public override void OnActionExecuting(System.Web.Http.Controllers.HttpActionContext filterContext) { if (filterContext.ActionDescriptor.GetCustomAttributes <SkipMyGlobalActionFilterAttribute>().Any()) { return; } if (!filterContext.Request.Headers.Contains("JWT_TOKEN")) { throw new UnauthorizedAccessException(); } else { String token = filterContext.Request.Headers.GetValues("JWT_TOKEN").First(); IAuthContainerModel model = new JWTContainerModel(); IAuthService authService = new JWTService(model.SecretKey); if (!authService.IsTokenValid(token)) { throw new UnauthorizedAccessException(); } else { List <Claim> claims = authService.GetTokenClaims(token).ToList(); Console.WriteLine(claims.FirstOrDefault(e => e.Type.Equals(ClaimTypes.Name)).Value); Console.WriteLine(claims.FirstOrDefault(e => e.Type.Equals(ClaimTypes.Role)).Value); // Console.WriteLine(claims.FirstOrDefault(e => e.Type.Equals(ClaimTypes.PrimarySid)).Value); } } }
public Response GetToken([FromForm] string userName, [FromForm] string password) { var user = userService.Authenticate(userName, password); if (user == null) { return(new Response { StatusCode = 401, Message = "Unauthorize" }); } IAuthContainerModel authContainerModel = new JWTContainerModel(user) { }; IAuthService authService = new JWTService(authContainerModel.Secretkey); return(new Response { StatusCode = 200, Message = "OK", AccessToken = authService.GenerateToken(authContainerModel) }); }
public void KO_IssuerNotMatch() { //ARRANGER var Id = Guid.NewGuid(); var secretKey = "that's a single secret key used to not be hacked"; var claimsRequest = new Dictionary <string, string>(); claimsRequest.Add(eClaims.Name.ToString(), "Luca Fenu"); claimsRequest.Add(eClaims.Id.ToString(), Id.ToString()); claimsRequest.Add(eClaims.Mail.ToString(), "*****@*****.**"); //ACT IAuthContainerModel model = new JWTContainerModel(secretKey, 1, "http://localhost:123", claimsRequest); IAuthService authService = new JWTService(model); string token = authService.GenerateToken(); IAuthContainerModel modelResponse = new JWTContainerModel(secretKey, 1, "http://localhost:312", null); IAuthService authServiceResponse = new JWTService(modelResponse); var tokenResponse = authServiceResponse.GenerateToken(); //ASSERT Assert.IsFalse(authService.IsTokenValid(tokenResponse)); }
public void TestAuth() { JWTContainerModel JWT = new JWTContainerModel() { Claims = new Claim[] { new Claim(ClaimTypes.Name, "Kent Utterback"), new Claim(ClaimTypes.Email, "*****@*****.**") } }; JWTService authService = new JWTService(JWT.SecretKey); string token = authService.GenerateToken(JWT); if (!authService.IsTokenValid(token)) { Assert.Fail(); } List <Claim> claims = authService.GetTokenClaims(token).ToList(); Assert.Equals(claims.FirstOrDefault(claim => claim.Type.Equals(ClaimTypes.Name)).Value, "Kent Utterback"); Assert.Equals(claims.FirstOrDefault(claim => claim.Type.Equals(ClaimTypes.Email)).Value, "*****@*****.**"); }
public ActionResult Login(string username, string pass) { var obj = _dl.GetPassByUserName(username, true); if (obj == null) { return(Json(new BaseResponse <AgencyItem>() { Erros = true, Message = "Tên tài khoản không đúng" })); } var pas = FDIUtils.CreatePasswordHash(pass, obj.PasswordSalt); if (obj.Password != pas) { return(Json(new BaseResponse <AgencyItem>() { Erros = true, Message = "Mật khẩu không đúng" })); } if (obj.isLock != true) { return(Json(new BaseResponse <AgencyItem>() { Erros = true, Message = "Tài khoản chưa được kích hoạt" })); } IAuthContainerModel model = new JWTContainerModel() { Claims = new Claim[] { new Claim(ClaimTypes.Name, obj.UserName), new Claim("ID", obj.UserId.ToString()), new Claim("AgencyId", obj.AgencyID.ToString()), } }; IAuthService authService = new JWTService(); var token = authService.GenerateToken(model); var result = new BaseResponse <AgencyItem>() { Erros = false, Data = new AgencyItem() { FullName = obj.FullName, Phone = obj.Phone, Token = token, AgencyLevelId = obj.AgencyLevelId } }; return(Json(result, JsonRequestBehavior.AllowGet)); }
public JWTContainerModel CreateContainer(Session authData) { var jwtContainerModel = new JWTContainerModel { Claims = new[] { new Claim(ClaimTypes.Name, authData.Username), } }; return(jwtContainerModel); }
//POST: /auth/signin/ public async Task <IActionResult> SignIn([Bind("Username,Password")] LoginRequestModel login) { //Find a user with a matching email as entered var foundUser = await _context.Users .FirstOrDefaultAsync(m => m.Username == login.Username); //If no user was found, exit with error if (foundUser == null) { return(Unauthorized(new { error = "User not found" })); } //Otherwise, check the DB hash against our user's entered password's hash string loginPassHash = UserHelper.GeneratePasswordHash(login.Password, foundUser.Salt); bool authed = (foundUser.HashedPassword == loginPassHash); //If they failed to hash to the same value, return an error if (!authed) { return(Unauthorized(new { error = "Password entered is incorrect" })); } IAuthContainerModel model = new JWTContainerModel() { Claims = new Claim[] { new Claim("UserName", foundUser.Username), new Claim("IsAdmin", foundUser.IsAdmin.ToString()) }, }; //Generate a JWT token for further authentication IAuthService jwt = new JWTService(model.SecretKey); string jwtToken = jwt.GenerateToken(model); //Add it as a cookie to the response Response.Cookies.Append("t", jwt.GenerateToken(model)); //Return our JWT access token and the authenticated user's information // Make a temporary user to strip out private info out of the user model (like passwords) UserModel returnUser = new UserModel { _id = foundUser._id, Username = foundUser.Username, FName = foundUser.FName, LName = foundUser.LName, Email = foundUser.Email, }; return(Ok(new { JWTAccessToken = jwtToken, User = returnUser })); }
public async Task <ActionResult> ValidateToken(string token, string phone, string tokenDevice) { if (!tokenOtpDA.ValidateToken(token, phone, (int)TokenOtpType.Authen)) { return(Json(new JsonMessage(1000, "Thông tin đăng nhập không hợp lệ"), JsonRequestBehavior.AllowGet)); } tokenOtpDA.UpdateIsUsed(token, phone); await tokenOtpDA.SaveAsync(); var customer = customerDA.GetByPhone(phone, Type); var key = Guid.NewGuid(); IAuthContainerModel model = new JWTContainerModel() { Claims = new Claim[] { new Claim("Phone", customer.Mobile), new Claim("Type", "Token"), new Claim("ID", customer.ID.ToString()), }, ExpireMinutes = 10, }; IAuthContainerModel modelRefreshToken = new JWTContainerModel() { Claims = new Claim[] { new Claim("Phone", customer.Mobile), new Claim("Type", "RefreshToken"), new Claim("key", key.ToString()), new Claim("ID", customer.ID.ToString()), }, ExpireMinutes = 60 * 24 * 30, }; var tokenResponse = JWTService.Instance.GenerateToken(model); var refreshToken = JWTService.Instance.GenerateToken(modelRefreshToken); customerDA.InsertToken(new TokenRefresh() { GuidId = key }); customer.TokenDevice = tokenDevice; customerDA.Save(); return(Json(new BaseResponse <CustomerAppIG4Item>() { Code = 200, Erros = false, Message = "", Data = new CustomerAppIG4Item() { Token = tokenResponse, RefreshToken = refreshToken, ID = customer.ID, Fullname = customer.FullName } }, JsonRequestBehavior.AllowGet)); }
public string Get(string name, string email) { IAuthContainerModel model = new JWTContainerModel() { Claims = new Claim[] { new Claim(ClaimTypes.Name, name), new Claim(ClaimTypes.Email, email) } }; IAuthService authService = new JWTService(model.SecretKey); string token = authService.GenerateToken(model); return(token); }
public IActionResult GerarToken([FromBody] GerarTokenRequest request) { try { if (string.IsNullOrEmpty(request.Nome) || string.IsNullOrEmpty(request.Email)) { return(BadRequest(request)); } var model = new JWTContainerModel(request.Nome, request.Email); var tokenGenerated = _jWTService.GenerateToken(model); return(Ok(tokenGenerated)); } catch (Exception ex) { throw new Exception($"Erro ao gerar token: {ex.Message}"); } }
private static string getPhoneFromToken(string token) { try { string tokenPhone; IAuthContainerModel model = new JWTContainerModel(); IAuthService authService = new JWTService(model.SecretKey); List <Claim> claims = authService.GetTokenClaims(token).ToList(); string tokenName = claims.FirstOrDefault(e => e.Type.Equals(ClaimTypes.Name)).Value; tokenPhone = claims.FirstOrDefault(e => e.Type.Equals(ClaimTypes.MobilePhone)).Value; return(tokenPhone); } catch { throw; } }
public string ValidJWT(string token) { try { IAuthContainerModel model = new JWTContainerModel(); IAuthService authService = new JWTService(model.SecretKey); if (!authService.IsTokenValid(token)) { throw new UnauthorizedAccessException(); } else { List <Claim> claims = authService.GetTokenClaims(token).ToList(); return(claims.FirstOrDefault(e => e.Type.Equals(ClaimTypes.Name)).Value); } } catch (Exception) { return(null); } }
public JwtToken Handle() { User user = repository.GetUserByUsername(authenticationCredential.Username); if (user == null) { return(null); } bool isHashEqualToPassword = HashingUtils.IsGivenHashIdenticalWithGivenString(user.Password, authenticationCredential.Password); if (!isHashEqualToPassword) { return(null); } authenticationCredential.Password = null; List <Claim> claims = new List <Claim>(); foreach (UserRole userRole in user.Roles) { claims.Add(new Claim(ClaimTypes.Role, userRole.ToString())); } claims.Add(new Claim(ClaimTypes.Name, user.FirstName + " " + user.LastName)); claims.Add(new Claim(ClaimTypes.NameIdentifier, user.UserName)); JWTContainerModel jWtContainerModel = new JWTContainerModel() { Claims = claims.ToArray() }; JwtToken jwtToken = new JwtToken(jWtContainerModel); JwtToken result = jwtToken.IsValid ? jwtToken : null; return(result); }
private static Session CreateSession(string email, string handle, string displayName, string bio) { var authTokenContainerModel = new JWTContainerModel(SessionSecretKey, SecurityAlgorithms.HmacSha256Signature, 1440, new Claim[] { new Claim(ClaimTypes.Email, email), new Claim("TokenType", JWTTokenTypes.Auth) }); var refreshTokenContainerModel = new JWTContainerModel(SessionSecretKey, SecurityAlgorithms.HmacSha256Signature, 44640, new Claim[] { new Claim(ClaimTypes.Email, email), new Claim("TokenType", JWTTokenTypes.Refresh) }); var jwtService = new JWTService(SessionSecretKey); var authTokenExpireTime = new DateTimeOffset(DateTime.UtcNow.AddMinutes(Convert.ToInt32(authTokenContainerModel.ExpireMinutes))).ToUnixTimeSeconds(); var refreshTokenExpireTime = new DateTimeOffset(DateTime.UtcNow.AddMinutes(Convert.ToInt32(refreshTokenContainerModel.ExpireMinutes))).ToUnixTimeSeconds(); var authToken = new SessionToken(authTokenExpireTime, jwtService.GenerateToken(authTokenContainerModel)); var refreshToken = new SessionToken(refreshTokenExpireTime, jwtService.GenerateToken(refreshTokenContainerModel)); return(new Session(email, handle, displayName, bio, authToken, refreshToken)); }
public async Task <ActionResult> RefreshToken(string refreshToken) { if (!JWTService.Instance.IsTokenValid(refreshToken)) { return(Json(new JsonMessage(1000, "invalid token"))); } var tmp = JWTService.Instance.GetTokenClaims(refreshToken).FirstOrDefault(m => m.Type == "Type"); if (tmp.Value.ToString() != "RefreshToken") { return(Json(new JsonMessage(1000, "invalid token"))); } var phone = JWTService.Instance.GetTokenClaims(refreshToken).FirstOrDefault(m => m.Type == "Phone")?.Value.ToString(); var id = JWTService.Instance.GetTokenClaims(refreshToken).FirstOrDefault(m => m.Type == "ID")?.Value.ToString(); var key = Guid.Parse(JWTService.Instance.GetTokenClaims(refreshToken).FirstOrDefault(m => m.Type == "key")?.Value ?? throw new InvalidOperationException()); var oldToke = customerDA.GetTokenByGuidId(key); if (oldToke == null) { return(Json(new JsonMessage(1000, "invalid token"))); } customerDA.DeleteTokenRefresh(oldToke); key = Guid.NewGuid(); IAuthContainerModel model = new JWTContainerModel() { Claims = new Claim[] { new Claim("Phone", phone), new Claim("Type", "Token"), new Claim("ID", id), }, ExpireMinutes = 10, }; IAuthContainerModel modelRefreshToken = new JWTContainerModel() { Claims = new Claim[] { new Claim("Phone", phone), new Claim("key", key.ToString()), new Claim("Type", "RefreshToken"), new Claim("ID", id), }, ExpireMinutes = 60 * 24 * 30, }; var tokenResponse = JWTService.Instance.GenerateToken(model); var refreshTokenResponse = JWTService.Instance.GenerateToken(modelRefreshToken); customerDA.InsertToken(new TokenRefresh() { GuidId = key }); customerDA.Save(); return(Json(new BaseResponse <CustomerAppIG4Item>() { Code = 200, Erros = false, Message = "", Data = new CustomerAppIG4Item() { Token = tokenResponse, RefreshToken = refreshTokenResponse } }, JsonRequestBehavior.AllowGet)); }
public ActionResult ZaloCallback(string accesstoken) { try { var appId = 3722523456944291775; var appSecret = "MU1RP7QQ6k8ndjhPNqdj"; if (!string.IsNullOrEmpty(accesstoken)) { ZaloAppInfo appInfo = new ZaloAppInfo(appId, appSecret, "callbackUrl"); ZaloAppClient appClient = new ZaloAppClient(appInfo); JObject me = appClient.getProfile(accesstoken, "fields=a,name,id,birthday,gender,phone,picture"); var output = JsonConvert.SerializeObject(me); ZaloCustomerItem deserializedProduct = JsonConvert.DeserializeObject <ZaloCustomerItem>(output); if (string.IsNullOrEmpty(deserializedProduct.error)) { var cus = new Base.Customer { UserName = deserializedProduct.name, FullName = deserializedProduct.name, DateCreated = DateTime.Now.TotalSeconds(), IsActive = true, IsDelete = false, idUserZalo = deserializedProduct.id, AvatarUrl = deserializedProduct.picture.data.url, }; InsertCustomerZalo(cus); var customer = customerDA.GetbyidUserZalo(cus.idUserZalo); var key = Guid.NewGuid(); IAuthContainerModel model = new JWTContainerModel() { Claims = new Claim[] { new Claim(type: "Phone", value: customer.Mobile ?? ""), new Claim(type: "Type", value: "Token"), new Claim(type: "ID", value: customer.ID.ToString()), }, ExpireMinutes = 10, }; IAuthContainerModel modelRefreshToken = new JWTContainerModel() { Claims = new Claim[] { new Claim(type: "Phone", value: customer.Mobile ?? ""), new Claim(type: "Type", value: "RefreshToken"), new Claim(type: "key", value: key.ToString()), new Claim(type: "ID", value: customer.ID.ToString()), }, ExpireMinutes = 60 * 24 * 30, }; var tokenResponse = JWTService.Instance.GenerateToken(model: model); var refreshToken = JWTService.Instance.GenerateToken(model: modelRefreshToken); customerDA.InsertToken(data: new TokenRefresh() { GuidId = key }); customerDA.Save(); return(Json(data: new BaseResponse <CustomerAppIG4Item>() { Code = 200, Erros = false, Message = "", Data = new CustomerAppIG4Item() { Token = tokenResponse, RefreshToken = refreshToken, ID = customer.ID } }, behavior: JsonRequestBehavior.AllowGet)); } return(Json(data: new { Code = deserializedProduct.error, Erros = true, Message = "Có lỗi xảy ra vui lòng xem lại mã lỗi" }, behavior: JsonRequestBehavior.AllowGet)); } } catch (Exception e) { return(Redirect("/")); } return(Redirect("/")); }
public ActionResult GoogleCallback(string accesstoken, string token) { Userclass userinfo = new Userclass(); try { string url = "https://www.googleapis.com/oauth2/v1/userinfo?alt=json&access_token=" + accesstoken + ""; WebRequest request = WebRequest.Create(url); request.Credentials = CredentialCache.DefaultCredentials; WebResponse response = request.GetResponse(); Stream dataStream = response.GetResponseStream(); StreamReader reader = new StreamReader(dataStream); string responseFromServer = reader.ReadToEnd(); reader.Close(); response.Close(); JavaScriptSerializer js = new JavaScriptSerializer(); userinfo = js.Deserialize <Userclass>(responseFromServer); var cus = new Base.Customer { Email = userinfo.email, UserName = userinfo.email, FullName = userinfo.family_name + " " + userinfo.given_name + " " + userinfo.name, DateCreated = DateTime.Now.TotalSeconds(), IsActive = true, IsDelete = false, idUserGoogle = userinfo.id, AvatarUrl = userinfo.picture, TokenDevice = token, }; InsertCustomerGoogle(cus); var customer = customerDA.GetByidUserGoogle(cus.idUserGoogle); var key = Guid.NewGuid(); IAuthContainerModel model = new JWTContainerModel() { Claims = new Claim[] { new Claim(type: "Phone", value: customer.Mobile ?? ""), new Claim(type: "Type", value: "Token"), new Claim(type: "ID", value: customer.ID.ToString()), }, ExpireMinutes = 10, }; IAuthContainerModel modelRefreshToken = new JWTContainerModel() { Claims = new Claim[] { new Claim(type: "Phone", value: customer.Mobile ?? ""), new Claim(type: "Type", value: "RefreshToken"), new Claim(type: "key", value: key.ToString()), new Claim(type: "ID", value: customer.ID.ToString()), }, ExpireMinutes = 60 * 24 * 30, }; var tokenResponse = JWTService.Instance.GenerateToken(model: model); var refreshToken = JWTService.Instance.GenerateToken(model: modelRefreshToken); customerDA.InsertToken(data: new TokenRefresh() { GuidId = key }); customerDA.Save(); return(Json(data: new BaseResponse <CustomerAppIG4Item>() { Code = 200, Erros = false, Message = "", Data = new CustomerAppIG4Item() { Token = tokenResponse, RefreshToken = refreshToken } }, behavior: JsonRequestBehavior.AllowGet)); } catch (Exception e) { return(Redirect("/")); } return(Redirect("/")); }
public ActionResult FacebookCallback(string accesstoken, string token) { try { var fb = new FacebookClient(); if (!string.IsNullOrEmpty(accesstoken)) { fb.AccessToken = accesstoken; dynamic me = fb.Get("me?fields=first_name,middle_name,last_name,id,email"); var cus = new Base.Customer { Email = me.email, UserName = me.email, FullName = me.first_name + me.middle_name + me.last_name, DateCreated = DateTime.Now.TotalSeconds(), IsActive = true, IsDelete = false, idUserFacebook = me.id, TokenDevice = token, }; //dynamic pic = fb.Get(me.id+"/picture"); InsertCustomerFacebook(cus); var customer = customerDA.GetByidUserFacebook(cus.idUserFacebook); var key = Guid.NewGuid(); IAuthContainerModel model = new JWTContainerModel() { Claims = new Claim[] { new Claim(type: "Phone", value: customer.Mobile ?? ""), new Claim(type: "Type", value: "Token"), new Claim(type: "ID", value: customer.ID.ToString()), }, ExpireMinutes = 10, }; IAuthContainerModel modelRefreshToken = new JWTContainerModel() { Claims = new Claim[] { new Claim(type: "Phone", value: customer.Mobile ?? ""), new Claim(type: "Type", value: "RefreshToken"), new Claim(type: "key", value: key.ToString()), new Claim(type: "ID", value: customer.ID.ToString()), }, ExpireMinutes = 60 * 24 * 30, }; var tokenResponse = JWTService.Instance.GenerateToken(model: model); var refreshToken = JWTService.Instance.GenerateToken(model: modelRefreshToken); customerDA.InsertToken(data: new TokenRefresh() { GuidId = key }); customerDA.Save(); return(Json(data: new BaseResponse <CustomerAppIG4Item>() { Code = 200, Erros = false, Message = "", Data = new CustomerAppIG4Item() { Token = tokenResponse, RefreshToken = refreshToken, ID = customer.ID } }, behavior: JsonRequestBehavior.AllowGet)); } } catch (Exception e) { return(Redirect("/")); } return(Redirect("/")); }
public static IAuthService GetJWTService() { IAuthContainerModel containerModel = new JWTContainerModel(); return(new JWTService(containerModel.SecretKey)); }
public TokenModel StartSession([FromBody] TokenModel refreshToken) { using (IUMdbEntities entities = new IUMdbEntities()) { #region Validation #region CheckIfRefreshTokenIsNull if (refreshToken == null) { return(null); } #endregion JWTService serviceJWT = new JWTService(DefaultSecretKey.key); #region checkIfTokenIsValid if (!serviceJWT.IsTokenValid(refreshToken.Token)) { return(null); } #endregion string username, password, tokenType; List <string> userRoles; List <Claim> tokenClaims = serviceJWT.GetTokenClaims(refreshToken.Token).ToList(); username = tokenClaims.FirstOrDefault(e => e.Type.Equals(MyClaimsTypes.Username)).Value; password = tokenClaims.FirstOrDefault(e => e.Type.Equals(MyClaimsTypes.Password)).Value; userRoles = tokenClaims.FirstOrDefault(e => e.Type.Equals(MyClaimsTypes.Roles)).Value.Split(',').ToList(); tokenType = tokenClaims.FirstOrDefault(e => e.Type.Equals(MyClaimsTypes.TokenType)).Value; #region checkTokenType if (!tokenType.Equals(MyTokenTypes.RefreshToken)) { return(null); } #endregion #region checkIfRefreshTokenMatches bool checkIfRefreshTokenMatches = entities.Users .Any(e => e.Username == username && e.RefreshToken == refreshToken.Token); if (!checkIfRefreshTokenMatches) { return(null); } #endregion string dbUserHashedPassword = entities.Users .Where(e => e.Username == username) .Select(e => e.Password) .First(); CryptoService cryptoService = new CryptoService(); #region checkIfUserPasswordMatches bool checkIfUserPasswordMatches = cryptoService.CompareStringToHash(password, dbUserHashedPassword); if (!checkIfUserPasswordMatches) { return(null); } #endregion #endregion Users dbUser = entities.Users .Where(e => e.Username == username) .First(); JWTContainerModel newBearerTokenJWTContainerModel = JWTContainerModel.GetUserJWTContainerModel( username, password, userRoles, MyTokenTypes.BearerToken); string newBearerToken = serviceJWT.GenerateToken(newBearerTokenJWTContainerModel, true); Users newUser = new Users() { Id = dbUser.Id, Username = dbUser.Username, Password = dbUser.Password, RefreshToken = dbUser.RefreshToken, BearerToken = newBearerToken, GoogleId = dbUser.GoogleId }; entities.Users.AddOrUpdate(newUser); entities.SaveChanges(); return(new TokenModel(newBearerToken)); } }
public ActionResult Register(CustomerItem customer) { var objr = new CustomerAppItem { Status = 0 }; try { if (!string.IsNullOrEmpty(customer.Phone) && !string.IsNullOrEmpty(customer.Password)) { if (_da.CheckUserName(customer.Phone)) { return(Json(new BaseResponse <CustomerItem>() { Erros = true, Message = "Số điện thoại đã tồn tại", }, JsonRequestBehavior.AllowGet)); } var daten = DateTime.Now; var date = daten.TotalSeconds(); var saltKey = FDIUtils.CreateSaltKey(5); var sha1PasswordHash = FDIUtils.CreatePasswordHash(customer.Password, saltKey); //get agencyinfo var agencyDA = new AgencyDA(); var agency = agencyDA.GetItem(customer.PhoneAgency); var obj = new Base.Customer { FullName = customer.FullName, Phone = customer.Phone, PasswordSalt = saltKey, PassWord = sha1PasswordHash, UserName = customer.UserName, DateCreated = date, IsDelete = false, IsActive = true, Reward = 0, AgencyID = agency?.ID }; _da.Add(obj); _da.Save(); IAuthContainerModel model = new JWTContainerModel() { Claims = new Claim[] { new Claim(ClaimTypes.Name, obj.UserName), new Claim("ID", obj.ID.ToString()), } }; IAuthService authService = new JWTService(); var token = authService.GenerateToken(model); var result = new BaseResponse <CustomerItem>() { Erros = false, Data = new CustomerItem() { FullName = obj.FullName, Phone = obj.Phone, Token = token } }; return(Json(result, JsonRequestBehavior.AllowGet)); var datee = daten.AddDays(5).TotalSeconds(); //var lg = new Ultils(); var code = Ultils.CodeLogin(daten); var dNlogin = new DN_Login { CustomerID = obj.ID, DateCreated = date, DateEnd = datee, Code = code, IsOut = false }; _dl.Add(dNlogin); _dl.Save(); objr = new CustomerAppItem { ID = obj.ID, Status = 1, }; } } catch (Exception ex) { Log2File.LogExceptionToFile(ex); } return(Json(objr, JsonRequestBehavior.AllowGet)); }
public TokenModel LogIn([FromBody] Users user) { using (IUMdbEntities entities = new IUMdbEntities()) { #region Validation #region checkIfUserIsNull if (user == null) { return(null); } #endregion #region checkIfUserExist bool checkIfUserExist = entities.Users .Any(e => e.Username == user.Username); if (!checkIfUserExist) { return(null); } #endregion string dbUserHashedPassword = entities.Users .Where(e => e.Username == user.Username) .Select(e => e.Password) .First(); CryptoService cryptoService = new CryptoService(); #region checkIfUserPasswordMatches bool checkIfUserPasswordMatches = cryptoService.CompareStringToHash(user.Password, dbUserHashedPassword); if (!checkIfUserPasswordMatches) { return(null); } #endregion #endregion Users dbUser = entities.Users .First(e => e.Username == user.Username); List <string> userRoles = entities.Workplaces .Where(e => e.UserId == dbUser.Id) .Select(e => e.UserRoles.RoleName) .ToList(); JWTContainerModel newRefreshTokenJWTContainerModel = JWTContainerModel.GetUserJWTContainerModel( user.Username, user.Password, userRoles, MyTokenTypes.RefreshToken); JWTService serviceJWT = new JWTService(DefaultSecretKey.key); string newRefreshToken = serviceJWT.GenerateToken(newRefreshTokenJWTContainerModel); Users newUser = new Users() { Id = dbUser.Id, Username = dbUser.Username, Password = dbUser.Password, RefreshToken = newRefreshToken, GoogleId = dbUser.GoogleId }; entities.Users.AddOrUpdate(newUser); entities.SaveChanges(); return(new TokenModel(newRefreshToken)); } }
/// <summary> /// /// </summary> /// <param name="key"></param> /// <param name="code">Codelogin khởi tạo</param> /// <param name="username">Tài khoản login</param> /// <param name="pass">Pass login</param> /// <param name="ischeck">Trạng thái duy trì 5 ngày</param> /// <returns></returns> public ActionResult Login(string key, string username, string pass, bool ischeck) { var objr = new CustomerAppItem { Status = 0, }; //var lg = new Ultils(); var code = Guid.NewGuid().ToString(); // if (key != Keyapi) return Json(objr, JsonRequestBehavior.AllowGet); var obj = _dl.GetPassByUserName(username); if (obj != null) { var date = DateTime.Now; var dateend = date.AddMinutes(20); if (ischeck) { dateend = date.AddDays(5); } var timeend = dateend.TotalSeconds(); var pas = FDIUtils.CreatePasswordHash(pass, obj.PasswordSalt); if (obj.Password == pas) { var dNlogin = new DN_Login { CustomerID = obj.ID, DateCreated = date.TotalSeconds(), DateEnd = timeend, Code = code, IsOut = false }; _dl.Add(dNlogin); _dl.Save(); obj.UserName = obj.UserName; obj.CodeLogin = code; obj.Status = 1; obj.ID = obj.ID; IAuthContainerModel model = new JWTContainerModel() { Claims = new Claim[] { new Claim(ClaimTypes.Name, obj.UserName), new Claim("ID", obj.ID.ToString()), } }; IAuthService authService = new JWTService(); var token = authService.GenerateToken(model); var result = new BaseResponse <CustomerItem>() { Erros = false, Data = new CustomerItem() { FullName = obj.FullName, Phone = obj.Phone, Token = token } }; return(Json(result, JsonRequestBehavior.AllowGet)); } return(Json(new JsonMessage(true, "Mật khẩu không đúng"), JsonRequestBehavior.AllowGet)); } return(Json(new JsonMessage(true, "Tài khoản không tồn tại"), JsonRequestBehavior.AllowGet)); }
public void Setup() { model = JWTContainerModel.GetJWTContainerModel("Dmitry Ershov", "*****@*****.**"); service = new JWTAuthService(model.SecretKey); }