public async Task <UserLoginResponseDTO> Login(UserLoginDTO dto)
{
var user = await _context.Users.WhereIsNotDeleted()
.Include(u => u.Role)
.FirstOrDefaultAsync(u => u.UserName == dto.UserName);
if (user != null &&
PasswordHelper.VerifyPassword(dto.Password, user.PasswordHash))
{
//todo think about BL_CODE_USER_NOT_CONFIRMED exception
/*if (user.StatusId < (int) UserStatusEnum.Confirmed)
* {
* throw new BusinessLogicException(ExceptionCodes.BL_CODE_USER_NOT_CONFIRMED);
* }*/
var jwtToken = GetJwt(user);
var refreshToken = GetRefreshToken(user.Id, user.UserName, user.Role?.Name);
var response = new UserLoginResponseDTO
{
AccessToken = jwtToken,
UserName = user.UserName,
Role = user.Role?.Name,
CompanyId = user.CompanyId,
RefreshToken = refreshToken
};
return(response);
}
throw new BadRequestException(ExceptionCodes.COMMON_NOT_EXIST);
}
public async Task RequestTokenAsync_exist_correctPassword_get_token()
{
// Arrange
var controller = new UserController(UserService.Object);
UserLoginDTO userLoginDTO = new UserLoginDTO(UserEntities.First().Username, UserEntities.First().Password);
// Act
IActionResult response = await controller.RequestTokenAsync(userLoginDTO);
// Assert
Assert.IsInstanceOfType(response, typeof(OkObjectResult));
var result = response as OkObjectResult;
Assert.AreEqual(200, result.StatusCode);
Assert.IsNotNull(result.Value);
Assert.IsInstanceOfType(result.Value, typeof(UserLoginResponseDTO));
UserLoginResponseDTO loginDTO = result.Value as UserLoginResponseDTO;
Assert.IsNotNull(loginDTO.Token);
Assert.IsInstanceOfType(loginDTO.Token, typeof(string));
}
//public async Task<MobileUserDTO> ResetPasswordMobile(string code, string newPassword)
//{
// var id = ValidateCodeAndGetUser(code);
// var user = await _context.MobileUsers.WhereIsNotDeleted(x => x.Id == id).FirstAsync();
// var passwordHash = PasswordHelper.GetPasswordHash(newPassword);
// user.PasswordHash = passwordHash;
// await _context.SaveChangesAsync();
// var userDto = _mapper.Map<MobileUser, MobileUserDTO>(user);
// var paramDict = new Dictionary<string, string>();
// paramDict.Add("name", userDto.Name);
// paramDict.Add("clientDomain", ConstantsApp.CLIENT_DOMAIN);
// await _emailService.SendEmailAsync(user.Email, EmailTemplateEnum.MobileUserResetPasswordDoneEmail,
// paramDict);
// return userDto;
//}
//public async Task ResetPasswordMobileInit(string userName)
//{
// var user = await _context.MobileUsers.FirstOrDefaultAsync(x => x.UserName == userName);
// if (user == null)
// {
// throw new BadRequestException(ExceptionCodes.COMMON_NOT_EXIST);
// }
// var userDto = _mapper.Map<MobileUser, MobileUserDTO>(user);
// var paramDict = new Dictionary<string, string>();
// paramDict.Add("name", userDto.Name);
// paramDict.Add("clientDomain", ConstantsApp.CLIENT_DOMAIN);
// var code = GetCode(user.Id, user.UserName);
// paramDict.Add("code", code);
// await _emailService.SendEmailAsync(user.Email, EmailTemplateEnum.MobileUserResetPasswordEmail,
// paramDict);
//}
#endregion
#region Refresh token
public async Task <UserLoginResponseDTO> RefreshToken(string jwtToken, string refreshToken)
{
var id = ValidateRefreshTokenAndGetUser(refreshToken);
var idFromJwt = ValidateJwtBigExpireAndGetUser(jwtToken);
var user = await _context.Users.WhereIsNotDeleted(x => x.Id == id).Include(x => x.Role).FirstAsync();
var newJwtToken = GetJwt(user);
var newRefreshToken = GetRefreshToken(user.Id, user.UserName, user.Role?.Name);
if (id == idFromJwt)
{
var response = new UserLoginResponseDTO
{
AccessToken = newJwtToken,
UserName = user.UserName,
Role = user.Role?.Name,
RefreshToken = newRefreshToken
};
return(response);
}
throw new BusinessLogicException(ExceptionCodes.AUTH_REFRESH_TOKEN_INCORRECT);
}
public async Task <ActionResult> Login([FromBody] UserLoginRequestDTO userLoginRequestDTO,
[FromServices] SigningConfigurations signingConfigurations,
[FromServices] TokenConfigurations tokenConfigurations)
{
try
{
bool credentialsIsValid = false;
if (userLoginRequestDTO != null && !string.IsNullOrEmpty(userLoginRequestDTO.Email))
{
User userLogin = _userManager.FindByEmailAsync(userLoginRequestDTO.Email).Result;
IEnumerable <Address> address = userLogin.Addresses;
if (userLogin != null)
{
var result = await _signInManager.PasswordSignInAsync(userLoginRequestDTO.Email, userLoginRequestDTO.Password, false, true);
if (result.Succeeded)
{
credentialsIsValid = _userManager.IsInRoleAsync(userLogin, userLoginRequestDTO.Role).Result;
}
if (credentialsIsValid)
{
ClaimsIdentity identity = new ClaimsIdentity(
new GenericIdentity(userLoginRequestDTO.Email, "Login"),
new[] {
new Claim("Id", userLogin.Id.ToString()),
new Claim("EstablishmentId", userLogin.EstablishmentId.ToString()),
new Claim("UserName", userLogin.UserName),
new Claim(JwtRegisteredClaimNames.Jti, Guid.NewGuid().ToString("N")),
new Claim(JwtRegisteredClaimNames.UniqueName, userLoginRequestDTO.Email)
}
);
var roles = _userManager.GetRolesAsync(userLogin).Result;
foreach (string role in roles)
{
identity.AddClaim(new Claim(ClaimTypes.Role, role));
}
DateTime creationDate = DateTime.Now;
DateTime expirationDate = creationDate +
TimeSpan.FromSeconds(tokenConfigurations.Seconds);
UserLoginResponseDTO userLoginResponseDTO = new UserLoginResponseDTO
{
User = _mapper.Map <UserResponseDTO>(userLogin),
Token = new AuthToken().GemerateToken(signingConfigurations, tokenConfigurations, identity, creationDate, expirationDate),
CreationDate = creationDate,
ExpirationDate = expirationDate
};
return(Ok(userLoginResponseDTO));
}
}
return(NotFound());
}
return(BadRequest("Unable to login."));
}
catch (Exception ex)
{
return(BadRequest(ex));
}
}
