityId);

            if (curToken.Ip != ip || curToken.Useragent != userAgent)
            {
                try
                {
                    await _emailSender.SendEmailAsync(user.Email, "Security",
                                                      $"Somebody was attempting to login to your account from {ip}, if it was not you consider changing your password");
                }
                catch
                {
                    return(null);
                }

                return(null);
            }


            if (tokensFromDb.Count() > 20)
            {
                foreach (var t in tokensFromDb.ToList())
                {
                    if (t != null)
                    {
                        await _repository.DeleteRefleshToken(t);
                    }
                }
            }
            else
            {
                if (curToken != null)
                {
                    await _repository.DeleteRefleshToken(curToken);
                }
            }


            if (user == null)
            {
                return(null);
            }

            var claimsIdentity = await GenerateClaimsIdentity(user.UserName, user.Id);

            var newRefreshToken = await GenerateRefreshToken(user.UserName, claimsIdentity, ip, userAgent);

            var newAccessToken = await GenerateEncodedToken(user.UserName, claimsIdentity);

            var responce = new TokensDto()
            {
                expires_in    = (int)jwtOptions.ValidFor.TotalSeconds,
                auth_token    = newAccessToken,
                refresh_token = newRefreshToken
            };

            return(responce);
        }