public IActionResult Edit(int id, EditProductViewModel model) { try { var domain = Service <TemplateDomain>(); var product = domain.GetProductById(id); if (product == null) { return(NotFound(new ApiResult() { Code = ResultCode.NotFound, Message = ResultCode.NotFound.DisplayName() })); } domain.EditProduct(product, model); _uow.SaveChanges(); _logger.CustomProperties(new { id, model }).Info("Edit product"); return(NoContent()); } catch (Exception e) { _logger.Error(e); return(Error(new ApiResult() { Code = ResultCode.UnknownError, Message = ResultCode.UnknownError.DisplayName() + ": " + e.Message })); } }
public async Task <IActionResult> CreateMember(CreateMemberModel model) { bool checkEmailDomain = _identityService.ValidateEmailDomain(model.Email); if (!checkEmailDomain) { return(Unauthorized(AppResult.InvalidEmailDomain())); } var entity = await _identityService.GetUserByEmailAsync(model.Email); if (entity != null) { var validationData = new ValidationData(); validationData = validationData.Fail(code: AppResultCode.EmailExisted); return(BadRequest(AppResult.FailValidation(validationData))); } var emailInfo = model.Email.GetEmailInfo(); entity = _identityService.ConvertToUser(model, emailInfo.Item3); using (var transaction = context.Database.BeginTransaction()) { model.Roles = model.Roles ?? new HashSet <string>(); if (model.CreateDepartmentMembers.Any(o => o.IsManager == true) || model.CreateAreaMembers.Any(o => o.IsManager == true)) { model.Roles.Add(RoleName.MANAGER); } var result = await _identityService .CreateUserWithoutPassAsync(entity, model.Roles); if (!result.Succeeded) { foreach (var err in result.Errors) { ModelState.AddModelError(err.Code, err.Description); } var builder = ResultHelper.MakeInvalidAccountRegistrationResults(ModelState); return(BadRequest(builder)); } _logger.CustomProperties(entity).Info("Register new user"); var memberEntity = _service.CreateMember(model, entity, emailInfo); //log event var ev = _sysService.GetEventForNewUser( $"Admin has created a user with email {model.Email}", UserId); _sysService.CreateAppEvent(ev); //end log event context.SaveChanges(); transaction.Commit(); } return(NoContent()); }
public async Task <IActionResult> OnPost(Business.Models.LoginModel model, string return_url = Constants.Routing.DASHBOARD) { SetPageInfo(); //this is auto handled by anti-forgery: return 400 bad request if (User.Identity.IsAuthenticated) { Message = "Already logged in"; MessageTitle = "Already logged in"; return(this.MessageView()); } var entity = await identityService.AuthenticateAsync(model.username, model.password); if (entity != null) { #region Custom Signin for extra claims store var principal = await identityService.GetApplicationPrincipalAsync(entity); var utcNow = DateTime.UtcNow; var cookieProps = new AuthenticationProperties() { IssuedUtc = utcNow, }; if (model.remember_me) { cookieProps.IsPersistent = true; cookieProps.ExpiresUtc = utcNow.AddHours(Settings.Instance.CookiePersistentHours); } await HttpContext.SignInAsync(principal.Identity.AuthenticationType, principal, cookieProps); #endregion _logger.CustomProperties(entity).Info("Login user"); #region Generate token var identity = await identityService.GetIdentityAsync(entity, JwtBearerDefaults.AuthenticationScheme); principal = new ClaimsPrincipal(identity); var props = new AuthenticationProperties() { IssuedUtc = utcNow, ExpiresUtc = utcNow.AddHours(WebAdmin.Settings.Instance.TokenValidHours) }; props.Parameters["refresh_expires"] = utcNow.AddHours( WebAdmin.Settings.Instance.RefreshTokenValidHours); var resp = identityService.GenerateTokenResponse(principal, props); #endregion return(LocalRedirect($"{Constants.Routing.INDEX}?access_token=" + $"{resp.access_token}" + $"&refresh_token={resp.refresh_token}" + $"&expires_utc={resp.expires_utc}" + $"&issued_utc={resp.issued_utc}" + $"&token_type={resp.token_type}&" + $"&return_url={return_url}")); } Message = "Invalid username or password"; return(Page()); }
public IActionResult Edit(int id, EditGroupViewModel model) { try { if (ModelState.IsValid) { var domain = Service <GroupDomain>(); var group = domain.Groups.Id(id); if (group == null) { return(NotFound(new ApiResult() { Code = ResultCode.NotFound, Message = ResultCode.NotFound.DisplayName() })); } domain.EditGroup(group, model); var ev = _eDomain.EditGroup(group, User); _uow.SaveChanges(); var data = new Dictionary <string, string>(); data["title"] = "Your group is edited"; data["message"] = ev.Message; _eDomain.Notify(new Message { Topic = $"GROUP_MEMBER_{group.Id}", Data = data }); _logger.CustomProperties(new { id, model }).Info("Edit group"); return(NoContent()); } var message = ""; if (ModelState.ContainsKey("name")) { message += string.Join('\n', ModelState["name"].Errors.Select(e => e.ErrorMessage).ToList()); } return(BadRequest(new ApiResult() { Code = ResultCode.FailValidation, Data = ModelState, Message = message })); } catch (Exception e) { _logger.Error(e); return(Error(new ApiResult() { Code = ResultCode.UnknownError, Message = ResultCode.UnknownError.DisplayName() + ": " + e.Message })); } }
public async Task <IActionResult> LogIn([FromForm] AuthorizationGrantModel model) { var validationData = _service.ValidateLogin(User, model); if (!validationData.IsValid) { return(BadRequest(AppResult.FailValidation(data: validationData))); } AppUser entity = null; switch (model.grant_type) { case "password": case null: { entity = await _service.AuthenticateAsync(model.username, model.password); if (entity == null) { return(Unauthorized(AppResult .Unauthorized(mess: "Invalid username or password"))); } } break; case "refresh_token": { var validResult = _service.ValidateRefreshToken(model.refresh_token); if (validResult == null) { return(Unauthorized(AppResult .Unauthorized(mess: "Invalid refresh token"))); } entity = await _service.GetUserByIdAsync(validResult.Identity.Name); if (entity == null) { return(Unauthorized(AppResult .Unauthorized(mess: "Invalid user identity"))); } } break; default: return(BadRequest(AppResult .Unsupported("Unsupported grant type"))); } var identity = await _service.GetIdentityAsync(entity, JwtBearerDefaults.AuthenticationScheme); var principal = new ClaimsPrincipal(identity); var utcNow = DateTime.UtcNow; var props = new AuthenticationProperties() { IssuedUtc = utcNow, ExpiresUtc = utcNow.AddHours(WebApi.Settings.Instance.TokenValidHours) }; props.Parameters["refresh_expires"] = utcNow.AddHours( WebApi.Settings.Instance.RefreshTokenValidHours); var resp = _service.GenerateTokenResponse(principal, props, model.scope); _logger.CustomProperties(entity).Info("Login user"); return(Ok(resp)); }
public IActionResult Edit(int id, EditTaskViewModel model) { try { if (ModelState.IsValid) { var domain = Service <TaskDomain>(); var task = domain.Tasks.Id(id); if (task == null) { return(NotFound(new ApiResult() { Code = ResultCode.NotFound, Message = ResultCode.NotFound.DisplayName() })); } domain.EditTask(task, model); var ev = _eDomain.EditTask(task, User); _uow.SaveChanges(); if (task.OfUser != task.CreatedUser) { var data = new Dictionary <string, string>(); data["title"] = "Your task has been edited"; data["message"] = ev.Message; _eDomain.Notify(new Message { Topic = User.Identity.Name == task.OfUser ? task.CreatedUser : task.OfUser, Data = data }); } _logger.CustomProperties(new { id, model }).Info("Edit task"); return(NoContent()); } var message = ""; if (ModelState.ContainsKey("name")) { message += string.Join('\n', ModelState["name"].Errors.Select(e => e.ErrorMessage).ToList()); } return(BadRequest(new ApiResult() { Code = ResultCode.FailValidation, Data = ModelState, Message = message })); } catch (Exception e) { _logger.Error(e); return(Error(new ApiResult() { Code = ResultCode.UnknownError, Message = ResultCode.UnknownError.DisplayName() + ": " + e.Message })); } }
public async Task <IActionResult> LogIn(AuthorizationGrantModel model) { var validationData = _service.ValidateLogin(User, model); if (!validationData.IsValid) { return(BadRequest(AppResult.FailValidation(data: validationData))); } AppUser entity; switch (model.grant_type) { case "password": case null: { entity = await _service.AuthenticateAsync(model.username, model.password); if (entity == null) { return(Unauthorized(AppResult .Unauthorized(mess: "Invalid username or password"))); } } break; case "refresh_token": { var validResult = _service.ValidateRefreshToken(model.refresh_token); if (validResult == null) { return(Unauthorized(AppResult .Unauthorized(mess: "Invalid refresh token"))); } entity = await _service.GetUserByIdAsync(validResult.Identity.Name); if (entity == null) { return(Unauthorized(AppResult .Unauthorized(mess: "Invalid user identity"))); } } break; case "firebase_token": { FirebaseToken validResult = await _service.ValidateFirebaseToken(model.firebase_token); if (validResult == null) { return(Unauthorized(AppResult .Unauthorized(mess: "Invalid Firebase token"))); } UserRecord userRecord = await FirebaseAuth.DefaultInstance.GetUserAsync(validResult.Uid); bool checkEmailDomain = _service.ValidateEmailDomain(userRecord.Email); if (!checkEmailDomain) { return(Unauthorized(AppResult.InvalidEmailDomain())); } entity = await _service.GetUserByEmailAsync(userRecord.Email); var userExisted = entity != null; if (!userExisted || !entity.LoggedIn) { using (var transaction = context.Database.BeginTransaction()) { Member memberEntity; if (!userExisted) { var emailInfo = userRecord.Email.GetEmailInfo(); entity = _service.ConvertToUser(userRecord, emailInfo.Item3); var result = await _service .CreateUserWithoutPassAsync(entity); if (!result.Succeeded) { foreach (var err in result.Errors) { ModelState.AddModelError(err.Code, err.Description); } var builder = ResultHelper.MakeInvalidAccountRegistrationResults(ModelState); return(BadRequest(builder)); } _logger.CustomProperties(entity).Info("Register new user"); memberEntity = _memberService.ConvertToMember(entity, entity.MemberCode); memberEntity = _memberService.CreateMember(memberEntity); } else { entity = _service.UpdateUser(entity, userRecord); var result = await _service.UpdateUserAsync(entity); if (!result.Succeeded) { foreach (var err in result.Errors) { ModelState.AddModelError(err.Code, err.Description); } var builder = ResultHelper.MakeInvalidAccountRegistrationResults(ModelState); return(BadRequest(builder)); } memberEntity = _memberService.Members.Id(entity.Id).FirstOrDefault(); memberEntity = _memberService.UpdateMember(memberEntity, entity); } //log event var ev = _sysService.GetEventForNewUser( $"{memberEntity.Email} has logged into system for the first time", memberEntity.UserId); _sysService.CreateAppEvent(ev); //end log event context.SaveChanges(); transaction.Commit(); } } } break; default: return(BadRequest(AppResult.Unsupported("Unsupported grant type"))); } var identity = await _service.GetIdentityAsync(entity, JwtBearerDefaults.AuthenticationScheme); var principal = new ClaimsPrincipal(identity); var utcNow = DateTime.UtcNow; var props = new AuthenticationProperties() { IssuedUtc = utcNow, ExpiresUtc = utcNow.AddHours(WebApi.Settings.Instance.TokenValidHours) }; props.Parameters["refresh_expires"] = utcNow.AddHours( WebApi.Settings.Instance.RefreshTokenValidHours); var resp = _service.GenerateTokenResponse(principal, props, model.scope ?? AppOAuthScope.ROLES); _logger.CustomProperties(entity).Info("Login user"); return(Ok(resp)); }
public async Task <IActionResult> OnPost(Business.Models.LoginModel model, string return_url = Routing.DASHBOARD) { SetPageInfo(); //this is auto handled by anti-forgery: return 400 bad request if (User.Identity.IsAuthenticated) { Message = "Can only logged in once at a time"; MessageTitle = "Already logged in"; return(this.MessageView()); } FirebaseToken validResult = await identityService.ValidateFirebaseToken(model.firebase_token); if (validResult == null) { Message = "Invalid firebase token"; return(Page()); } UserRecord userRecord = await FirebaseAuth.DefaultInstance.GetUserAsync(validResult.Uid); bool checkEmailDomain = identityService.ValidateEmailDomain(userRecord.Email); if (!checkEmailDomain) { Message = "Invalid email domain"; return(Page()); } AppUser entity = await identityService.GetUserByEmailAsync(userRecord.Email); if (entity == null) { Message = "Access denied"; return(Page()); } if (!entity.LoggedIn) { using (var transaction = context.Database.BeginTransaction()) { Member memberEntity; entity = identityService.UpdateUser(entity, userRecord); var result = await identityService.UpdateUserAsync(entity); if (!result.Succeeded) { foreach (var err in result.Errors) { ModelState.AddModelError(err.Code, err.Description); } var builder = ResultHelper.MakeInvalidAccountRegistrationResults(ModelState); return(BadRequest(builder)); } memberEntity = memberService.Members.Id(entity.Id).FirstOrDefault(); memberEntity = memberService.UpdateMember(memberEntity, entity); //log event var ev = systemService.GetEventForNewUser( $"{memberEntity.Email} has logged into system for the first time", memberEntity.UserId); systemService.CreateAppEvent(ev); //end log event context.SaveChanges(); transaction.Commit(); } } #region Custom Signin for extra claims store var principal = await identityService.GetApplicationPrincipalAsync(entity); var validationData = identityService.ValidateLoginAdmin(principal, entity); if (!validationData.IsValid) { Message = string.Join("<br/>", validationData.Results.Select(o => o.Message)); return(Page()); } var utcNow = DateTime.UtcNow; var cookieProps = new AuthenticationProperties() { IssuedUtc = utcNow, }; if (model.remember_me) { cookieProps.IsPersistent = true; cookieProps.ExpiresUtc = utcNow.AddHours(Settings.Instance.CookiePersistentHours); } await HttpContext.SignInAsync(principal.Identity.AuthenticationType, principal, cookieProps); #endregion _logger.CustomProperties(entity).Info("Login user"); #region Generate token var identity = await identityService.GetIdentityAsync(entity, JwtBearerDefaults.AuthenticationScheme); principal = new ClaimsPrincipal(identity); var props = new AuthenticationProperties() { IssuedUtc = utcNow, ExpiresUtc = utcNow.AddHours(WebAdmin.Settings.Instance.TokenValidHours) }; props.Parameters["refresh_expires"] = utcNow.AddHours( WebAdmin.Settings.Instance.RefreshTokenValidHours); var resp = identityService.GenerateTokenResponse(principal, props, AppOAuthScope.ROLES); _logger.CustomProperties(entity).Info("Login user"); #endregion return(LocalRedirect($"{Routing.INDEX}?access_token=" + $"{resp.access_token}" + $"&refresh_token={resp.refresh_token}" + $"&expires_utc={resp.expires_utc}" + $"&issued_utc={resp.issued_utc}" + $"&token_type={resp.token_type}&" + $"&return_url={return_url}")); }
public async Task <IActionResult> LogIn([FromForm] AuthorizationGrantModel model) { var validationResult = _service.ValidateLogin(User, model); if (!validationResult.Valid) { return(BadRequest(validationResult.Result)); } AppUser entity = null; switch (model.grant_type) { case "password": case null: { entity = await _service.AuthenticateAsync(model.username, model.password); if (entity == null) { return(Unauthorized(new AppResultBuilder() .Unauthorized(mess: "Invalid username or password"))); } } break; case "refresh_token": { var validResult = _service.ValidateRefreshToken(model.refresh_token); if (validResult == null) { return(Unauthorized(new AppResultBuilder() .Unauthorized(mess: "Invalid refresh token"))); } entity = await _service.GetUserByIdAsync(validResult.Identity.Name); if (entity == null) { return(Unauthorized(new AppResultBuilder() .Unauthorized(mess: "Invalid user identity"))); } } break; default: return(BadRequest(new AppResultBuilder() .Unsupported("Unsupported grant type"))); } var identity = await _service.GetIdentityAsync(entity, JwtBearerDefaults.AuthenticationScheme); var principal = new ClaimsPrincipal(identity); var utcNow = DateTime.UtcNow; var props = new AuthenticationProperties() { IssuedUtc = utcNow, ExpiresUtc = utcNow.AddHours(WebApi.Settings.Instance.TokenValidHours) }; props.Parameters["refresh_expires"] = utcNow.AddHours( WebApi.Settings.Instance.RefreshTokenValidHours); var resp = _service.GenerateTokenResponse(principal, props, model.scope); _logger.CustomProperties(entity).Info("Login user"); if (principal.IsInRole(RoleName.Device)) { if (model.fcm_token == null) { return(BadRequest(new AppResultBuilder() .FailValidation(mess: "FCM Token is required for device login"))); } using (var trans = context.Database.BeginTransaction()) { var device = _deviceService.Devices.Id(entity.Id).FirstOrDefault(); var oldFcmToken = device.CurrentFcmToken; _deviceService.ChangeDeviceToken(device, model.fcm_token, resp.access_token); context.SaveChanges(); _service.LoginDevice(device, oldFcmToken, model.fcm_token); trans.Commit(); } } return(Ok(resp)); }
public async Task <IActionResult> LogIn(AuthorizationGrantViewModel model) { try { AppUsers user = null; switch (model.grant_type) { case "password": case null: { user = await _iDomain.AuthenticateAsync(model.username, model.password); if (user == null) { return(Unauthorized(new ApiResult() { Code = ResultCode.Unauthorized, Message = "Invalid username or password" })); } } break; case "refresh_token": { var validResult = _iDomain.ValidateRefreshToken(model.refresh_token); if (validResult == null) { return(Unauthorized(new ApiResult() { Code = ResultCode.Unauthorized, Message = "Invalid refresh_token" })); } user = await _iDomain.GetUserById(validResult.Identity.Name); if (user == null) { return(Unauthorized(new ApiResult() { Code = ResultCode.Unauthorized, Message = "Invalid user identity" })); } } break; default: return(BadRequest(new ApiResult() { Code = ResultCode.Unsupported, Message = "Unsupported grant_type" })); } var identity = await _iDomain.GetIdentityAsync(user, JwtBearerDefaults.AuthenticationScheme); var principal = new ClaimsPrincipal(identity); var utcNow = DateTime.UtcNow; var props = new AuthenticationProperties() { IssuedUtc = utcNow, ExpiresUtc = utcNow.AddHours(App.Instance.TokenValidHours) }; var ticket = new AuthenticationTicket(principal, props, principal.Identity.AuthenticationType); var resp = _iDomain.GenerateTokenResponse(ticket); if (model.fcm_token != null) { var linkResult = await _iDomain.LinkFCMToken(user, model.fcm_token); if (!linkResult.Succeeded) { throw new Exception("Can not link FCM token"); } } _logger.CustomProperties(user).Info("Login user"); return(Ok(resp)); } catch (Exception e) { _logger.Error(e); return(Error(new ApiResult() { Code = ResultCode.UnknownError, Message = ResultCode.UnknownError.DisplayName() + ": " + e.Message })); } }