public override void OnActionExecuting(System.Web.Http.Controllers.HttpActionContext filterContext)
{
if (filterContext.ActionDescriptor.GetCustomAttributes <SkipMyGlobalActionFilterAttribute>().Any())
{
return;
}
if (!filterContext.Request.Headers.Contains("JWT_TOKEN"))
{
throw new UnauthorizedAccessException();
}
else
{
String token = filterContext.Request.Headers.GetValues("JWT_TOKEN").First();
IAuthContainerModel model = new JWTContainerModel();
IAuthService authService = new JWTService(model.SecretKey);
if (!authService.IsTokenValid(token))
{
throw new UnauthorizedAccessException();
}
else
{
List <Claim> claims = authService.GetTokenClaims(token).ToList();
Console.WriteLine(claims.FirstOrDefault(e => e.Type.Equals(ClaimTypes.Name)).Value);
Console.WriteLine(claims.FirstOrDefault(e => e.Type.Equals(ClaimTypes.Role)).Value);
// Console.WriteLine(claims.FirstOrDefault(e => e.Type.Equals(ClaimTypes.PrimarySid)).Value);
}
}
}
public Response GetToken([FromForm] string userName, [FromForm] string password)
{
var user = userService.Authenticate(userName, password);
if (user == null)
{
return(new Response
{
StatusCode = 401,
Message = "Unauthorize"
});
}
IAuthContainerModel authContainerModel = new JWTContainerModel(user)
{
};
IAuthService authService = new JWTService(authContainerModel.Secretkey);
return(new Response
{
StatusCode = 200,
Message = "OK",
AccessToken = authService.GenerateToken(authContainerModel)
});
}
public void KO_IssuerNotMatch()
{
//ARRANGER
var Id = Guid.NewGuid();
var secretKey = "that's a single secret key used to not be hacked";
var claimsRequest = new Dictionary <string, string>();
claimsRequest.Add(eClaims.Name.ToString(), "Luca Fenu");
claimsRequest.Add(eClaims.Id.ToString(), Id.ToString());
claimsRequest.Add(eClaims.Mail.ToString(), "*****@*****.**");
//ACT
IAuthContainerModel model = new JWTContainerModel(secretKey, 1, "http://localhost:123", claimsRequest);
IAuthService authService = new JWTService(model);
string token = authService.GenerateToken();
IAuthContainerModel modelResponse = new JWTContainerModel(secretKey, 1, "http://localhost:312", null);
IAuthService authServiceResponse = new JWTService(modelResponse);
var tokenResponse = authServiceResponse.GenerateToken();
//ASSERT
Assert.IsFalse(authService.IsTokenValid(tokenResponse));
}
public void TestAuth()
{
JWTContainerModel JWT = new JWTContainerModel()
{
Claims = new Claim[]
{
new Claim(ClaimTypes.Name, "Kent Utterback"),
new Claim(ClaimTypes.Email, "*****@*****.**")
}
};
JWTService authService = new JWTService(JWT.SecretKey);
string token = authService.GenerateToken(JWT);
if (!authService.IsTokenValid(token))
{
Assert.Fail();
}
List <Claim> claims = authService.GetTokenClaims(token).ToList();
Assert.Equals(claims.FirstOrDefault(claim => claim.Type.Equals(ClaimTypes.Name)).Value, "Kent Utterback");
Assert.Equals(claims.FirstOrDefault(claim => claim.Type.Equals(ClaimTypes.Email)).Value, "*****@*****.**");
}
public ActionResult Login(string username, string pass)
{
var obj = _dl.GetPassByUserName(username, true);
if (obj == null)
{
return(Json(new BaseResponse <AgencyItem>()
{
Erros = true, Message = "Tên tài khoản không đúng"
}));
}
var pas = FDIUtils.CreatePasswordHash(pass, obj.PasswordSalt);
if (obj.Password != pas)
{
return(Json(new BaseResponse <AgencyItem>()
{
Erros = true, Message = "Mật khẩu không đúng"
}));
}
if (obj.isLock != true)
{
return(Json(new BaseResponse <AgencyItem>()
{
Erros = true, Message = "Tài khoản chưa được kích hoạt"
}));
}
IAuthContainerModel model = new JWTContainerModel()
{
Claims = new Claim[]
{
new Claim(ClaimTypes.Name, obj.UserName),
new Claim("ID", obj.UserId.ToString()),
new Claim("AgencyId", obj.AgencyID.ToString()),
}
};
IAuthService authService = new JWTService();
var token = authService.GenerateToken(model);
var result = new BaseResponse <AgencyItem>()
{
Erros = false,
Data = new AgencyItem()
{
FullName = obj.FullName,
Phone = obj.Phone,
Token = token,
AgencyLevelId = obj.AgencyLevelId
}
};
return(Json(result, JsonRequestBehavior.AllowGet));
}
public JWTContainerModel CreateContainer(Session authData)
{
var jwtContainerModel = new JWTContainerModel
{
Claims = new[]
{
new Claim(ClaimTypes.Name, authData.Username),
}
};
return(jwtContainerModel);
}
//POST: /auth/signin/
public async Task <IActionResult> SignIn([Bind("Username,Password")] LoginRequestModel login)
{
//Find a user with a matching email as entered
var foundUser = await _context.Users
.FirstOrDefaultAsync(m => m.Username == login.Username);
//If no user was found, exit with error
if (foundUser == null)
{
return(Unauthorized(new { error = "User not found" }));
}
//Otherwise, check the DB hash against our user's entered password's hash
string loginPassHash = UserHelper.GeneratePasswordHash(login.Password, foundUser.Salt);
bool authed = (foundUser.HashedPassword == loginPassHash);
//If they failed to hash to the same value, return an error
if (!authed)
{
return(Unauthorized(new { error = "Password entered is incorrect" }));
}
IAuthContainerModel model = new JWTContainerModel()
{
Claims = new Claim[]
{
new Claim("UserName", foundUser.Username),
new Claim("IsAdmin", foundUser.IsAdmin.ToString())
},
};
//Generate a JWT token for further authentication
IAuthService jwt = new JWTService(model.SecretKey);
string jwtToken = jwt.GenerateToken(model);
//Add it as a cookie to the response
Response.Cookies.Append("t", jwt.GenerateToken(model));
//Return our JWT access token and the authenticated user's information
// Make a temporary user to strip out private info out of the user model (like passwords)
UserModel returnUser = new UserModel
{
_id = foundUser._id,
Username = foundUser.Username,
FName = foundUser.FName,
LName = foundUser.LName,
Email = foundUser.Email,
};
return(Ok(new { JWTAccessToken = jwtToken, User = returnUser }));
}
public async Task <ActionResult> ValidateToken(string token, string phone, string tokenDevice)
{
if (!tokenOtpDA.ValidateToken(token, phone, (int)TokenOtpType.Authen))
{
return(Json(new JsonMessage(1000, "Thông tin đăng nhập không hợp lệ"), JsonRequestBehavior.AllowGet));
}
tokenOtpDA.UpdateIsUsed(token, phone);
await tokenOtpDA.SaveAsync();
var customer = customerDA.GetByPhone(phone, Type);
var key = Guid.NewGuid();
IAuthContainerModel model = new JWTContainerModel()
{
Claims = new Claim[]
{
new Claim("Phone", customer.Mobile),
new Claim("Type", "Token"),
new Claim("ID", customer.ID.ToString()),
},
ExpireMinutes = 10,
};
IAuthContainerModel modelRefreshToken = new JWTContainerModel()
{
Claims = new Claim[]
{
new Claim("Phone", customer.Mobile),
new Claim("Type", "RefreshToken"),
new Claim("key", key.ToString()),
new Claim("ID", customer.ID.ToString()),
},
ExpireMinutes = 60 * 24 * 30,
};
var tokenResponse = JWTService.Instance.GenerateToken(model);
var refreshToken = JWTService.Instance.GenerateToken(modelRefreshToken);
customerDA.InsertToken(new TokenRefresh()
{
GuidId = key
});
customer.TokenDevice = tokenDevice;
customerDA.Save();
return(Json(new BaseResponse <CustomerAppIG4Item>()
{
Code = 200, Erros = false, Message = "", Data = new CustomerAppIG4Item()
{
Token = tokenResponse, RefreshToken = refreshToken, ID = customer.ID, Fullname = customer.FullName
}
}, JsonRequestBehavior.AllowGet));
}
public string Get(string name, string email)
{
IAuthContainerModel model = new JWTContainerModel()
{
Claims = new Claim[]
{
new Claim(ClaimTypes.Name, name),
new Claim(ClaimTypes.Email, email)
}
};
IAuthService authService = new JWTService(model.SecretKey);
string token = authService.GenerateToken(model);
return(token);
}
public IActionResult GerarToken([FromBody] GerarTokenRequest request)
{
try
{
if (string.IsNullOrEmpty(request.Nome) || string.IsNullOrEmpty(request.Email))
{
return(BadRequest(request));
}
var model = new JWTContainerModel(request.Nome, request.Email);
var tokenGenerated = _jWTService.GenerateToken(model);
return(Ok(tokenGenerated));
}
catch (Exception ex)
{
throw new Exception($"Erro ao gerar token: {ex.Message}");
}
}
private static string getPhoneFromToken(string token)
{
try
{
string tokenPhone;
IAuthContainerModel model = new JWTContainerModel();
IAuthService authService = new JWTService(model.SecretKey);
List <Claim> claims = authService.GetTokenClaims(token).ToList();
string tokenName = claims.FirstOrDefault(e => e.Type.Equals(ClaimTypes.Name)).Value;
tokenPhone = claims.FirstOrDefault(e => e.Type.Equals(ClaimTypes.MobilePhone)).Value;
return(tokenPhone);
}
catch
{
throw;
}
}
public string ValidJWT(string token)
{
try
{
IAuthContainerModel model = new JWTContainerModel();
IAuthService authService = new JWTService(model.SecretKey);
if (!authService.IsTokenValid(token))
{
throw new UnauthorizedAccessException();
}
else
{
List <Claim> claims = authService.GetTokenClaims(token).ToList();
return(claims.FirstOrDefault(e => e.Type.Equals(ClaimTypes.Name)).Value);
}
}
catch (Exception)
{
return(null);
}
}
public JwtToken Handle()
{
User user = repository.GetUserByUsername(authenticationCredential.Username);
if (user == null)
{
return(null);
}
bool isHashEqualToPassword = HashingUtils.IsGivenHashIdenticalWithGivenString(user.Password, authenticationCredential.Password);
if (!isHashEqualToPassword)
{
return(null);
}
authenticationCredential.Password = null;
List <Claim> claims = new List <Claim>();
foreach (UserRole userRole in user.Roles)
{
claims.Add(new Claim(ClaimTypes.Role, userRole.ToString()));
}
claims.Add(new Claim(ClaimTypes.Name, user.FirstName + " " + user.LastName));
claims.Add(new Claim(ClaimTypes.NameIdentifier, user.UserName));
JWTContainerModel jWtContainerModel = new JWTContainerModel()
{
Claims = claims.ToArray()
};
JwtToken jwtToken = new JwtToken(jWtContainerModel);
JwtToken result = jwtToken.IsValid ? jwtToken : null;
return(result);
}
private static Session CreateSession(string email, string handle, string displayName, string bio)
{
var authTokenContainerModel = new JWTContainerModel(SessionSecretKey, SecurityAlgorithms.HmacSha256Signature, 1440, new Claim[]
{
new Claim(ClaimTypes.Email, email),
new Claim("TokenType", JWTTokenTypes.Auth)
});
var refreshTokenContainerModel = new JWTContainerModel(SessionSecretKey, SecurityAlgorithms.HmacSha256Signature, 44640, new Claim[]
{
new Claim(ClaimTypes.Email, email),
new Claim("TokenType", JWTTokenTypes.Refresh)
});
var jwtService = new JWTService(SessionSecretKey);
var authTokenExpireTime = new DateTimeOffset(DateTime.UtcNow.AddMinutes(Convert.ToInt32(authTokenContainerModel.ExpireMinutes))).ToUnixTimeSeconds();
var refreshTokenExpireTime = new DateTimeOffset(DateTime.UtcNow.AddMinutes(Convert.ToInt32(refreshTokenContainerModel.ExpireMinutes))).ToUnixTimeSeconds();
var authToken = new SessionToken(authTokenExpireTime, jwtService.GenerateToken(authTokenContainerModel));
var refreshToken = new SessionToken(refreshTokenExpireTime, jwtService.GenerateToken(refreshTokenContainerModel));
return(new Session(email, handle, displayName, bio, authToken, refreshToken));
}
public async Task <ActionResult> RefreshToken(string refreshToken)
{
if (!JWTService.Instance.IsTokenValid(refreshToken))
{
return(Json(new JsonMessage(1000, "invalid token")));
}
var tmp = JWTService.Instance.GetTokenClaims(refreshToken).FirstOrDefault(m => m.Type == "Type");
if (tmp.Value.ToString() != "RefreshToken")
{
return(Json(new JsonMessage(1000, "invalid token")));
}
var phone = JWTService.Instance.GetTokenClaims(refreshToken).FirstOrDefault(m => m.Type == "Phone")?.Value.ToString();
var id = JWTService.Instance.GetTokenClaims(refreshToken).FirstOrDefault(m => m.Type == "ID")?.Value.ToString();
var key = Guid.Parse(JWTService.Instance.GetTokenClaims(refreshToken).FirstOrDefault(m => m.Type == "key")?.Value ?? throw new InvalidOperationException());
var oldToke = customerDA.GetTokenByGuidId(key);
if (oldToke == null)
{
return(Json(new JsonMessage(1000, "invalid token")));
}
customerDA.DeleteTokenRefresh(oldToke);
key = Guid.NewGuid();
IAuthContainerModel model = new JWTContainerModel()
{
Claims = new Claim[]
{
new Claim("Phone", phone),
new Claim("Type", "Token"),
new Claim("ID", id),
},
ExpireMinutes = 10,
};
IAuthContainerModel modelRefreshToken = new JWTContainerModel()
{
Claims = new Claim[]
{
new Claim("Phone", phone),
new Claim("key", key.ToString()),
new Claim("Type", "RefreshToken"),
new Claim("ID", id),
},
ExpireMinutes = 60 * 24 * 30,
};
var tokenResponse = JWTService.Instance.GenerateToken(model);
var refreshTokenResponse = JWTService.Instance.GenerateToken(modelRefreshToken);
customerDA.InsertToken(new TokenRefresh()
{
GuidId = key
});
customerDA.Save();
return(Json(new BaseResponse <CustomerAppIG4Item>()
{
Code = 200, Erros = false, Message = "", Data = new CustomerAppIG4Item()
{
Token = tokenResponse, RefreshToken = refreshTokenResponse
}
}, JsonRequestBehavior.AllowGet));
}
public ActionResult ZaloCallback(string accesstoken)
{
try
{
var appId = 3722523456944291775;
var appSecret = "MU1RP7QQ6k8ndjhPNqdj";
if (!string.IsNullOrEmpty(accesstoken))
{
ZaloAppInfo appInfo = new ZaloAppInfo(appId, appSecret, "callbackUrl");
ZaloAppClient appClient = new ZaloAppClient(appInfo);
JObject me = appClient.getProfile(accesstoken, "fields=a,name,id,birthday,gender,phone,picture");
var output = JsonConvert.SerializeObject(me);
ZaloCustomerItem deserializedProduct = JsonConvert.DeserializeObject <ZaloCustomerItem>(output);
if (string.IsNullOrEmpty(deserializedProduct.error))
{
var cus = new Base.Customer
{
UserName = deserializedProduct.name,
FullName = deserializedProduct.name,
DateCreated = DateTime.Now.TotalSeconds(),
IsActive = true,
IsDelete = false,
idUserZalo = deserializedProduct.id,
AvatarUrl = deserializedProduct.picture.data.url,
};
InsertCustomerZalo(cus);
var customer = customerDA.GetbyidUserZalo(cus.idUserZalo);
var key = Guid.NewGuid();
IAuthContainerModel model = new JWTContainerModel()
{
Claims = new Claim[]
{
new Claim(type: "Phone", value: customer.Mobile ?? ""),
new Claim(type: "Type", value: "Token"),
new Claim(type: "ID", value: customer.ID.ToString()),
},
ExpireMinutes = 10,
};
IAuthContainerModel modelRefreshToken = new JWTContainerModel()
{
Claims = new Claim[]
{
new Claim(type: "Phone", value: customer.Mobile ?? ""),
new Claim(type: "Type", value: "RefreshToken"),
new Claim(type: "key", value: key.ToString()),
new Claim(type: "ID", value: customer.ID.ToString()),
},
ExpireMinutes = 60 * 24 * 30,
};
var tokenResponse = JWTService.Instance.GenerateToken(model: model);
var refreshToken = JWTService.Instance.GenerateToken(model: modelRefreshToken);
customerDA.InsertToken(data: new TokenRefresh()
{
GuidId = key
});
customerDA.Save();
return(Json(data: new BaseResponse <CustomerAppIG4Item>()
{
Code = 200, Erros = false, Message = "", Data = new CustomerAppIG4Item()
{
Token = tokenResponse, RefreshToken = refreshToken, ID = customer.ID
}
}, behavior: JsonRequestBehavior.AllowGet));
}
return(Json(data: new { Code = deserializedProduct.error, Erros = true, Message = "Có lỗi xảy ra vui lòng xem lại mã lỗi" }, behavior: JsonRequestBehavior.AllowGet));
}
}
catch (Exception e)
{
return(Redirect("/"));
}
return(Redirect("/"));
}
public ActionResult GoogleCallback(string accesstoken, string token)
{
Userclass userinfo = new Userclass();
try
{
string url = "https://www.googleapis.com/oauth2/v1/userinfo?alt=json&access_token=" + accesstoken + "";
WebRequest request = WebRequest.Create(url);
request.Credentials = CredentialCache.DefaultCredentials;
WebResponse response = request.GetResponse();
Stream dataStream = response.GetResponseStream();
StreamReader reader = new StreamReader(dataStream);
string responseFromServer = reader.ReadToEnd();
reader.Close();
response.Close();
JavaScriptSerializer js = new JavaScriptSerializer();
userinfo = js.Deserialize <Userclass>(responseFromServer);
var cus = new Base.Customer
{
Email = userinfo.email,
UserName = userinfo.email,
FullName = userinfo.family_name + " " + userinfo.given_name + " " + userinfo.name,
DateCreated = DateTime.Now.TotalSeconds(),
IsActive = true,
IsDelete = false,
idUserGoogle = userinfo.id,
AvatarUrl = userinfo.picture,
TokenDevice = token,
};
InsertCustomerGoogle(cus);
var customer = customerDA.GetByidUserGoogle(cus.idUserGoogle);
var key = Guid.NewGuid();
IAuthContainerModel model = new JWTContainerModel()
{
Claims = new Claim[]
{
new Claim(type: "Phone", value: customer.Mobile ?? ""),
new Claim(type: "Type", value: "Token"),
new Claim(type: "ID", value: customer.ID.ToString()),
},
ExpireMinutes = 10,
};
IAuthContainerModel modelRefreshToken = new JWTContainerModel()
{
Claims = new Claim[]
{
new Claim(type: "Phone", value: customer.Mobile ?? ""),
new Claim(type: "Type", value: "RefreshToken"),
new Claim(type: "key", value: key.ToString()),
new Claim(type: "ID", value: customer.ID.ToString()),
},
ExpireMinutes = 60 * 24 * 30,
};
var tokenResponse = JWTService.Instance.GenerateToken(model: model);
var refreshToken = JWTService.Instance.GenerateToken(model: modelRefreshToken);
customerDA.InsertToken(data: new TokenRefresh()
{
GuidId = key
});
customerDA.Save();
return(Json(data: new BaseResponse <CustomerAppIG4Item>()
{
Code = 200, Erros = false, Message = "", Data = new CustomerAppIG4Item()
{
Token = tokenResponse, RefreshToken = refreshToken
}
}, behavior: JsonRequestBehavior.AllowGet));
}
catch (Exception e)
{
return(Redirect("/"));
}
return(Redirect("/"));
}
public ActionResult FacebookCallback(string accesstoken, string token)
{
try
{
var fb = new FacebookClient();
if (!string.IsNullOrEmpty(accesstoken))
{
fb.AccessToken = accesstoken;
dynamic me = fb.Get("me?fields=first_name,middle_name,last_name,id,email");
var cus = new Base.Customer
{
Email = me.email,
UserName = me.email,
FullName = me.first_name + me.middle_name + me.last_name,
DateCreated = DateTime.Now.TotalSeconds(),
IsActive = true,
IsDelete = false,
idUserFacebook = me.id,
TokenDevice = token,
};
//dynamic pic = fb.Get(me.id+"/picture");
InsertCustomerFacebook(cus);
var customer = customerDA.GetByidUserFacebook(cus.idUserFacebook);
var key = Guid.NewGuid();
IAuthContainerModel model = new JWTContainerModel()
{
Claims = new Claim[]
{
new Claim(type: "Phone", value: customer.Mobile ?? ""),
new Claim(type: "Type", value: "Token"),
new Claim(type: "ID", value: customer.ID.ToString()),
},
ExpireMinutes = 10,
};
IAuthContainerModel modelRefreshToken = new JWTContainerModel()
{
Claims = new Claim[]
{
new Claim(type: "Phone", value: customer.Mobile ?? ""),
new Claim(type: "Type", value: "RefreshToken"),
new Claim(type: "key", value: key.ToString()),
new Claim(type: "ID", value: customer.ID.ToString()),
},
ExpireMinutes = 60 * 24 * 30,
};
var tokenResponse = JWTService.Instance.GenerateToken(model: model);
var refreshToken = JWTService.Instance.GenerateToken(model: modelRefreshToken);
customerDA.InsertToken(data: new TokenRefresh()
{
GuidId = key
});
customerDA.Save();
return(Json(data: new BaseResponse <CustomerAppIG4Item>()
{
Code = 200, Erros = false, Message = "", Data = new CustomerAppIG4Item()
{
Token = tokenResponse, RefreshToken = refreshToken, ID = customer.ID
}
}, behavior: JsonRequestBehavior.AllowGet));
}
}
catch (Exception e)
{
return(Redirect("/"));
}
return(Redirect("/"));
}
public static IAuthService GetJWTService()
{
IAuthContainerModel containerModel = new JWTContainerModel();
return(new JWTService(containerModel.SecretKey));
}
public TokenModel StartSession([FromBody] TokenModel refreshToken)
{
using (IUMdbEntities entities = new IUMdbEntities())
{
#region Validation
#region CheckIfRefreshTokenIsNull
if (refreshToken == null)
{
return(null);
}
#endregion
JWTService serviceJWT = new JWTService(DefaultSecretKey.key);
#region checkIfTokenIsValid
if (!serviceJWT.IsTokenValid(refreshToken.Token))
{
return(null);
}
#endregion
string username, password, tokenType;
List <string> userRoles;
List <Claim> tokenClaims = serviceJWT.GetTokenClaims(refreshToken.Token).ToList();
username = tokenClaims.FirstOrDefault(e => e.Type.Equals(MyClaimsTypes.Username)).Value;
password = tokenClaims.FirstOrDefault(e => e.Type.Equals(MyClaimsTypes.Password)).Value;
userRoles = tokenClaims.FirstOrDefault(e => e.Type.Equals(MyClaimsTypes.Roles)).Value.Split(',').ToList();
tokenType = tokenClaims.FirstOrDefault(e => e.Type.Equals(MyClaimsTypes.TokenType)).Value;
#region checkTokenType
if (!tokenType.Equals(MyTokenTypes.RefreshToken))
{
return(null);
}
#endregion
#region checkIfRefreshTokenMatches
bool checkIfRefreshTokenMatches = entities.Users
.Any(e => e.Username == username && e.RefreshToken == refreshToken.Token);
if (!checkIfRefreshTokenMatches)
{
return(null);
}
#endregion
string dbUserHashedPassword = entities.Users
.Where(e => e.Username == username)
.Select(e => e.Password)
.First();
CryptoService cryptoService = new CryptoService();
#region checkIfUserPasswordMatches
bool checkIfUserPasswordMatches = cryptoService.CompareStringToHash(password, dbUserHashedPassword);
if (!checkIfUserPasswordMatches)
{
return(null);
}
#endregion
#endregion
Users dbUser = entities.Users
.Where(e => e.Username == username)
.First();
JWTContainerModel newBearerTokenJWTContainerModel = JWTContainerModel.GetUserJWTContainerModel(
username, password, userRoles, MyTokenTypes.BearerToken);
string newBearerToken = serviceJWT.GenerateToken(newBearerTokenJWTContainerModel, true);
Users newUser = new Users()
{
Id = dbUser.Id,
Username = dbUser.Username,
Password = dbUser.Password,
RefreshToken = dbUser.RefreshToken,
BearerToken = newBearerToken,
GoogleId = dbUser.GoogleId
};
entities.Users.AddOrUpdate(newUser);
entities.SaveChanges();
return(new TokenModel(newBearerToken));
}
}
public ActionResult Register(CustomerItem customer)
{
var objr = new CustomerAppItem
{
Status = 0
};
try
{
if (!string.IsNullOrEmpty(customer.Phone) && !string.IsNullOrEmpty(customer.Password))
{
if (_da.CheckUserName(customer.Phone))
{
return(Json(new BaseResponse <CustomerItem>()
{
Erros = true,
Message = "Số điện thoại đã tồn tại",
}, JsonRequestBehavior.AllowGet));
}
var daten = DateTime.Now;
var date = daten.TotalSeconds();
var saltKey = FDIUtils.CreateSaltKey(5);
var sha1PasswordHash = FDIUtils.CreatePasswordHash(customer.Password, saltKey);
//get agencyinfo
var agencyDA = new AgencyDA();
var agency = agencyDA.GetItem(customer.PhoneAgency);
var obj = new Base.Customer
{
FullName = customer.FullName,
Phone = customer.Phone,
PasswordSalt = saltKey,
PassWord = sha1PasswordHash,
UserName = customer.UserName,
DateCreated = date,
IsDelete = false,
IsActive = true,
Reward = 0,
AgencyID = agency?.ID
};
_da.Add(obj);
_da.Save();
IAuthContainerModel model = new JWTContainerModel()
{
Claims = new Claim[]
{
new Claim(ClaimTypes.Name, obj.UserName),
new Claim("ID", obj.ID.ToString()),
}
};
IAuthService authService = new JWTService();
var token = authService.GenerateToken(model);
var result = new BaseResponse <CustomerItem>()
{
Erros = false,
Data = new CustomerItem()
{
FullName = obj.FullName,
Phone = obj.Phone,
Token = token
}
};
return(Json(result, JsonRequestBehavior.AllowGet));
var datee = daten.AddDays(5).TotalSeconds();
//var lg = new Ultils();
var code = Ultils.CodeLogin(daten);
var dNlogin = new DN_Login
{
CustomerID = obj.ID,
DateCreated = date,
DateEnd = datee,
Code = code,
IsOut = false
};
_dl.Add(dNlogin);
_dl.Save();
objr = new CustomerAppItem
{
ID = obj.ID,
Status = 1,
};
}
}
catch (Exception ex)
{
Log2File.LogExceptionToFile(ex);
}
return(Json(objr, JsonRequestBehavior.AllowGet));
}
public TokenModel LogIn([FromBody] Users user)
{
using (IUMdbEntities entities = new IUMdbEntities())
{
#region Validation
#region checkIfUserIsNull
if (user == null)
{
return(null);
}
#endregion
#region checkIfUserExist
bool checkIfUserExist = entities.Users
.Any(e => e.Username == user.Username);
if (!checkIfUserExist)
{
return(null);
}
#endregion
string dbUserHashedPassword = entities.Users
.Where(e => e.Username == user.Username)
.Select(e => e.Password)
.First();
CryptoService cryptoService = new CryptoService();
#region checkIfUserPasswordMatches
bool checkIfUserPasswordMatches = cryptoService.CompareStringToHash(user.Password, dbUserHashedPassword);
if (!checkIfUserPasswordMatches)
{
return(null);
}
#endregion
#endregion
Users dbUser = entities.Users
.First(e => e.Username == user.Username);
List <string> userRoles = entities.Workplaces
.Where(e => e.UserId == dbUser.Id)
.Select(e => e.UserRoles.RoleName)
.ToList();
JWTContainerModel newRefreshTokenJWTContainerModel = JWTContainerModel.GetUserJWTContainerModel(
user.Username, user.Password, userRoles, MyTokenTypes.RefreshToken);
JWTService serviceJWT = new JWTService(DefaultSecretKey.key);
string newRefreshToken = serviceJWT.GenerateToken(newRefreshTokenJWTContainerModel);
Users newUser = new Users()
{
Id = dbUser.Id,
Username = dbUser.Username,
Password = dbUser.Password,
RefreshToken = newRefreshToken,
GoogleId = dbUser.GoogleId
};
entities.Users.AddOrUpdate(newUser);
entities.SaveChanges();
return(new TokenModel(newRefreshToken));
}
}
/// <summary>
///
/// </summary>
/// <param name="key"></param>
/// <param name="code">Codelogin khởi tạo</param>
/// <param name="username">Tài khoản login</param>
/// <param name="pass">Pass login</param>
/// <param name="ischeck">Trạng thái duy trì 5 ngày</param>
/// <returns></returns>
public ActionResult Login(string key, string username, string pass, bool ischeck)
{
var objr = new CustomerAppItem
{
Status = 0,
};
//var lg = new Ultils();
var code = Guid.NewGuid().ToString();
// if (key != Keyapi) return Json(objr, JsonRequestBehavior.AllowGet);
var obj = _dl.GetPassByUserName(username);
if (obj != null)
{
var date = DateTime.Now;
var dateend = date.AddMinutes(20);
if (ischeck)
{
dateend = date.AddDays(5);
}
var timeend = dateend.TotalSeconds();
var pas = FDIUtils.CreatePasswordHash(pass, obj.PasswordSalt);
if (obj.Password == pas)
{
var dNlogin = new DN_Login
{
CustomerID = obj.ID,
DateCreated = date.TotalSeconds(),
DateEnd = timeend,
Code = code,
IsOut = false
};
_dl.Add(dNlogin);
_dl.Save();
obj.UserName = obj.UserName;
obj.CodeLogin = code;
obj.Status = 1;
obj.ID = obj.ID;
IAuthContainerModel model = new JWTContainerModel()
{
Claims = new Claim[]
{
new Claim(ClaimTypes.Name, obj.UserName),
new Claim("ID", obj.ID.ToString()),
}
};
IAuthService authService = new JWTService();
var token = authService.GenerateToken(model);
var result = new BaseResponse <CustomerItem>()
{
Erros = false,
Data = new CustomerItem()
{
FullName = obj.FullName,
Phone = obj.Phone,
Token = token
}
};
return(Json(result, JsonRequestBehavior.AllowGet));
}
return(Json(new JsonMessage(true, "Mật khẩu không đúng"), JsonRequestBehavior.AllowGet));
}
return(Json(new JsonMessage(true, "Tài khoản không tồn tại"), JsonRequestBehavior.AllowGet));
}
public void Setup()
{
model = JWTContainerModel.GetJWTContainerModel("Dmitry Ershov", "*****@*****.**");
service = new JWTAuthService(model.SecretKey);
}
