public AuthenticationResultModel Authenticate(AuthenticationRequestModel request)
{
var account = AuthRepo.GetAuthenticationAccount(request.UserId);
var result = new AuthenticationResultModel();
if (account == null)
{
result.Result = AuthenticationResultType.Invalid;
return(result);
}
if (StringHasher.ValidateHashedString(account.HashedPassword, request.Password))
{
if (account.Locked)
{
result.Result = AuthenticationResultType.Locked;
return(result);
}
result.Result = account.ChangePassword
? AuthenticationResultType.ChangePassword
: AuthenticationResultType.Success;
}
else if (!account.Locked && account.HashedPassword.Equals(request.Password))
{
// 일반 문자열 비밀번호 확인
result.Result = AuthenticationResultType.ChangePassword;
}
else
{
// 비밀번호가 맞지 않음
result.Result = AuthenticationResultType.Invalid;
return(result);
}
var tokenModel = new AuthenticationTokenModel
{
UserId = account.UserId,
Name = account.Name,
Company = account.CompanyCode ?? "",
Group = account.GroupCode ?? "",
UserClass = account.UserClass ?? "",
UniqueId = Guid.NewGuid().ToString("N")
};
var tokenClaims = tokenModel.ToClaims();
var token =
TokenProvider.GetJwtSecurityToken(tokenClaims,
result.Result == AuthenticationResultType.ChangePassword
? TemporaryTokenExpireMins
: (int?)null);
result.Token = new JwtSecurityTokenHandler().WriteToken(token);
return(result);
}
public IActionResult RequestToken([FromBody] AuthenticationRequestModel request)
{
if (User.Identity.IsAuthenticated)
{
return(StatusCode((int)HttpStatusCode.BadRequest, new
{
message = "이미 인증이 되어 있습니다."
}));
}
return(Ok(AuthService.Authenticate(request)));
}
