/// <summary>
/// Logs the user in to the API
/// </summary>
public LoginUserResponse ExecuteLoginUser(LoginUserQueryParam loginParams)
{
if (string.IsNullOrWhiteSpace(loginParams.Email))
{
throw new UseCaseException()
{
UserErrorMessage = "Could not login as the email address was invalid"
}
}
;
if (string.IsNullOrWhiteSpace(loginParams.Password))
{
throw new UseCaseException()
{
UserErrorMessage = "Could not login as the password was invalid"
}
}
;
var loginResult = _authenticateGateway.LoginUser(loginParams);
if (!loginResult.Success)
{
throw new UseCaseException()
{
UserErrorMessage = loginResult.ResponseMessage == null ? "Could not login as the email and/or password was invalid" : loginResult.ResponseMessage
}
}
;
var user = _usersGateway.GetUserByEmail(loginParams.Email, UserStatus.Active);
var loginResponse = CreateLoginSession(loginParams, user);
return(loginResponse);
}
public LoginUserQueryParam ChangePassword(ResetPasswordQueryParams changePasswordParams)
{
var userPool = new CognitoUserPool(_connectionInfo.UserPoolId, _connectionInfo.ClientId, _provider);
var cognitoUser = new CognitoUser(changePasswordParams.Email, _connectionInfo.ClientId, userPool, _provider);
try
{
AuthFlowResponse authResponse = null;
authResponse = cognitoUser.StartWithSrpAuthAsync(new InitiateSrpAuthRequest()
{
Password = changePasswordParams.Password
}).Result;
while (authResponse.AuthenticationResult == null)
{
if (authResponse.ChallengeName == ChallengeNameType.NEW_PASSWORD_REQUIRED)
{
authResponse =
cognitoUser.RespondToNewPasswordRequiredAsync(new RespondToNewPasswordRequiredRequest()
{
SessionID = authResponse.SessionID,
NewPassword = changePasswordParams.NewPassword,
}).Result;
}
}
if (authResponse.AuthenticationResult != null)
{
LoggingHandler.LogInfo("User successfully authenticated.");
var loginParams = new LoginUserQueryParam();
loginParams.Email = changePasswordParams.Email;
loginParams.Password = changePasswordParams.NewPassword;
return(loginParams);
}
else
{
LoggingHandler.LogError("Error in authentication process.");
}
}
catch (AggregateException e)
{
e.Handle((x) =>
{
if (x is NotAuthorizedException) // This we know how to handle.
{
LoggingHandler.LogInfo("Authentication Gateway: Invalid credentials provided.");
return(true);
}
if (x is UserNotFoundException) // This we know how to handle.
{
LoggingHandler.LogInfo("Authentication Gateway: User not found.");
return(true);
}
return(false); // Let anything else stop the application.
});
}
return(null);
}
public IActionResult LoginUser([FromBody] LoginUserQueryParam queryParam)
{
try
{
queryParam.IpAddress = HttpContext.Connection.RemoteIpAddress.ToString();
var response = _authenticateUseCase.ExecuteLoginUser(queryParam);
Response.Cookies.Append(Cookies.AccessTokenName, response.AccessToken);
return(Ok());
}
catch (UseCaseException e)
{
return(BadRequest(e));
}
}
public AuthenticationResult LoginUser(LoginUserQueryParam loginUserQueryParam)
{
InitiateAuthRequest iaRequest = new InitiateAuthRequest
{
ClientId = _connectionInfo.ClientId,
AuthFlow = AuthFlowType.USER_PASSWORD_AUTH
};
iaRequest.AuthParameters.Add("USERNAME", loginUserQueryParam.Email);
iaRequest.AuthParameters.Add("PASSWORD", loginUserQueryParam.Password);
InitiateAuthResponse authResp = new InitiateAuthResponse();
var authResult = new AuthenticationResult();
try
{
authResp = _provider.InitiateAuthAsync(iaRequest).Result;
authResult.AccessToken = authResp.AuthenticationResult.AccessToken;
authResult.IdToken = authResp.AuthenticationResult.IdToken;
authResult.RefreshToken = authResp.AuthenticationResult.RefreshToken;
authResult.TokenType = authResp.AuthenticationResult.TokenType;
authResult.ExpiresIn = authResp.AuthenticationResult.ExpiresIn;
authResult.Success = true;
}
catch (AggregateException e)
{
e.Handle((x) =>
{
if (x is UserNotConfirmedException) // This we know how to handle.
{
LoggingHandler.LogInfo("User not confirmed.");
authResult.Success = false;
authResult.ResponseMessage = "User not confirmed";
return(true);
}
if (x is NotAuthorizedException) // This we know how to handle.
{
LoggingHandler.LogInfo("Invalid credentials provided.");
authResult.Success = false;
authResult.ResponseMessage = "Invalid credentials provided.";
return(true);
}
return(false); // Let anything else stop the application.
});
}
return(authResult);
}
