public async Task <IdentityToken> LoginAsync(string username, string password) { var account = await _accountRepository.GetAsync(username); if (account == null) { throw new Exception("Invalid credentials"); } var hash = _encrypter.GetHash(password, account.Salt); if (account.Password != hash) { throw new Exception("Invalid credentials"); } var token = Guid.NewGuid().ToString("N"); var refreshToken = new RefreshToken(account, token); var jwt = _jwtHandler.Create(account.Username, account.Role, account.Id); await _refreshTokenRepository.CreateAsync(refreshToken); return(new IdentityToken { AccessToken = jwt.AccessToken, Expires = jwt.Expires, RefreshToken = token, Role = account.Role, UserId = account.Id }); }
public async Task <IdentityToken> SignInAsync(string email, string password) { var user = await _userRepository.GetAsync(email); if (user == null || !_hasher.IsValid(user, password)) { throw new ServiceException("invalid_credentials", "Invalid credentials"); } var jwt = _jwtHandler.CreateToken(user.Id, user.Role); var token = _hasher.Create(user, user.Id.ToString("N"), "=", "+", "\\", "/"); await _refreshTokenRepository.CreateAsync(new RefreshToken(user, token)); user.Login(); await _userRepository.UpdateAsync(user); return(new IdentityToken { AccessToken = jwt.AccessToken, Expires = jwt.Expires, RefreshToken = token, Role = user.Role, UserId = user.Id }); }
public async Task <LoginResponse> LoginAsync(LoginRequest request) { try { var account = await _accountRepository.FindByUsernameAsync(request.Username); if (account != null && CryptoUtils.VerifyPassword(request.Password, account.Password)) { var accessToken = CryptoUtils.CreateAccessToken(account, _configuration); var refreshToken = new RefreshToken { AccountId = account.Id, Expires = DateTime.UtcNow.AddDays(Convert.ToDouble(_configuration["Auth:RefreshTokenExpiresInDays"])), Value = CryptoUtils.RandomString(), }; await _refreshTokenRepository.CreateAsync(refreshToken); return(new LoginResponse { AccessToken = accessToken, RefreshToken = refreshToken.Value, }); } } catch (Exception ex) { // swallow for now _logger.LogError(ex, "Failed to authenticate user"); } return(new LoginResponse { Error = "Invalid username and/or password" }); }
public async Task <Result <UserAuthenticatedDto> > Handle(RegisterCommand request, CancellationToken cancellationToken) { var user = _mapper.Map <UserDto>(request.Register); await IsValid(user); var hashedPassword = _hasher.HashPassword(user, request.Register.Password); user = user with { PasswordHash = hashedPassword, Roles = new List <string> { "User" } }; var userToDb = _mapper.Map <User>(user); var jwtToken = JwtExtensions.GenerateJwtToken(user, _tokenConfiguration); var tokenString = JwtExtensions.GenerateRefreshToken(); var refreshToken = new RefreshToken { Id = Guid.NewGuid().ToString(), DateCreated = DateTime.UtcNow, DateExpires = DateTime.UtcNow.AddMinutes(_tokenConfiguration.RefreshTokenExpirationMinutes), Token = tokenString, User = userToDb }; await _tokenRepository.CreateAsync(refreshToken); UserAuthenticatedDto authenticatedDto = new(user, jwtToken, refreshToken.Token); await _sender.PublishAsync(new CreatedUser(userToDb), cancellationToken); await _sender.PublishAsync(new CreatedToken(refreshToken), cancellationToken); return(Result <UserAuthenticatedDto> .Success(authenticatedDto)); }
public async Task CreateAsync(Guid userId) { var user = await _userRepository.GetAsync(userId); if (user == null) { throw new FTException(Codes.UserNotFound, $"User: '******' was not found."); } await _refreshTokenRepository.CreateAsync(new RefreshToken(user, _passwordHasher)); }
public async Task CreateAsync(Guid userId) { var account = await _accountRepository.GetAsync(userId); if (account == null) { throw new Exception($"Account was not found."); } var token = Guid.NewGuid().ToString("N"); await _refreshTokenRepository.CreateAsync(new RefreshToken(account, token)); }
public async Task CreateAsync(Guid userId) { var user = await _userRepository.GetAsync(userId); if (user == null) { throw new ServiceException("user_not_found", $"User: '******' was not found."); } var token = _hasher.Create(user, userId.ToString("N"), "=", "+", "\\", "/", "?"); await _refreshTokenRepository.CreateAsync(new RefreshToken(user, token)); }
public async Task CreateAsync(Guid userId) { var user = await _userRepository.GetAsync(userId); if (user == null) { throw new ServiceException("user_not_found", $"User: '******' was not found."); } var token = CreateToken(user, _passwordHasher); await _refreshTokenRepository.CreateAsync(new RefreshToken(user, token)); }
public async Task <AuthenticatedAccountResponse> AuthenticateAsync(Account account) { string accessToken = _accessTokenGenerator.GenerateToken(account); string refreshToken = _refreshTokenGenerator.GenerateToken(); RefreshToken refreshTokenDTO = new RefreshToken() { Token = refreshToken, AccountId = account.Id }; await _refreshTokenRepository.CreateAsync(refreshTokenDTO); return(new AuthenticatedAccountResponse(accessToken, refreshToken)); }
public async Task <RefreshToken> CreateAsync(Guid userId) { var user = await _userRepository.GetUserAsync(userId); if (user == null) { throw new StocqresException("UserCodes does not exist."); } var refreshToken = new RefreshToken(user, _passwordHasher); await _refreshTokenRepository.CreateAsync(refreshToken); await _refreshTokenRepository.SaveAsync(); return(refreshToken); }
/// <summary> /// Generates a JWT-token. /// </summary> /// <param name="user">User entity to get info from.</param> /// <returns></returns> private async Task <AuthResponse> GenerateAuthResultForUserAsync(User user) { var jwtTokenHandler = new JwtSecurityTokenHandler(); var key = Encoding.ASCII.GetBytes(_jwtConfig.Secret); var guid = Guid.NewGuid().ToString(); var tokenDescriptor = new SecurityTokenDescriptor { Subject = new ClaimsIdentity(new[] { new Claim(JwtRegisteredClaimNames.Sub, user.Email), new Claim(JwtRegisteredClaimNames.Email, user.Email), new Claim(JwtRegisteredClaimNames.Jti, guid) }), Expires = DateTime.UtcNow.Add(_jwtConfig.TokenLifetime), SigningCredentials = new SigningCredentials(new SymmetricSecurityKey(key), SecurityAlgorithms.HmacSha512Signature) }; var token = jwtTokenHandler.CreateToken(tokenDescriptor); var jwtToken = jwtTokenHandler.WriteToken(token); var refreshToken = new RefreshToken { JwtId = token.Id, IsUsed = false, IsRevoked = false, UserId = user.Id, CreationDate = DateTime.UtcNow, ExpiryDate = DateTime.UtcNow.AddMonths(6), Token = RandomString(25) + Guid.NewGuid() }; await _refreshTokenRepository.CreateAsync(refreshToken); return(new AuthResponse { Token = jwtToken, Success = true, RefreshToken = refreshToken.Token }); }
public async Task <Result <UserAuthenticatedDto> > Handle(RefreshTokenCommand request, CancellationToken cancellationToken) { var user = await _userRepository.GetAsync(u => u.Id == request.UserId); user.SessionId = Guid.NewGuid().ToString(); var userDto = _mapper.Map <UserDto>(user); var refreshTokenInDb = await _tokenRepository.GetAsync(t => t.User.Id == request.UserId && t.Token == request.Token.Name); refreshTokenInDb.CheckForNull(); IsValid(refreshTokenInDb); var jwtToken = JwtExtensions.GenerateJwtToken(userDto, _tokenConfiguration); var tokenString = JwtExtensions.GenerateRefreshToken(); var userInDb = _mapper.Map <User>(user); var refreshToken = new RefreshToken { Id = Guid.NewGuid().ToString(), DateCreated = DateTime.UtcNow, DateExpires = DateTime.UtcNow.AddMinutes(_tokenConfiguration.RefreshTokenExpirationMinutes), Token = tokenString, User = userInDb }; await _tokenRepository.CreateAsync(refreshToken); await _tokenRepository.DeleteAsync(t => t.Id == refreshTokenInDb.Id); await _sender.PublishAsync(new UpdatedUser(user), cancellationToken); await _sender.PublishAsync(new CreatedToken(refreshToken), cancellationToken); UserAuthenticatedDto authenticatedDto = new(userDto, jwtToken, refreshToken.Token); return(Result <UserAuthenticatedDto> .Success(authenticatedDto)); }
public async Task <Result <UserAuthenticatedDto> > Handle(LoginCommand request, CancellationToken cancellationToken) { var user = await _userRepository.GetAsync(u => u.UserName == request.Login.UserName); if (user == null) { throw Result <User> .Failure("userName", "Invalid userName", HttpStatusCode.BadRequest); } user.SessionId = Guid.NewGuid().ToString(); var userDto = _mapper.Map <UserDto>(user); IsValid(userDto, request.Login.Password); var jwtToken = JwtExtensions.GenerateJwtToken(userDto, _tokenConfiguration); var tokenString = JwtExtensions.GenerateRefreshToken(); var refreshToken = new RefreshToken { Id = Guid.NewGuid().ToString(), DateCreated = DateTime.UtcNow, DateExpires = DateTime.UtcNow.AddMinutes(_tokenConfiguration.RefreshTokenExpirationMinutes), Token = tokenString, User = user }; await _tokenRepository.CreateAsync(refreshToken); await _sender.PublishAsync(new UpdatedUser(user), cancellationToken); await _sender.PublishAsync(new CreatedToken(refreshToken), cancellationToken); UserAuthenticatedDto authenticatedDto = new(userDto, jwtToken, refreshToken.Token); return(Result <UserAuthenticatedDto> .Success(authenticatedDto)); }
public async Task <Unit> Handle(CreateRefreshTokenCommand request, CancellationToken cancellationToken) { await _tokenRepository.CreateAsync(request.Token); return(Unit.Value); }