public IActionResult Authenticate([FromBody] OAuthModel login)
{
SmartHttpResult result = new SmartHttpResult();
try
{
var entity = DAL.SmartUser.GetEntityByName(login.UserName);
if (entity != null)
{
var encrypted = EncryptProvider.AESEncrypt(login.PassWord, entity.Salt);
if (entity.PassWord == encrypted)
{
//重新加密
var Saltkey = Guid.NewGuid().ToString("N");
var decrypted = EncryptProvider.AESEncrypt(login.PassWord, Saltkey);
//替换密码与密钥
DAL.SmartUser.utlSmartUserByName(login.UserName, decrypted, Saltkey);
var claims = new Claim[] {
new Claim(ClaimTypes.Name, login.UserName),
new Claim(ClaimTypes.Role, entity.Role)
};
var key = new SymmetricSecurityKey(Encoding.UTF8.GetBytes(setting.SecretKey));
var creds = new SigningCredentials(key, SecurityAlgorithms.HmacSha256);
var tokenModel = new JwtSecurityToken(
setting.Issuer,
setting.Audience,
claims,
DateTime.Now,
DateTime.Now.AddMinutes(setting.TokenExpires),
creds);
var jwtToken = new JwtTokenModel();
jwtToken.Token = new JwtSecurityTokenHandler().WriteToken(tokenModel);
var tokenUser = new TokenUserModel();
tokenUser.UserName = entity.UserName;
tokenUser.Email = entity.Email;
tokenUser.Phone = entity.Phone;
tokenUser.Avatar = entity.Avatar;
jwtToken.User = tokenUser;
result.Set(true, jwtToken);
return(new JsonResult(result));
}
else
{
result.Set(false, "用户密码不正确!");
}
}
else
{
result.Set(false, "用户不存在!");
}
}
catch (Exception err)
{
result.Set(false, err.Message);
}
return(new JsonResult(result));
}
public TokenUserModel GetTokenUserModel(string username)
{
TokenUserModel tokenUserModel = db.Tokens.Find(username);
if (tokenUserModel == null)
{
return(null);
}
return(tokenUserModel);
}
public TokenUserModel PostTokenUserModel(TokenUserModel tokenUserModel)
{
db.Tokens.Add(tokenUserModel);
try
{
db.SaveChanges();
}
catch (Exception e)
{
Console.WriteLine(e.Message);
return(null);
}
return(tokenUserModel);
}
public override async Task GrantResourceOwnerCredentials(OAuthGrantResourceOwnerCredentialsContext context)
{
var identity = new ClaimsIdentity(context.Options.AuthenticationType);
RSS_DB_EF db = new RSS_DB_EF();
string uname = context.Request.Headers.Get("Username");
string pass = context.Request.Headers.Get("Password");
if (uname == null || pass == null)
{
context.SetError("invalid_grant", "Sorry...Credentials are incorrect");
return;
}
TokenUserModel user = db.Tokens.Find(uname);
if (user != null && pass == user.password)
{
if (user.type == "admin")
{
identity.AddClaim(new Claim(ClaimTypes.Role, "admin"));
}
else
{
identity.AddClaim(new Claim(ClaimTypes.Role, "user"));
}
identity.AddClaim(new Claim("username", user.username));
identity.AddClaim(new Claim(ClaimTypes.Name, user.name));
context.Validated(identity);
}
/*if(context.UserName=="mmr"&&context.Password=="MMR")
* {
* identity.AddClaim(new Claim(ClaimTypes.Role, "user"));
* identity.AddClaim(new Claim("username", "mmr"));
* identity.AddClaim(new Claim(ClaimTypes.Name, "Mayank"));
* context.Validated(identity);
* }*/
else
{
context.SetError("invalid_grant", "Sorry...Credentials are incorrect");
return;
}
}
public bool DeleteTokenUserModel(string username)
{
TokenUserModel tokenUserModel = db.Tokens.Find(username);
if (tokenUserModel == null)
{
return(false);
}
db.Tokens.Remove(tokenUserModel);
try
{
db.SaveChanges();
}
catch (Exception e)
{
Console.WriteLine(e.Message);
return(false);
}
return(true);
}
public async Task Token(TokenUserModel model)
{
if (!ModelState.IsValid)
{
Response.StatusCode = 400;
await Response.WriteAsync("username or password cannot be empty");
return;
}
var email = model.UserName; //Request.Form["username"];
var password = model.Password; //Request.Form["password"];
var query = new GetUserByEmail(email);
var result = BusControl.SendRequest <IGetUserByEmail, IGetUserResult>(query).Result;
var identity = AuthOptions.GetIdentity(email, password, result.User.PasswordHash, result.User.RoleName);
if (identity == null)
{
Response.StatusCode = 400;
await Response.WriteAsync("Invalid username or password.");
return;
//return BadRequest("Invalid username or password.");
}
var encodedJwt = AuthOptions.Token(identity);
var response = new
{
accesstoken = encodedJwt,
username = identity.Name
};
// сериализация ответа
Response.ContentType = "application/json";
await Response.WriteAsync(JsonConvert.SerializeObject(response, new JsonSerializerSettings {
Formatting = Formatting.Indented
}));
}
public IActionResult Login([FromBody] LoginModel model)
{
var token = sessions.CreateToken(model.UserName, model.Password);
User user = userLogic.GetAll().FirstOrDefault(u => u.UserName == model.UserName);
var modelToReturn = TokenUserModel.ToModel(user);
modelToReturn.Token = token;
if (token == null)
{
return(BadRequest("Invalid user/password"));
}
var addlog = logger.Create(LogModel.ToEntity(new LogModel {
Id = new Guid(),
UserName = model.UserName,
Date = DateTime.Now,
Action = ActionType.LOGIN,
Role = user.Admin ? UserRoleType.ADMIN : UserRoleType.MANAGER
}));
return(Ok(modelToReturn));
}
public bool updateUsername(string username, [FromBody] string newUsername)
{
TokenUserModel user = db.Tokens.Find(username);
if (user == null)
{
return(false);
}
user.username = newUsername;
db.Entry <TokenUserModel>(user).State = EntityState.Modified;
try
{
db.SaveChanges();
return(true);
}
catch (Exception e)
{
Console.WriteLine(e.Message);
return(false);
}
}
public TokenUserModel GetTokenUser([FromBody] TokenUrlModel data)
{
try
{
data.token_endpoint = data.token_endpoint.Replace("dashboard", "api");
string result;
WebRequest r = WebRequest.Create(data.token_endpoint);
r.Method = "GET";
using (var response = (HttpWebResponse)r.GetResponse())
{
result = new StreamReader(response.GetResponseStream()).ReadToEnd();
response.Close();
}
TokenUserModel token = JsonConvert.DeserializeObject <TokenUserModel>(result);
////// UPDATES USER ACCESS TOKEN AGAINST ALL SNAPMAILS ////////
SnapmailDao.UpdateUserToken(token.userid, token.access_token);
///////////////////////////////////////////////////////////////
return(token);
}
catch (Exception x) { throw new HttpResponseException(HttpStatusCode.InternalServerError); }
}
public async Task <string> GenerateEncodedToken(TokenUserModel user, ClaimsIdentity identity)
{
var claims = new[]
{
new Claim(JwtRegisteredClaimNames.Sub, user.UserName),
new Claim(JwtRegisteredClaimNames.Jti, await _jwtOptions.JtiGenerator()),
new Claim(JwtRegisteredClaimNames.Iat, ToUnixEpochDate(_jwtOptions.IssuedAt).ToString(), ClaimValueTypes.Integer64),
identity.FindFirst((string)Helpers.Constants.Strings.JwtClaimIdentifiers.Rol),
identity.FindFirst((string)Helpers.Constants.Strings.JwtClaimIdentifiers.Id),
};
var jwt = new JwtSecurityToken(
issuer: _jwtOptions.Issuer,
audience: _jwtOptions.Audience,
claims: claims,
notBefore: _jwtOptions.NotBefore,
expires: _jwtOptions.Expiration,
signingCredentials: _jwtOptions.SigningCredentials);
var encodedJwt = new JwtSecurityTokenHandler().WriteToken(jwt);
return(encodedJwt);
}
public static async Task <Object> GenerateJwt(ClaimsIdentity identity, IJwtFactory jwtFactory, TokenUserModel user, JwtIssuerOptions jwtOptions)
{
var response = new
{
id = identity.Claims.Single(c => c.Type == Constants.Strings.JwtClaimIdentifiers.Id).Value,
auth_token = await jwtFactory.GenerateEncodedToken(user, identity),
expires_in = (int)jwtOptions.ValidFor.TotalSeconds
};
return(response);
}
