public IActionResult VerifyVerificationCodeSms(MobileVerificationDto dto)
{
var mobileNumber = CryptographyHelper.Decrypt(dto.EncryptedMobileNumber);
var user = UnitOfWork.UserRepository.Find(u => u.MobileNumber == mobileNumber).FirstOrDefault();
if (user == null)
{
return(NotFound());
}
bool result = UserManager.VerifyVerificationCodeSms(user, dto.Code);
if (result)
{
var nextStep = UserManager.GetNextAuthenticationStep(user, SecurityLevel, dto.RequestedSecurityLevel, AuthenticationSteps.Mobile);
if (nextStep == AuthenticationSteps.Done.ToString())
{
return(new ObjectResult(JwtHandler.Create(user.UserName, dto.RequestedSecurityLevel, dto.ApplicationId, dto.PageId)));
}
else
{
return(Ok(new { NextRoute = nextStep }));
}
}
else
{
return(StatusCode(400, new { Error = "کد ارسالی مورد تأیید نمی باشد" }));
}
}
public IActionResult Authenticate(IbTokenAuthenticate dto)
{
try
{
//UserAccount obj = DatabaseManagement.UserAccountManagement.ReadByUserName(userName);
var user = UnitOfWork.UserRepository.Find(u => u.UserName == dto.UserName).FirstOrDefault();
if (user == null)
{
return(NotFound(new { Error = "چنین کاربری در سیستم وجود ندارد" }));
}
byte[] serialNumber = Encoding.ASCII.GetBytes("12346578");;
int[] randomKeys = dto.RandomKeys;
if (true)//TokenUtility.CheckAlgorithm(randomKeys, serialNumber, dto.TokenResult))
{
var nextStep = UserManager.GetNextAuthenticationStep(user, SecurityLevel, dto.RequestedSecurityLevel, AuthenticationSteps.HardwareToken);
if (nextStep == AuthenticationSteps.Done.ToString())
{
return(new ObjectResult(JwtHandler.Create(user.UserName, dto.RequestedSecurityLevel, dto.ApplicationId, dto.PageId)));
}
else
{
return(Ok(new { NextRoute = nextStep }));
}
}
else
{
return(BadRequest());
}
}
catch (Exception ex)
{
return(BadRequest());
}
}
public IActionResult RefreshToken(RefreshTokenDto dto)
{
if (User?.Identity?.Name == null)
{
return(Unauthorized());
}
return(new ObjectResult(JwtHandler.Create(User.Identity.Name, SecurityLevel, dto.ApplicationId, 0)));
}
public IActionResult Login(UserCredentialsDto dto)
{
try
{
var captchaValidated = CaptchaHelper.ValidateCaptcha(dto.CaptchaKey, dto.UserCaptchaInput);
if (captchaValidated == true)
{
var setting = UnitOfWork.SettingRepository.GetAll().FirstOrDefault();
if (setting == null)
{
return(StatusCode(500, new { Error = "تنظیمات سیستم تعریف نشده است" }));
}
var user = UnitOfWork.UserRepository.Find(u => u.UserName == dto.UserName).FirstOrDefault();
if (user == null)
{
return(Unauthorized(new { Error = "نام کاربری یا کلمه عبور اشتباه است" }));
}
if (UserManager.IsUserLocked(user))
{
return(Unauthorized(new { Error = "حساب کاربری شما به علت وارد کردن رمز عبور اشتباه بیش از حد مجاز برای دقایقی مسدود شده است." }));
}
var result = UserManager.VerifyPassword(dto.UserName, dto.Password);
if (result == "Failed")
{
UserManager.IncreaseUserFailedPasswordCount(user);
if (UserManager.HasUserPassedMaxFailedPasswordCount(user, setting))
{
UserManager.LockUser(user, setting);
UnitOfWork.Complete();
return(Unauthorized(new { Error = "حساب کاربری شما به علت وارد کردن رمز عبور اشتباه بیش از حد مجاز برای دقایقی مسدود شده است." }));
}
UnitOfWork.Complete();
return(Unauthorized(new { Error = "نام کاربری یا کلمه عبور اشتباه است" }));
}
UserManager.UnlockUser(user);
var nextStep = UserManager.GetNextAuthenticationStep(user, SecurityLevel, dto.RequestedSecurityLevel, AuthenticationSteps.Login);
if (nextStep == AuthenticationSteps.Done.ToString())
{
return(new ObjectResult(JwtHandler.Create(user.UserName, dto.RequestedSecurityLevel, dto.ApplicationId, dto.PageId)));
}
else
{
return(Ok(new { NextRoute = nextStep }));
}
}
else
{
return(StatusCode(400, new { Error = "کلید تصویر امنیتی معتبر نمی باشد" }));
}
}
catch (Exception ex)
{
return(StatusCode(500, ex));
}
}
public void Generate()
{
var token = _jwtHandler.Create(new ClaimsIdentity(new[] {
new Claim(ClaimTypes.NameIdentifier, "hamèd"),
new Claim(ClaimTypes.Name, "User")
}));
var claims = _jwtHandler.Validate(token);
}
public void ShouldCreateValidTokenWhenKeysAreValid()
{
var jwtSettingsMock = new Mock <IOptions <JwtSettings> >();
var jwtSettings = new JwtSettings();
jwtSettings.Issuer = "http://localhost:5000";
jwtSettings.PrivateKeyXML = "private-key.xml";
jwtSettings.PublicKeyXML = "public-key.xml";
jwtSettingsMock.Setup(j => j.Value).Returns(jwtSettings);
var jwtHandler = new JwtHandler(jwtSettingsMock.Object);
var token = jwtHandler.Create(Guid.NewGuid().ToString());
var tokenHandler = new JwtSecurityTokenHandler();
var exception = Record.Exception(() => tokenHandler.ValidateToken(token.Token, jwtHandler.Parameters, out _));
Assert.Null(exception);
}
public void Token_Service_Generate_Tokens()
{
var secret = Guid.NewGuid().ToString();
var options = Options.Create <JwtOptions>(new JwtOptions {
ExpiryMinutes = 2, Issuer = "JuntoSeguros", SecretKey = secret
});
var jwtProvider = new JwtHandler(options);
var token = jwtProvider.Create("my_login", "my_name");
Assert.NotNull(token);
Assert.IsNotEmpty(token.Token);
var decodedToken = jwtProvider.Decode(token.Token);
Assert.NotNull(decodedToken);
Assert.AreEqual(decodedToken.Login, "my_login");
Assert.AreEqual(decodedToken.Name, "my_name");
}
