public async Task <UserTokenDTO> VerifyUserWithIdentityAsync(VerifyUserWithIdentityDTO arg, string ip) { try { var user = await FindUser(arg.Identity); if (user == null) { throw new EntityNotFoundException(); } var lockDate = await userManager.GetLockoutEndDateAsync(user); if (lockDate != null && lockDate.Value > DateTime.Now) { throw new AccountLockedException(); } var result = await userManager.ChangePhoneNumberAsync(user, user.PhoneNumber, arg.Code); if (result.Succeeded) { //change last code to insure security. var confirmationToken = await userManager.GenerateChangePhoneNumberTokenAsync(user, user.PhoneNumber); var roles = await userManager.GetRolesAsync(user); var refreshToken = jwtService.GenerateRefreshToken(ip); if (user.RefreshTokens == null) { user.RefreshTokens = new List <RefreshToken>(); } user.RefreshTokens.Add(refreshToken); await db.SaveChangesAsync(); return(new UserTokenDTO(jwtService.GenerateAuthorizationToken(user, roles), refreshToken.Token)); } else { await userManager.AccessFailedAsync(user); throw new ValidationException(result.Errors); } } catch (System.Exception ex) { throw; } }
public async Task <ApiResponse> VerifyUserWithIdentity([FromBody] VerifyUserWithIdentityDTO arg) { try { var ip = httpService.IpAddress(Request, HttpContext); var token = await userService.VerifyUserWithIdentityAsync(arg, ip); httpService.SetCookie("refreshToken", token.RefreshToken, Response); return(new ApiResponse(InfoMessages.UserVerified, token, HttpStatusCode.OK.ToInt())); } catch (ValidationException ex) { throw new ApiException(ex.Errors, ex.StatusCode); } catch (CustomException ex) { throw new ApiException(ex, ex.StatusCode); } catch (Exception ex) { throw new ApiException(ex); } }