public async Task <IActionResult> Login(UserForLoginDto userForLogin) { try { var userForLoggedDto = await _authService.Login(userForLogin.Email.ToLower(), userForLogin.Password); if (userForLoggedDto == null) { return(Unauthorized()); } var token = _authTokenProvider.GetToken( new Claim(ClaimTypes.NameIdentifier, userForLoggedDto.Id.ToString()), new Claim(ClaimTypes.Email, userForLoggedDto.Email), new Claim(ClaimTypes.Name, userForLoggedDto.Username) ); return(Ok(new { token })); } catch (EntityNotFoundException ex) { return(NotFound(ex.Message)); } catch (NotAuthorizedException ex) { return(Unauthorized()); } }
public TokenModel ResetPasword(ResetPaswordModel model) { var token = _unitOfWork.Repository <ForgotPaswordTokenEntity>().Include(x => x.User).FirstOrDefault(x => x.Code == model.Code && !x.Used); if (token != null) { var salt = _cryptoContext.GenerateSaltAsBase64(); var password = Convert.ToBase64String(_cryptoContext.DeriveKey(model.Password, salt)); token.User.Salt = salt; token.User.Password = password; token.Used = true; _unitOfWork.Repository <UserEntity>().Update(token.User); _unitOfWork.Repository <ForgotPaswordTokenEntity>().Update(token); return(_authTokenProvider.GetToken(token.User)); } return(null); }
protected override async Task Intercept <TRequest, TResponse>(TRequest request, ClientInterceptorContext <TRequest, TResponse> context) where TRequest : class where TResponse : class { var token = await _authTokenProvider.GetToken(); if (token == null) { return; } context.Options.Headers?.AddAuthorizationIfEmpty(token); }
public TokenModel GetToken(LoginCredentials loginCredentials) { var user = _unitOfWork.Repository <UserEntity>().Include(x => x.Profile).FirstOrDefault(x => x.Id == loginCredentials.Id && x.Confirmation.Confirmed); if (user == null) { return(null); } if (_cryptoContext.ArePasswordsEqual(loginCredentials.Password, user.Password, user.Salt)) { return(_authTokenProvider.GetToken(user)); } return(null); }
public async Task <HttpClient> Create(string appName) { var uri = await _serviceDiscovery.GetService(appName); var httpClientHandler = new HttpClientHandler { ServerCertificateCustomValidationCallback = HttpClientHandler.DangerousAcceptAnyServerCertificateValidator }; var httpClient = new HttpClient(httpClientHandler) { BaseAddress = uri, }; var token = await _authTokenProvider.GetToken(); httpClient.DefaultRequestHeaders.Authorization = new AuthenticationHeaderValue("Bearer", token); return(httpClient); }