/// <summary> /// Get new token /// </summary> /// <param name="username">login</param> /// <returns>token</returns> private async Task <string> GetToken(string username) { int userId = await _appDbContext.FindByLogin(username); var identity = await _authorizationManager.GetIdentity(username, userId); if (identity == null) { return(null); } _log.LogInfo("Set token options."); var now = DateTime.Now; var jwt = new JwtSecurityToken( issuer: AuthorizationOptions.Issuer, audience: AuthorizationOptions.Audience, notBefore: now, claims: identity.Claims, expires: now.Add(TimeSpan.FromMinutes(AuthorizationOptions.Lifetime)), signingCredentials: new SigningCredentials(AuthorizationOptions.GetSymmetricSecurityKey(), SecurityAlgorithms.HmacSha256)); var encodedJwt = new JwtSecurityTokenHandler().WriteToken(jwt); _log.LogInfo("Set session options."); Sessions start = new Sessions() { Token = encodedJwt, UserId = userId, ExpiredDate = now.Add(TimeSpan.FromMinutes(AuthorizationOptions.Lifetime)) }; _log.LogInfo("Check for previous session."); if (await _appDbContext.IsExistPreviousSession(userId)) { _log.LogInfo("The session was founded. I`ll delete it."); await _appDbContext.DeleteSessions(userId); _log.LogInfo("Success delete."); } _log.LogInfo("Add session"); await _appDbContext.AddSession(start); _log.LogInfo("Session was add."); _log.LogInfo("Return session's token"); return(encodedJwt); }
/// <summary> /// Get identity by credentials /// </summary> /// <param name="userLogin">user's login</param> /// <param name="password">user's password</param> /// <returns>user</returns> public async Task <ClaimsIdentity> GetClaimsIdentity(string userLogin, string password) { if (string.IsNullOrEmpty(userLogin) || string.IsNullOrEmpty(password)) { return(null); } var userToVerify = await _appDbContext.FindByLogin(userLogin); if (userToVerify == 0) { return(null); } if (await _appDbContext.CheckPassword(password, userToVerify)) { return(await GetIdentity(userLogin, userToVerify)); } return(null); }
public async Task <IActionResult> Registration(UsersData userData, Secrets userSecrets) { _log.LogInfo("Get userData for registration."); if (!ModelState.IsValid) { _log.LogError("Incorrect input."); return(BadRequest(ModelState)); } _log.LogInfo("Check is password safe."); try { if (PasswordManager.ValidatePassword(userSecrets.Password)) { _log.LogInfo("Safety of password is good."); _log.LogInfo("Check is it a new user."); if (!await _appDbContext.IsUserExist(userData.Email)) { using (SqlConnection connection = new SqlConnection("Data Source=JULIKROP\\SQLEXPRESS;Initial Catalog=EHospital;Integrated Security=True")) { connection.Open(); using (var transaction = connection.BeginTransaction()) { try { _log.LogInfo("Add default role."); await _appDbContext.AddRoles(new Roles { Id = (int)UsersRoles.NoRole, Title = UsersRoles.NoRole.ToString() }); _log.LogInfo("Add login."); await _appDbContext.AddLogin(new Logins { Login = userData.Email, RegisterKey = emailSender.GenerateKey(), Status = "New" }); _log.LogInfo("Add user's userData"); await _appDbContext.AddUserData(new UsersData { FirstName = userData.FirstName, LastName = userData.LastName, BirthDate = userData.BirthDate, PhoneNumber = userData.PhoneNumber, Country = userData.Country, City = userData.City, Adress = userData.Adress, Gender = userData.Gender, Email = userData.Email }); _log.LogInfo("Add password."); await _appDbContext.AddSecrets(new Secrets { Password = userSecrets.Password }); transaction.Commit(); } catch (Exception ex) { _log.LogError("Account is not created." + ex.Message); transaction.Rollback(); return(new BadRequestObjectResult("Creation of account was failed." + ex.Message)); } finally { transaction.Dispose(); } } } } else { _log.LogError("Account is not created."); return(new BadRequestObjectResult("Creation of account was failed.")); } string greetingText; using (StreamReader streamreader = new StreamReader(@"..\EHospital.Authorization.WebAPI\Letters\greetings.txt")) { greetingText = streamreader.ReadToEnd(); } _log.LogInfo("Send greetings."); await emailSender.SendEmail(userData.Email, "Welcome to EHospital", greetingText); int id = await _appDbContext.FindByLogin(userData.Email); string key = await _appDbContext.GetRegisterKey(userData.Email); var callbackUrl = $"{Request.Scheme}://{Request.Host}/authorization/api/Registration/Confirmation?userId={id}&token={key}"; _log.LogInfo("Send confirmation"); await emailSender.SendEmail(userData.Email, "Confirm the registration", $"Confirm the registration by clicking the following link: <a href='{callbackUrl}'>confirm</a>"); _log.LogInfo("Account created"); Task.WaitAll(); return(new OkObjectResult("Account created. We sent letter on your email.Confirm it. If you don`t see the letter, please, check the spam.")); } _log.LogError("Account is not created."); return(new BadRequestObjectResult("Creation of account was failed.")); } catch (ArgumentException ex) { _log.LogError("Account is not created." + ex.Message); return(new BadRequestObjectResult("Creation of account was failed." + ex.Message)); } }