public IActionResult Login([FromBody] LoginViewModel loginModel)
{
var response = new LoginResponseViewModel();
if (ModelState.IsValid)
{
var user = _userManager.FindByNameAsync(loginModel.UserName).Result;
if (user != null)
{
response.Email = user.Email;
if (_passwordHasher.VerifyHashedPassword(user, user.PasswordHash, loginModel.Password) == PasswordVerificationResult.Success)
{
response.IsLoginSuccessful = true;
response.Token = GetToken(user);
return(Ok(response));
}
else
{
return(BadRequest("username or password is invalid"));
}
}
}
else
{
return(BadRequest(ModelState));
}
return(BadRequest("User not registeed."));
}
private async Task <LoginResponseViewModel> GerarJwt(string email)
{
var user = await _userManager.FindByEmailAsync(email);
var claims = await _userManager.GetClaimsAsync(user);
var userRoles = await _userManager.GetRolesAsync(user);
// adiciona novas claims do usuário
claims.Add(new Claim(JwtRegisteredClaimNames.Sub, user.Id));
claims.Add(new Claim(JwtRegisteredClaimNames.Email, user.Email));
claims.Add(new Claim(JwtRegisteredClaimNames.Jti, Guid.NewGuid().ToString()));
claims.Add(new Claim(JwtRegisteredClaimNames.Nbf, ToUnixEpochDate(DateTime.UtcNow).ToString()));
claims.Add(new Claim(JwtRegisteredClaimNames.Iat, ToUnixEpochDate(DateTime.UtcNow).ToString(), ClaimValueTypes.Integer64));
// adicona roles do user
foreach (var userRole in userRoles)
{
claims.Add(new Claim("role", userRole));
}
var identityClaims = new ClaimsIdentity();
identityClaims.AddClaims(claims);
var tokenHandler = new JwtSecurityTokenHandler();
var key = Encoding.ASCII.GetBytes(_appSettings.Secret);
var securityTokenDescriptor = new SecurityTokenDescriptor
{
Issuer = _appSettings.Emissor,
Audience = _appSettings.ValidoEm,
Subject = identityClaims, // passa as claims customizadas
Expires = DateTime.UtcNow.AddHours(_appSettings.ExpiracaoHoras),
SigningCredentials = new SigningCredentials(new SymmetricSecurityKey(key), SecurityAlgorithms.HmacSha256Signature)
};
var token = tokenHandler.CreateToken(securityTokenDescriptor);
var encodedeToken = tokenHandler.WriteToken(token);
// monta resposta mais detalhada do token e informações do usuário
var response = new LoginResponseViewModel
{
AccessToken = encodedeToken,
ExpiresIn = TimeSpan.FromHours(_appSettings.ExpiracaoHoras).TotalSeconds,
UserToken = new UserTokenViewModel
{
Id = user.Id,
Email = user.Email,
Claims = claims.Select(c => new ClaimViewModel
{
Type = c.Type,
Value = c.Value
})
}
};
return(response);
}
public async Task <LoginResponseViewModel> LoginAsync(LoginDto dto)
{
var user = _DB.Users.SingleOrDefault(x => x.UserName == dto.Username && !x.IsDelete);
if (user == null)
{
throw new ("Invalid Username");
}
var result = await _signInManager.CheckPasswordSignInAsync(user, dto.Password, false);
if (result.Succeeded)
{
user.FCMToken = dto.FCM;
_DB.Users.Update(user);
_DB.SaveChanges();
var token = GenerateAccessToken(user);
var response = new LoginResponseViewModel();
response.Token = token;
response.User = new UserViewModel()
{
Password = user.Password,
FirstName = user.FirstName,
LastName = user.LastName,
UserType = user.UserType
};
return(response);
//var usersVM = _mapper.Map<List<UserEntity>, List<UserViewModel>>();
}
return(null);
}
public LoginResponseViewModel Login(LoginRequestViewModel request)
{
Log.Information("Start - Login request for user: {0}", request.LoginName);
LoginResponseViewModel ret = null;
//1 - validation
var account = _accountRepository.GetByLoginName(request.LoginName);
//2 - Check if account exist
if (account != null && account.Id != 0)
{
//3 - Check if password is correct
if (!String.Equals(CommonHelper.EncodePasswordToBase64(request.Password, _config.GetValue <string>("HashKey")), account.Password))
{
CommonHelper.ThrowAppException("Username or Password is incorrect!");
}
ret = new LoginResponseViewModel()
{
LoginName = account.LoginName,
Id = account.Id,
AccountNumber = account.AccountNumber
};
}
Log.Information("End - Login request for user: {0}", request.LoginName);
return(ret);
}
public async Task <JsonResult> Login([FromBody] LoginViewModel vm)
{
try
{
if (ModelState.IsValid)
{
LoginResponseViewModel responseVM = await ProviderLogin(vm);
Response.StatusCode = (int)HttpStatusCode.OK;
return(Json(responseVM));
}
else
{
_logger.LogError("Invalid login model.");
Response.StatusCode = (int)HttpStatusCode.BadRequest;
return(Json(new Message(ModelState)));
}
}
catch (Exception ex)
{
_logger.LogError("Failed to retrieve user.", ex);
Response.StatusCode = (int)HttpStatusCode.BadRequest;
return(Json(new Message(ex)));
}
}
private async Task <LoginResponseViewModel> GerarJwt(string email)
{
var usuario = await _userManager.FindByEmailAsync(email);
var tokenHandler = new JwtSecurityTokenHandler();
var key = Encoding.ASCII.GetBytes(_appSettings.Secret);
var token = tokenHandler.CreateToken(new SecurityTokenDescriptor
{
Issuer = _appSettings.Emissor,
Audience = _appSettings.ValidoEm,
Expires = DateTime.UtcNow.AddHours(_appSettings.ExpiracaoHoras),
SigningCredentials = new SigningCredentials(new SymmetricSecurityKey(key), SecurityAlgorithms.HmacSha256Signature)
});
var encodedToken = tokenHandler.WriteToken(token);
var response = new LoginResponseViewModel
{
TokenAcesso = encodedToken,
ExpiraEm = TimeSpan.FromHours(_appSettings.ExpiracaoHoras).TotalSeconds,
TokenUsuario = new TokenUsuarioViewModel()
{
Id = usuario.Id,
Email = usuario.Email
}
};
return(response);
}
public async Task <IActionResult> Login([FromBody] LoginViewModel lvm)
{
Log.Info("Login flow started");
//validate
if (string.IsNullOrEmpty(lvm.email) || string.IsNullOrEmpty(lvm.password))
{
string msg = "Missing Parameters";
Log.Warn(msg);
return(BadRequest(msg));
}
//Act
User user = await _lService.Login(lvm.email, lvm.password);
if (user == null)
{
string msg = "Could not log user in.";
Log.Warn(msg);
return(BadRequest(ResponseViewModel.GetSuccessModel(msg)));
}
var response = new LoginResponseViewModel(user);
//Response
Log.Info("Login flow Succes");
return(Ok(response));
}
public async Task <IActionResult> Login(LoginViewModel vm)
{
LoginResponseViewModel response = new LoginResponseViewModel();
var userFromRepo = await auth.Login(vm.Username.ToLower(), vm.Password);
if (userFromRepo == null)
{
response.StatusCode = "Unauthorized";
return(BadRequest());
}
var claims = new[]
{
new Claim(ClaimTypes.NameIdentifier, userFromRepo.Id.ToString()),
new Claim(ClaimTypes.Name, userFromRepo.Username)
};
var key = new SymmetricSecurityKey(Encoding.UTF8.GetBytes(config.GetSection("AppSettings:Token").Value));
var creds = new SigningCredentials(key, SecurityAlgorithms.HmacSha512Signature);
var tokenDescriptor = new SecurityTokenDescriptor
{
Subject = new ClaimsIdentity(claims),
Expires = DateTime.Now.AddDays(1),
SigningCredentials = creds
};
var tokenHandler = new JwtSecurityTokenHandler();
var token = tokenHandler.CreateToken(tokenDescriptor);
response.StatusCode = "Ok";
response.Token = tokenHandler.WriteToken(token);
return(Ok(new { token = tokenHandler.WriteToken(token) }));
}
public async Task <ActionResult <string> > Registrar([FromBody] RegisterUserViewModel registroUsuarioVM)
{
if (!ModelState.IsValid)
{
return(CustomResponse(ModelState));
}
var user = new IdentityUser
{
UserName = registroUsuarioVM.Email,
Email = registroUsuarioVM.Email,
EmailConfirmed = true,
};
var result = await _userManager.CreateAsync(user, registroUsuarioVM.Password);
if (result.Succeeded)
{
// Logar o usuário na app
await _signInManager.SignInAsync(user, false);
LoginResponseViewModel token = await JwtGenerator.GerarToken(registroUsuarioVM.Email, _appSettings, _userManager);
return(CustomResponse(token));
}
else
{
// Erros capturados ao criar usuário
var errors = result.Errors.Select(e => e.Description).ToArray();
return(CustomErrorResponse(errors));
}
}
public static LoginResponseViewModel Login(LoginRequestViewModel model)
{
var result = new LoginResponseViewModel();
try
{
var existingUser = db.Users.FirstOrDefault(p => p.UserName == model.UserName);
if (existingUser == null)
{
result.Message = "User not found";
}
else
{
if (model.HashedPassword == existingUser.PasswordHashed)
{
result.Status = true;
result.Message = "Successfully logged in";
result.UserId = existingUser.Id;
result.UserName = existingUser.UserName;
result.Type = existingUser.UserType;
}
else
{
result.Message = "Password didnot match";
}
}
}
catch (Exception ex)
{
result.Message = ex.Message;
}
return(result);
}
public async Task <IActionResult> Login([FromBody] LoginViewModel info)
{
//info.userName = System.Net.WebUtility.UrlDecode(info.userName);
//info.password = System.Net.WebUtility.UrlDecode(info.password);
var user = await _userManager.FindByNameAsync(info.userName);
if (user != null && await _userManager.CheckPasswordAsync(user, info.password))
{
var roles = await _userManager.GetRolesAsync(user);
LoggedInUserInfo userInfo = new LoggedInUserInfo();
userInfo.UserID = user.Id;
userInfo.FirstName = user.FirstName;
userInfo.LastName = user.LastName;
userInfo.UserName = user.UserName;
userInfo.Role = roles.FirstOrDefault();
var success = new SuccessfulLoginResponse {
Token = Jwt.GetTokenFor(user.Id.ToString(), roles.FirstOrDefault()), User = userInfo
};
var response = new LoginResponseViewModel();
response.successResonse = success;
return(Ok(response));
}
else
{
var response = new LoginResponseViewModel();
response.failedResponse = new FailedLoginResponse {
Error = 1007
};
return(UnauthorizedError(response));
}
}
internal static LoginResponseViewModel ValidateUser(LoginViewModel model)
{
using (var context = GetMMBContext())
{
//model.password = CommonFunctions.CustomEncryptString(model.password, EncryptionKey.LoginPartialEncKey);
var userDetails = context.User.Where(r => r.Username == model.Username && r.RecordStatus == 1).ToList();
if (userDetails.Any())
{
var matchedUser = userDetails.FirstOrDefault(r => r.UserPassword == model.Password);
if (matchedUser != null)
{
var result = new LoginResponseViewModel
{
UserId = matchedUser.Id,
//DisplayName = matchedUser.Staffs.FirstOrDefault(x => x.User.Username.ToLower() == model.username.ToLower()).FirstName + " " + matchedUser.Staffs.FirstOrDefault(x => x.User.Username.ToLower() == model.username.ToLower()).LastName,
DisplayName = matchedUser.Username,
Success = true,
Response = ""
};
result.c = CommonFunctions.GetDefaultSessionTimeOut();
//result.userType = CommonFunctions.GetUserRoleNameFromRoleId(matchedUser.UserRoles.FirstOrDefault().RoleId);
result.LoginKey = GetEncLoginKey(matchedUser.Username, matchedUser.UserPassword, matchedUser.Id);
return(result);
}
}
}
return(new LoginResponseViewModel
{
Success = false
});
}
private async Task <LoginResponseViewModel> VerifyTokenOauth(string email)
{
var user = await _userManager.FindByEmailAsync(email);
var claims = await _userManager.GetClaimsAsync(user);
var userRoles = await _userManager.GetRolesAsync(user);
foreach (var userRole in userRoles)
{
claims.Add(new Claim("role", userRole));
}
var identityClaims = new ClaimsIdentity();
identityClaims.AddClaims(claims);
var response = new LoginResponseViewModel
{
AccessToken = "",
ExpiresIn = TimeSpan.FromHours(_appSettings.ExpiresinHrs).TotalSeconds,
UserToken = new UserTokenViewModel
{
Id = user.Id,
Email = user.Email,
Claims = claims.Select(c => new ClaimViewModel {
Type = c.Type, Value = c.Value
})
}
};
return(response);
}
private async void Button_Click(object sender, RoutedEventArgs e)
{
RestService <LoginViewModel, string> loginservice = new RestService <LoginViewModel, string>(
"https://localhost:44346/", "/login");
LoginResponseViewModel lrvm = null;
try
{
lrvm = await loginservice.Post <LoginResponseViewModel>(new LoginViewModel()
{
Username = tb_user.Text,
Password = tb_pass.Password
});
MainWindow mw = new MainWindow(lrvm.Token);
this.Visibility = Visibility.Hidden;
mw.ShowDialog();
this.Close();
}
catch (System.Net.Http.HttpRequestException re)
{
MessageBox.Show(re.Message, "Error", MessageBoxButton.OK, MessageBoxImage.Error);
}
}
private async Task <LoginResponseViewModel> GerarJwt(string email)
{
var user = await _userManager.FindByEmailAsync(email);
var claims = await _userManager.GetClaimsAsync(user);
var userRoles = await _userManager.GetRolesAsync(user);
string encodedToken = EncodeToken(user, claims, userRoles);
var response = new LoginResponseViewModel
{
AccessToken = encodedToken,
ExpiresIn = TimeSpan.FromHours(_appSettings.ExpiracaoHoras).TotalSeconds,
UserToken = new UserTokenViewModel
{
Id = user.Id,
Email = user.Email,
Claims = claims.Select(c => new ClaimViewModel {
Type = c.Type, Value = c.Value
})
}
};
return(response);
}
public async Task <ActionResult <LoginResponseViewModel> > Authenticate(LoginViewModel model)
{
User user = await _userRepository.GetUserWithPasswordByUsername(model.Username);
if (user is null)
{
return(NotFound());
}
if (!_passwordHasher.VerifyPassword(user.Password, model.Password))
{
return(BadRequest());
}
string token = _tokenService.GenerateToken(user);
var userViewModel = new UserViewModel
{
Id = user.Id,
Username = user.Username
};
var loginResponseViewModel = new LoginResponseViewModel
{
Token = token,
Data = userViewModel
};
return(Ok(loginResponseViewModel));
}
public IHttpActionResult Authenticate([FromBody] LoginViewModel vm)
{
var loginResponse = new LoginResponseViewModel {
};
LoginViewModel loginRequest = new LoginViewModel {
};
loginRequest.Username = vm.Username.ToLower();
loginRequest.Password = vm.Password;
IHttpActionResult response;
HttpResponseMessage responseMsg = new HttpResponseMessage();
bool isUserNameandPasswordValid = false;
if (vm != null)
{
isUserNameandPasswordValid = loginRequest.Password == "admin" ? true : false;
}
if (isUserNameandPasswordValid)
{
string token = TokenManager.CreateToken(loginRequest.Username);
return(Ok <string>(token));
}
else
{
loginResponse.ResponseMsg.StatusCode = HttpStatusCode.Unauthorized;
response = ResponseMessage(loginResponse.ResponseMsg);
return(response);
}
}
public HttpResponseMessage LoginMobile(HttpRequestMessage request, LoginViewModel user)
{
return(CreateHttpResponse(request, () =>
{
HttpResponseMessage response = null;
LoginResponseViewModel loginResponseVM = new LoginResponseViewModel();
if (ModelState.IsValid)
{
MembershipContext _userContext = _membershipService.ValidateUser(user.Username, user.Password);
if (_userContext.User != null)
{
// response = request.CreateResponse(HttpStatusCode.OK, new { success = true });
loginResponseVM = Mapper.Map <User, LoginResponseViewModel>(_userContext.User);
response = request.CreateResponse <LoginResponseViewModel>(HttpStatusCode.OK, loginResponseVM);
}
else
{
response = request.CreateResponse(HttpStatusCode.Unauthorized, new { success = false });
}
}
else
{
response = request.CreateResponse(HttpStatusCode.Unauthorized, new { success = false });
}
return response;
}));
}
/// Gerar Json Web Token utilizando Claims
/// </summary>
/// <param name="email">e-mail</param>
/// <returns>Retorna um LoginResponseViewModel com dados do token e claims populado, dentro do nó data do JWT</returns>
private async Task <LoginResponseViewModel> GerarJwt(string email)
{
//Claims
var user = await _userManager.FindByEmailAsync(email); //Obtem o usuário
var claims = await _userManager.GetClaimsAsync(user); //Obtem as claims do usuário
var userRoles = await _userManager.GetRolesAsync(user); //Obtem as regras
//Adiciono as claims do usuário as claims do token
claims.Add(new Claim(JwtRegisteredClaimNames.Sub, user.Id));
claims.Add(new Claim(JwtRegisteredClaimNames.Email, user.Email));
claims.Add(new Claim(JwtRegisteredClaimNames.Jti, Guid.NewGuid().ToString()));
claims.Add(new Claim(JwtRegisteredClaimNames.Nbf, ToUnixEpochDate(DateTime.UtcNow).ToString()));
claims.Add(new Claim(JwtRegisteredClaimNames.Iat, ToUnixEpochDate(DateTime.UtcNow).ToString(), ClaimValueTypes.Integer64));
//Adiciono as regras as claims
foreach (var userRole in userRoles)
{
claims.Add(new Claim("role", userRole));
}
//Converto para o tipo ClaimsIdentity
var identityClaims = new ClaimsIdentity();
//Adiciono a coleção de claims
identityClaims.AddClaims(claims);
//---------------------------------------
var tokenHandler = new JwtSecurityTokenHandler();
var key = Encoding.ASCII.GetBytes(_appSettings.Secret);
var token = tokenHandler.CreateToken(new SecurityTokenDescriptor
{
Issuer = _appSettings.Emissor,
Audience = _appSettings.ValidoEm,
Subject = identityClaims, //Adicono ao token as clains criadas
Expires = DateTime.UtcNow.AddHours(_appSettings.ExpiracaoHoras),
SigningCredentials = new SigningCredentials(new SymmetricSecurityKey(key), SecurityAlgorithms.HmacSha256Signature)
});
var encodedToken = tokenHandler.WriteToken(token);
// Populo LoginResponseViewModel com dados para o front-end
var response = new LoginResponseViewModel
{
AccessToken = encodedToken,
ExpiresIn = TimeSpan.FromHours(_appSettings.ExpiracaoHoras).TotalSeconds,
UserToken = new UserTokenViewModel
{
Id = user.Id,
Email = user.Email,
Claims = claims.Select(c => new ClaimViewModel {
Type = c.Type, Value = c.Value
})
}
};
return(response);
}
public LoginResponseViewModel Obter(LoginRequestViewModel request)
{
Login requestModel = _loginMapper.DeViewModelParaModel(request);
Login responseModel = _loginService.Obter(requestModel);
LoginResponseViewModel response = _loginMapper.DeModelParaViewModel(responseModel);
return(response);
}
public ActionResult Login(LoginRequestViewModel loginRequestViewModel)
{
// Initialize
questStatus status = null;
LoginResponseViewModel loginResponseViewModel = null;
/*----------------------------------------------------------------------------------------------------------------------------------
* Log Operation
*---------------------------------------------------------------------------------------------------------------------------------*/
status = LogOperation();
if (!questStatusDef.IsSuccess(status))
{
loginResponseViewModel = new LoginResponseViewModel();
loginResponseViewModel.UserMessages[0] = new UserMessageModeler(status).UserMessage;
status.Message = null;
loginResponseViewModel.questStatus = status;
TempData["LoginResponseViewModel"] = loginResponseViewModel;
return(RedirectToAction("Index"));
}
/*----------------------------------------------------------------------------------------------------------------------------------
* Authorize
*---------------------------------------------------------------------------------------------------------------------------------*/
status = Authorize();
if (!questStatusDef.IsSuccess(status))
{
loginResponseViewModel = new LoginResponseViewModel();
loginResponseViewModel.UserMessages[0] = new UserMessageModeler(status).UserMessage;
status.Message = null;
loginResponseViewModel.questStatus = status;
TempData["LoginResponseViewModel"] = loginResponseViewModel;
return(RedirectToAction("Index"));
}
/*----------------------------------------------------------------------------------------------------------------------------------
* Login
*---------------------------------------------------------------------------------------------------------------------------------*/
UserSessionId userSessionId = null;
AccountModeler accountModeler = new AccountModeler(this.Request, this.UserSession);
status = accountModeler.Login(Request, loginRequestViewModel, out userSessionId);
if (!questStatusDef.IsSuccess(status))
{
loginResponseViewModel = new LoginResponseViewModel();
////loginResponseViewModel.UserMessages.Add(new UserMessageModeler(new questStatus(Severity.Error, "Invalid username or password")).UserMessage);
loginResponseViewModel.UserMessages.Add(new UserMessageModeler(new questStatus(status.Severity, status.Message)).UserMessage);
status.Message = null;
loginResponseViewModel.questStatus = status;
TempData["LoginResponseViewModel"] = loginResponseViewModel;
return(RedirectToAction("Index"));
}
/*----------------------------------------------------------------------------------------------------------------------------------
* Direct user to home page.
*---------------------------------------------------------------------------------------------------------------------------------*/
return(RedirectToAction("Index", "Home", new { _ctx = userSessionId.Id }));
}
//private string GerarJwt()//Token simples
//private async Task<string> GerarJwt(string email)//token com as claims
private async Task <LoginResponseViewModel> GerarJwt(string email)//Passando Mais informacoes para o client
{
var user = await _userManager.FindByEmailAsync(email);
var claims = await _userManager.GetClaimsAsync(user);
var userRoles = await _userManager.GetRolesAsync(user);
claims.Add(new Claim(JwtRegisteredClaimNames.Sub, user.Id));
claims.Add(new Claim(JwtRegisteredClaimNames.Email, user.Email));
claims.Add(new Claim(JwtRegisteredClaimNames.Jti, Guid.NewGuid().ToString()));
claims.Add(new Claim(JwtRegisteredClaimNames.Nbf, ToUnixExpochDate(DateTime.UtcNow).ToString()));
claims.Add(new Claim(JwtRegisteredClaimNames.Iat, ToUnixExpochDate(DateTime.UtcNow).ToString(), ClaimValueTypes.Integer64));
foreach (var userRole in userRoles)
{
claims.Add(new Claim("role", userRole));
}
var identityClaims = new ClaimsIdentity();
identityClaims.AddClaims(claims);
#region Forma Basica - Sem permissoes, email, etcs
var tokenHandler = new JwtSecurityTokenHandler();
var key = Encoding.ASCII.GetBytes(_appSettings.Secret);
var token = tokenHandler.CreateToken(new SecurityTokenDescriptor
{
Issuer = _appSettings.Emissor,
Audience = _appSettings.ValidoEm,
Subject = identityClaims,
Expires = DateTime.UtcNow.AddHours(_appSettings.ExiperacaoHoras),
SigningCredentials = new SigningCredentials(new SymmetricSecurityKey(key), SecurityAlgorithms.HmacSha256Signature)
});
#endregion
var encondedToken = tokenHandler.WriteToken(token);
//return encondedToken;
var response = new LoginResponseViewModel
{
AccessToken = encondedToken,
ExpiresIn = TimeSpan.FromHours(_appSettings.ExiperacaoHoras).TotalSeconds,
User = new UserTokenViewModel
{
Id = user.Id,
Email = user.Email,
Claims = claims.Select(cd => new ClaimViewModel {
Type = cd.Type, Value = cd.Value
})
}
};
return(response);
}
/// <summary>
/// Administrator Login
/// </summary>
/// <param name="userLogin"></param>
/// <returns></returns>
public LoginResponseViewModel LoginAdmin(UserLogin userLogin)
{
LoginResponseViewModel logModel = new LoginResponseViewModel();
try
{
if (userLogin != null)
{
using (var db = new Orchard9Entities())
{
// checking whether Email id is present in the database or not
var v = db.tblUsers.Where(a => a.EmailId == userLogin.EmailId && a.Role == 2).FirstOrDefault();
if (v != null)
{
if (!v.IsVerified)
{
logModel.StatusMessage = "Email Not Verified";
return(logModel);
}
if (string.Compare(userLogin.Password, v.Password) == 0)
{
logModel.userLogin = (from res in db.tblUsers
where res.EmailId == userLogin.EmailId
select new UserLogin()
{
EmailId = res.EmailId,
UserId = res.UserId,
Role = res.Role
}).FirstOrDefault();
logModel.StatusMessage = "Login Successful";
return(logModel);
}
else
{
logModel.StatusMessage = "Invalid Password";
return(logModel);
}
}
else
{
logModel.StatusMessage = " User account not found, please register before Login ";
return(logModel);
}
}
}
else
{
logModel.StatusMessage = "Input model is empty";
return(logModel);
}
}
catch (Exception ex)
{
logModel.StatusMessage = ex.Message;
return(logModel);
}
}
private async Task <LoginResponseViewModel> GerarJwt(AppUser user)
{
var userRoles = await _userManager.GetRolesAsync(user);
var claims = new List <Claim>();
foreach (var roleName in userRoles)
{
var role = await _roleManager.FindByNameAsync(roleName);
claims.AddRange(await _roleManager.GetClaimsAsync(role));
}
claims.Add(new Claim(JwtRegisteredClaimNames.Sub, user.Id.ToString()));
claims.Add(new Claim(JwtRegisteredClaimNames.Email, user.Email));
claims.Add(new Claim(JwtRegisteredClaimNames.Jti, Guid.NewGuid().ToString()));
claims.Add(new Claim(JwtRegisteredClaimNames.Nbf, DateTime.Now.ToUnixEpochDate().ToString()));
claims.Add(new Claim(JwtRegisteredClaimNames.Iat, DateTime.Now.ToUnixEpochDate().ToString(), ClaimValueTypes.Integer64));
foreach (var userRole in userRoles)
{
claims.Add(new Claim("role", userRole));
}
var identityClaims = new ClaimsIdentity();
identityClaims.AddClaims(claims);
var tokenHandler = new JwtSecurityTokenHandler();
var key = Encoding.ASCII.GetBytes(_appSettings.Secret);
var token = tokenHandler.CreateToken(new SecurityTokenDescriptor
{
Issuer = _appSettings.Emissor,
Audience = _appSettings.ValidoEm,
Subject = identityClaims,
Expires = DateTime.UtcNow.AddHours(_appSettings.ExpiracaoHoras),
SigningCredentials = new SigningCredentials(new SymmetricSecurityKey(key), SecurityAlgorithms.HmacSha256Signature)
});
var encodedToken = tokenHandler.WriteToken(token);
var response = new LoginResponseViewModel
{
AccessToken = encodedToken,
ExpiresIn = TimeSpan.FromHours(_appSettings.ExpiracaoHoras).TotalSeconds,
UserToken = new UserTokenViewModel
{
Id = user.Id,
Email = user.Email,
Claims = claims.Select(c => new ClaimViewModel {
Type = c.Type, Value = c.Value
})
}
};
return(response);
}
private async Task <LoginResponseViewModel> CreateToken(string email)
{
var user = await _userManager.FindByEmailAsync(email);
var claims = await _userManager.GetClaimsAsync(user);
var userRoles = await _userManager.GetRolesAsync(user);
claims.Add(new Claim(JwtRegisteredClaimNames.Sub, user.Id));
claims.Add(new Claim(JwtRegisteredClaimNames.Email, user.Email));
claims.Add(new Claim(JwtRegisteredClaimNames.Jti, Guid.NewGuid().ToString()));
claims.Add(new Claim(JwtRegisteredClaimNames.Nbf, ToUnixEpochDate(DateTime.UtcNow).ToString()));
claims.Add(new Claim(JwtRegisteredClaimNames.Iat, ToUnixEpochDate(DateTime.UtcNow).ToString(), ClaimValueTypes.Integer64));
foreach (var userRole in userRoles)
{
claims.Add(new Claim("role", userRole));
}
var identityClaims = new ClaimsIdentity();
identityClaims.AddClaims(claims);
var tokenHandler = new JwtSecurityTokenHandler();
var key = Encoding.ASCII.GetBytes(_appSettings.Secret);
var token = tokenHandler.CreateToken(new SecurityTokenDescriptor
{
Issuer = _appSettings.Emissor,
Audience = _appSettings.ValidIn,
Subject = identityClaims,
Expires = DateTime.UtcNow.AddHours(_appSettings.ExpirationHours),
SigningCredentials = new SigningCredentials(new SymmetricSecurityKey(key), SecurityAlgorithms.HmacSha256Signature)
});
var encodedToken = tokenHandler.WriteToken(token);
List <string> ListClaimsExcluded = new List <string>()
{
"sub", "email", "jti", "iat", "nbf"
};
var response = new LoginResponseViewModel
{
AccessToken = encodedToken,
ExpiresIn = TimeSpan.FromHours(_appSettings.ExpirationHours).TotalSeconds,
UserToken = new UserTokenViewModel
{
Id = user.Id,
Email = user.Email,
Claims = claims.Select(c => new ClaimViewModel {
Type = c.Type, Value = c.Value
}).Where(x => !ListClaimsExcluded.Contains(x.Type))
}
};
return(response);
}
private async Task <LoginResponseViewModel> GerarJwt(string email)
{
var user = await _userManager.FindByEmailAsync(email);
var claims = await _userManager.GetClaimsAsync(user); // claims do usuario
var userRoles = await _userManager.GetRolesAsync(user); // Roles do usuario
// Claims necessarias ja geradas em nosso token porem iremos passar para garantir que tudo sera passado de uma vez só
claims.Add(new Claim(JwtRegisteredClaimNames.Sub, user.Id)); // Usuario
claims.Add(new Claim(JwtRegisteredClaimNames.Email, user.Email)); // Email
claims.Add(new Claim(JwtRegisteredClaimNames.Jti, Guid.NewGuid().ToString())); // Id to token
claims.Add(new Claim(JwtRegisteredClaimNames.Nbf, ToUnixEpochDate(DateTime.UtcNow).ToString())); // Not value before - nao teve valor antes de
claims.Add(new Claim(JwtRegisteredClaimNames.Iat, ToUnixEpochDate(DateTime.UtcNow).ToString(), ClaimValueTypes.Integer64)); // Quando foi emitido
foreach (var userRole in userRoles) // Roles do usuario
{
claims.Add(new Claim("role", userRole));
}
// Necessario converter nossas claims para ClaimsIdentity
// ClaimsIdentity - possui toda coleção de claims que temos inclusive as do token
var identityClaims = new ClaimsIdentity();
identityClaims.AddClaims(claims);
var tokenHandler = new JwtSecurityTokenHandler();
var key = Encoding.ASCII.GetBytes(_appSettings.Secret);
var token = tokenHandler.CreateToken(new SecurityTokenDescriptor
{
Issuer = _appSettings.Emissor,
Audience = _appSettings.ValidoEm,
Subject = identityClaims, // Claims no token
Expires = DateTime.UtcNow.AddHours(_appSettings.ExpiracaoHoras),
SigningCredentials = new SigningCredentials(new SymmetricSecurityKey(key), SecurityAlgorithms.HmacSha256Signature)
});
var encodedToken = tokenHandler.WriteToken(token); // Serializamos nosso token para ficar compativel com padrao da web
var response = new LoginResponseViewModel
{
AccessToken = encodedToken,
ExpiresIn = TimeSpan.FromHours(_appSettings.ExpiracaoHoras).TotalSeconds,
UserToken = new UserTokenViewModel
{
Id = user.Id,
Email = user.Email,
Claims = claims.Select(c => new ClaimViewModel
{
Type = c.Type,
Value = c.Value
})
}
};
return(response);
}
private LoginResponseViewModel MontarLoginResponse(string encodedToken)
{
var response = new LoginResponseViewModel
{
AccessToken = encodedToken,
ExpiresIn = TimeSpan.FromSeconds(_appSettings.ExpiracaoSegundos).TotalSeconds,
};
return(response);
}
private async Task <LoginResponseViewModel> GenerateJwt(string email)
{
// Pegando os dados para adicionar no Token
var user = await _userManager.FindByEmailAsync(email);
var claims = await _userManager.GetClaimsAsync(user); // Pegando as Claims do usuario (do banco)
var userRoles = await _userManager.GetRolesAsync(user);
// Adicionando as claims padrao
claims.Add(new Claim(JwtRegisteredClaimNames.Sub, user.Id));
claims.Add(new Claim(JwtRegisteredClaimNames.Email, user.Email));
claims.Add(new Claim(JwtRegisteredClaimNames.Jti, Guid.NewGuid().ToString())); // Id do Token
claims.Add(new Claim(JwtRegisteredClaimNames.Nbf, ToUnixEpochDate(DateTime.UtcNow).ToString()));
claims.Add(new Claim(JwtRegisteredClaimNames.Iat, ToUnixEpochDate(DateTime.UtcNow).ToString(), ClaimValueTypes.Integer64));
// Adicionando as roles no Token na colecao de claim
foreach (var userRole in userRoles)
{
claims.Add(new Claim("role", userRole));
}
var identityClaims = new ClaimsIdentity();
identityClaims.AddClaims(claims);
var tokenHandler = new JwtSecurityTokenHandler();
var key = Encoding.ASCII.GetBytes(_appSettings.Secret);
var token = tokenHandler.CreateToken(new SecurityTokenDescriptor
{
Issuer = _appSettings.Issuer,
Audience = _appSettings.ValidOn,
Subject = identityClaims,
Expires = DateTime.UtcNow.AddHours(_appSettings.ExpirationHour),
SigningCredentials = new SigningCredentials(new SymmetricSecurityKey(key), SecurityAlgorithms.HmacSha256Signature)
});
var encodedToken = tokenHandler.WriteToken(token);
var response = new LoginResponseViewModel
{
AccessToken = encodedToken,
ExpiresIn = TimeSpan.FromHours(_appSettings.ExpirationHour).TotalHours,
UserToken = new UserTokenViewModel
{
Id = user.Id,
Email = user.Email,
Claims = claims.Select(p => new ClaimViewModel {
Type = p.Type, Value = p.Value
})
}
};
return(response);
}
public ProcessResult <LoginResponseViewModel> Login(LoginViewModel Loginuser)
{
var user = _KhatmaContext.Users.Where(c => c.UserName == Loginuser.UserName && c.Password == Loginuser.Password).ToList().FirstOrDefault();
if (user != null)
{
if (!String.IsNullOrEmpty(Loginuser.DeviceToken))
{
var userDevice = _KhatmaContext.userDevices.Where(c => c.UserID == user.Id).ToList().LastOrDefault();
if (userDevice != null)
{
userDevice.DeviceToken = Loginuser.DeviceToken;
_KhatmaContext.userDevices.Update(userDevice);
}
else
{
var newUserDevice = new UserDevice()
{
UserID = user.Id,
DeviceToken = Loginuser.DeviceToken
};
_KhatmaContext.userDevices.Add(newUserDevice);
}
Save();
}
var group = _KhatmaContext.UserGroups.Find(user.GroupId);
var response = new LoginResponseViewModel();
response.User_Group = _Mapper.Map <Group, UserGroup>(group);
var Setting = _KhatmaContext.KhatmaSettings.ToList().Last();
response.KhatmaCount = Setting.KhatmaCount;
response.GroupId = user.GroupId;
response.PageNo = user.PageNo;
response.Password = user.Id.ToString();
response.Role = user.Role;
response.UserName = user.UserName;
response.UserId = user.Id;
response.UsersCount = _KhatmaContext.Users.Count();
return(new ProcessResult <LoginResponseViewModel>()
{
Data = response,
IsSucceeded = true,
Status = "200"
});
}
else
{
return(new ProcessResult <LoginResponseViewModel>()
{
Data = null,
IsSucceeded = false,
Status = "200",
Message = "Invalid User Name Or Password"
});
}
}
public StudentDashboard(LoginResponseViewModel model)
{
this.loginModel = model;
InitializeComponent();
user = db.Users.Find(loginModel.UserId);
MyInformation mf = new MyInformation(user);
mf.MdiParent = this;
mf.Show();
}
