/// <summary> /// Login for Account route. /// </summary> /// <param name="loginDto"></param> /// <param name="account"></param> /// <returns></returns> private HttpResponseMessage AccountLoginHelper(SsoLoginRequestDTO loginDto, Account account) { var saltModel = _saltLogic.GetSalt(loginDto.Username); if (saltModel == null) { return(new HttpResponseMessage(HttpStatusCode.InternalServerError)); } // Make sure you append the salt, not prepend (group decision). var hashedPassword = HashService.Instance.HashPasswordWithSalt(saltModel.PasswordSalt, loginDto.Password, true); if (!account.Password.Equals(hashedPassword)) { return(new HttpResponseMessage(HttpStatusCode.Unauthorized)); } var token = JwtManager.Instance.GenerateToken(loginDto.Username); // Grab the previous access token associated with the account. var accountAccessToken = _jAccessTokenLogic.GetJAccessToken(loginDto.Username); if (accountAccessToken != null) { // Set current account token to expired list. var expiredToken = new ExpiredAccessToken(accountAccessToken.Value, false); _expiredAccessTokenLogic.Create(expiredToken); // Updated new access token. accountAccessToken.Value = token; _jAccessTokenLogic.Update(accountAccessToken); } // Redirect them to our Home page with their credentials logged. return(new HttpResponseMessage { Content = new StringContent(UrlConstants.BaseAppClient + "home?jwt=" + token), StatusCode = HttpStatusCode.OK }); }
public void Update(ExpiredAccessToken expiredAccessToken) { _expiredAccessTokenRepository.Update(expiredAccessToken); }
public void Create(ExpiredAccessToken expiredAccessToken) { _expiredAccessTokenRepository.Insert(expiredAccessToken); }