public async Task <ActionResult <Token> > SignIn([FromBody] UserSmall user) { _logger.LogInformation(nameof(SignIn) + ": " + user); var userFromRepo = await _repo.SignIn(user); if (userFromRepo == null) { return(Unauthorized()); } var refreshToken = _service.GenerateRefreshToken(); await _repo.SaveRefreshToken(userFromRepo.UserId, refreshToken); return(new Token { AccessToken = _service.GenerateToken(new Claim[] { new Claim(ClaimTypes.NameIdentifier, userFromRepo.UserId.ToString()), new Claim(ClaimTypes.Name, userFromRepo.Username), new Claim(ClaimTypes.Role, userFromRepo.UserGroup.ToString()), }), Expires = DateTime.UtcNow.AddDays(7).ToString(), RefreshToken = refreshToken, UserId = userFromRepo.UserId }); }
private async Task <UserAttrib> GetUserAttribDetail(UserSmall fbInfo) { //do we have user with this id - ours? //test if user exists in table. if not, create. var existUserTest = await _context.Users.Where(a => a.FbId == fbInfo.FacebookId).FirstOrDefaultAsync(); if (existUserTest == null) { var newUser = new Users() { FbId = fbInfo.FacebookId, FirstNm = fbInfo.FirstName, LastNm = fbInfo.LastName, EventCnt = 0, LastLoginTms = DateTime.UtcNow }; //auto-ban functionality based on Facebook name match. var prebanUser = await _context.BanListText.Where(a => a.FirstNm == fbInfo.FirstName && a.LastNm == fbInfo.LastName).FirstOrDefaultAsync(); if (prebanUser != null) { newUser.BanFlag = true; } await _context.Users.AddAsync(newUser); await _context.SaveChangesAsync(); existUserTest = _context.Users.Where(a => a.FbId == fbInfo.FacebookId).FirstOrDefault(); } else { //update FB name if needed if (existUserTest.FirstNm != fbInfo.FirstName || existUserTest.LastNm != fbInfo.LastName) { existUserTest.FirstNm = fbInfo.FirstName; existUserTest.LastNm = fbInfo.LastName; } //always update last login. existUserTest.LastLoginTms = DateTime.UtcNow; _context.Users.Update(existUserTest); await _context.SaveChangesAsync(); } UserAttrib existUser = new UserAttrib() { CityNm = existUserTest.CityNm, StateCd = existUserTest.StateCd, CountryCd = existUserTest.CountryCd, RealNm = existUserTest.RealNm, AdminFlag = existUserTest.AdminFlag, VolunteerFlag = existUserTest.VolunteerFlag }; return(existUser); }
public async Task <User> SignIn(UserSmall user) { var loginUser = await _context.User.FirstOrDefaultAsync(u => (u.Username == user.Username.ToLower() || u.UserId.ToString() == user.Username)); if (loginUser == null || !VerifyPassword(user.Password, loginUser.PasswordHash)) { return(null); } return(loginUser); }
private async Task <string> GenerateUserToken(UserSmall fbInfo) { //gets status flag of user and creates user record if not existing //start off by verifying FB token from passed principal var fbUrl = _appSettings.Value.FacebookAuthUrl.ToString(); var msToken = fbInfo.AccessToken; _logger.LogInformation(_appSettings.Value.DevUserId); _logger.LogInformation(DateTime.Now.ToString() + " - calling FB"); //call FB web service if (fbInfo.FacebookId == _appSettings.Value.DevUserId) { // hard coded for dev return(_userService.GenerateJwtToken(new UserSmall() { FirstName = "Dev", LastName = "Mode", FacebookId = _appSettings.Value.DevUserId })); } else { var client = _clientFactory.CreateClient(); using (var response = await client.GetAsync(fbUrl + msToken)) { string apiResponse = await response.Content.ReadAsStringAsync(); dynamic fbRtn = JObject.Parse(apiResponse); if (fbRtn.id == null) { return(null); } if (fbRtn.id.ToString() == fbInfo.FacebookId) { //we are good, lets spit out the JWT _logger.LogInformation(DateTime.Now.ToString() + " - generating JWT"); return(_userService.GenerateJwtToken(fbInfo)); } else { //bad token, return nothing return(string.Empty); } } }; }
public async Task <User> Register(UserSmall user) { // 新增用户 var addedUser = await _context.User.AddAsync(new User { Username = user.Username.ToLower(), Nickname = user.Username, PasswordHash = user.Password.GetMd5Hash(), UserGroup = 9 }); await _context.SaveChangesAsync(); return(addedUser.Entity); }
public async Task <ActionResult <string> > UserLogin(UserSmall fbInfo) { //gets status flag of user and creates user record if not existing //start off by verifying FB token from passed principal string token = await GenerateUserToken(fbInfo); if (token == string.Empty) { return(Unauthorized("You are not permitted to access this site.")); } else { return(token); } }
public async Task <ActionResult> SignUp([FromBody] UserSmall user) { _logger.LogInformation(nameof(SignUp) + ": " + user); // 检查是否有相同用户名 if (await _repo.UserExists(user.Username)) { return(BadRequest(new { error = "Username already exists." })); } var registeredUser = await _repo.Register(user); if (registeredUser == null) { return(BadRequest(new { error = "User register fail!" })); } return(new CreatedResult(nameof(SignUp), UserLarge.FromUser(registeredUser, _imageServer))); }
public async Task <ActionResult <FrontPage> > GetFrontPage(UserSmall fbInfo) { //check if bearer token exists since we call this again if frontpage refreshes FrontPage returnData = new FrontPage(); string token = HttpContext.Request.Headers["Authorization"].FirstOrDefault()?.Split(" ").Last(); if (token == null) { _logger.LogInformation(DateTime.Now.ToString() + " - calling GenerateUserToken"); token = await GenerateUserToken(fbInfo); } if (token == null) { return(Unauthorized(returnData)); } else { returnData.SessionAuth = token; } // now we handle our normal user stuff _logger.LogInformation(DateTime.Now.ToString() + " - calling GetUserAttribDetail"); returnData.UserInfo = await GetUserAttribDetail(fbInfo); _logger.LogInformation(DateTime.Now.ToString() + " - finished GetUserAttribDetail"); // now we do the event stuff since we have a user string FacebookId = fbInfo.FacebookId; _logger.LogInformation(DateTime.Now.ToString() + " - calling GetEventFrontPage"); OpenEvent rtnTimeslot = await _eventService.GetEventFrontPage(FacebookId); _logger.LogInformation(DateTime.Now.ToString() + " - finished GetEventFrontPage"); returnData.FlexSlot = rtnTimeslot.FlexSlot; returnData.MoveFlag = rtnTimeslot.MoveFlag; returnData.SignedUpTimeslot = rtnTimeslot.SignedUpTimeslot; returnData.Timeslot = rtnTimeslot.Timeslot; return(Ok(returnData)); }
public string GenerateJwtToken(UserSmall user) { // generate token that is valid for 1 day var tokenHandler = new JwtSecurityTokenHandler(); var key = Encoding.ASCII.GetBytes(_appSettings.Secret); var tokenDescriptor = new SecurityTokenDescriptor { Subject = new ClaimsIdentity(new[] { new Claim("fbId", user.FacebookId), new Claim("firstName", user.FirstName), new Claim("lastName", user.LastName) }), Expires = DateTime.UtcNow.AddDays(1), SigningCredentials = new SigningCredentials(new SymmetricSecurityKey(key), SecurityAlgorithms.HmacSha256Signature) }; var token = tokenHandler.CreateToken(tokenDescriptor); return(tokenHandler.WriteToken(token)); }
public async Task <ActionResult <UserAttrib> > GetUserAttrib(UserSmall fbInfo) { return(await GetUserAttribDetail(fbInfo)); }