public async Task <UserLoginResponseModel> ValidateUser(string email, string password)
{
// get the user info my email by using GetUserByEmail
var dbUser = await _userRepository.GetUserByEmail(email);
if (dbUser == null)
{
return(null);
}
var hashedPassword = CreateHashedPassword(password, dbUser.Salt);
if (hashedPassword == dbUser.HashedPassword)
{
// passwords match so create response model object
var loginResponseModel = new UserLoginResponseModel
{
Id = dbUser.Id,
Email = dbUser.Email,
FirstName = dbUser.FirstName,
LastName = dbUser.LastName
};
return(loginResponseModel);
}
return(null);
}
private string GenerateJWT(UserLoginResponseModel userLoginResponseModel)
{
//add claims into JWT token
var claims = new List <Claim> {
new Claim(ClaimTypes.NameIdentifier, userLoginResponseModel.Id.ToString()),
new Claim(JwtRegisteredClaimNames.GivenName, userLoginResponseModel.FirstName),
new Claim(JwtRegisteredClaimNames.FamilyName, userLoginResponseModel.LastName),
new Claim(JwtRegisteredClaimNames.Email, userLoginResponseModel.Email)
};
var identityClaims = new ClaimsIdentity();
identityClaims.AddClaims(claims);
var securityKey = new SymmetricSecurityKey(Encoding.UTF8.GetBytes(_configuration["TokenSettings:PrivateKey"]));
var credentials = new SigningCredentials(securityKey, SecurityAlgorithms.HmacSha256Signature);
var expires = DateTime.UtcNow.AddHours(_configuration.GetValue <double>("TokenSettings:ExpirationHours"));
var tokenDescriptor = new SecurityTokenDescriptor
{
Subject = identityClaims,
Audience = _configuration["TokenSettings:Audience"],
Issuer = _configuration["TokenSettings:Issuer"],
SigningCredentials = credentials,
Expires = expires
};
var tokenHandler = new JwtSecurityTokenHandler();
var encodedToken = tokenHandler.CreateToken(tokenDescriptor);
return(tokenHandler.WriteToken(encodedToken));
}
private async Task DoLogin(UserLoginResponseModel userLoginResponseModel)
{
var token = GetJwtSecurityToken(userLoginResponseModel.AccessToken);
var claims = new List <Claim> {
new Claim("Jwt", userLoginResponseModel.AccessToken)
};
claims.AddRange(token.Claims);
var claimsIdentity = new ClaimsIdentity(claims, CookieAuthenticationDefaults.AuthenticationScheme);
var authProperties = new AuthenticationProperties
{
ExpiresUtc = DateTimeOffset.Now.AddMinutes(60),
IsPersistent = true
};
claims.AddRange(token.Claims);
await HttpContext.SignInAsync(
CookieAuthenticationDefaults.AuthenticationScheme,
new ClaimsPrincipal(claimsIdentity),
authProperties);
}
public async Task <UserLoginResponseModel> ValidatUser(string email, string password)
{
//Step1: Get user record from the database by email
var user = await _userRepository.GetUserByEmail(email);
if (user == null)
{
//user does not exist
throw new Exception("Register first, user does not exist");
}
//step3: Compare the database hashed password with hashed password genereated in step 2
var hashedPassword = _cryptoService.HashPassword(password, user.Salt);
if (user.HashedPassword == hashedPassword)
{ //user entered the right password
//send some user details
var response = new UserLoginResponseModel
{
Id = user.Id,
FirstName = user.FirstName,
LastName = user.LastName,
DateOfBirth = user.DateOfBirth,
Email = user.Email
};
return(response);
}
return(null);
}
public async Task <UserLoginResponseModel> Login(string email, string password)
{
var user = await _userRepository.GetUserByEmail(email);
if (user == null)
{//check in the mvc if this returned null.
return(null);
}
var hashedPasswoed = CreateHashedPassword(password, user.Salt);
if (hashedPasswoed == user.HashedPassword)
{
//user entered the correct password
var loginResponseModel = new UserLoginResponseModel
{
Id = user.Id,
Email = user.Email,
FirstName = user.FirstName,
LastName = user.LastName
};
return(loginResponseModel);
}
return(null);
}
private string GenerateJWT(UserLoginResponseModel userLoginResponseModel)
{
var claims = new List <Claim> {
new Claim(ClaimTypes.NameIdentifier, userLoginResponseModel.Id.ToString()),
new Claim(JwtRegisteredClaimNames.GivenName, userLoginResponseModel.FirstName),
new Claim(JwtRegisteredClaimNames.FamilyName, userLoginResponseModel.LastName),
new Claim(JwtRegisteredClaimNames.Email, userLoginResponseModel.Email)
};
var identityClaims = new ClaimsIdentity();
identityClaims.AddClaims(claims);
var PrivateKey = "401b09eab3c013d4ca54922bb802bec8fd5318192b0a75f201d8b3727429090fb337591abd3e44453b954555b7a0812e1081c39b740293f765eae731f5a65ed1";
var securityKey = new SymmetricSecurityKey(Encoding.UTF8.GetBytes(PrivateKey));
var credentials = new SigningCredentials(securityKey, SecurityAlgorithms.HmacSha256Signature);
var expires = DateTime.UtcNow.AddHours(72);
var tokenDescriptor = new SecurityTokenDescriptor
{
Subject = identityClaims,
Audience = "MovieShop Users",
Issuer = "MovieShop",
SigningCredentials = credentials,
Expires = expires
};
var tokenHandler = new JwtSecurityTokenHandler();
var encodedToken = tokenHandler.CreateToken(tokenDescriptor); // create the token here.
return(tokenHandler.WriteToken(encodedToken));
}
public async Task <UserLoginResponseModel> ValidateUser(string email, string password)
{
// we are gonna check if the email exists in the database
var user = await _userRepository.GetUserByEmail(email);
if (user == null)
{
return(null);
}
var hashedPassword = _encryptionService.HashPassword(password, user.Salt);
var isSuccess = user.HashedPassword == hashedPassword;
/* var roles = await _userRoleRepository.ListAllWithIncludesAsync(ur => ur.UserId == user.Id, role => role.Role);
*
* var response = _mapper.Map<UserLoginResponseModel>(user);
*
* var userRoles = roles.ToList();
* if (userRoles.Any())
* {
* response.Roles = userRoles.Select(r => r.Role.Name).ToList();
* }
*
*/
var response = new UserLoginResponseModel {
Id = user.Id, Email = user.Email,
LastName = user.LastName,
FirstName = user.FirstName,
DateOfBirth = user.DateOfBirth,
};
return(isSuccess ? response : null);
}
public async Task <UserLoginResponseModel> Login(string email, string password)
{
// go to database and get the user info -- row by email
var user = await _userRepository.GetUserbyEmail(email);
if (user == null)
{
// return null
return(null);
}
// get the password from UI and salt from above step from database and call CreateHashedPassword method
var hashedPassword = CreateHashedPassword(password, user.Salt);
if (hashedPassword == user.HashedPassword)
{
// user entered correct password
var loginResponseModel = new UserLoginResponseModel
{
Id = user.Id,
Email = user.Email,
FirstName = user.FirstName,
LastName = user.LastName
};
return(loginResponseModel);
}
return(null);
}
public async Task <UserLoginResponseModel> ValidateUser(string email, string password)
{
// we are gonna check if the email exists in the database
var user = await _userRepository.GetUserByEmail(email);
if (user == null)
{
return(null); //some one try to login without register
}
var hashedPassword = _cryptoService.HashPassword(password, user.Salt);
var isSuccess = user.HashedPassword == hashedPassword;
var response = new UserLoginResponseModel
{
Id = user.Id,
Email = user.Email,
FirstName = user.FirstName,
LastName = user.LastName,
DateOfBirth = user.DateOfBirth
};
if (isSuccess)
{
return(response);
}
else
{
return(null);
}
//return isSuccess ? response : null;
}
public async Task <UserLoginResponseModel> ValidateUser(string email, string password)
{
//check if user exists
var user = await _userRepository.GetUserByEmail(email);
//user is not registerd
if (user == null)
{
return(null);
}
var hashedPassword = _encryptionService.HashPassword(password, user.Salt);
var isSuccess = user.HashedPassword == hashedPassword;
var response = new UserLoginResponseModel
{
Id = user.Id,
Email = user.Email,
FirstName = user.FirstName,
LastName = user.LastName,
DateOfBirth = user.DateOfBirth
};
//var userRoles = roles.ToList();
//if (userRoles.Any())
//{
// response.Roles = userRoles.Select(r => r.Role.Name).ToList();
//}
//if success, return response, else return null
return(isSuccess ? response : null);
}
public async Task <UserLoginResponseModel> ValidateUser(string email, string password)
{
// Check if the email exists in the DB
var user = await _userRepository.GetUserByEmail(email);
if (user == null)
{
return(null);
}
var hashedPassword = _cryptoService.HashPassword(password, user.Salt);
var isSuccess = user.HashedPassword == hashedPassword;
var response = new UserLoginResponseModel
{
Id = user.Id,
Email = user.Email,
FirstName = user.FirstName,
LastName = user.LastName,
DateOfBirth = user.DateOfBirth,
Roles = new List <String>()
};
foreach (var userRole in user.UserRoles)
{
response.Roles.Add(userRole.Role.Name);
}
return(isSuccess ? response : null);
}
public UserLoginResponseModel Login([FromBody] UserLoginRequestModel userModel)
{
var responseMessage = this.TryExecuteOperation(() =>
{
var user = this.unitOfWork.userRepository.All()
.SingleOrDefault(
x => x.Username == userModel.Username &&
x.AuthCode == userModel.AuthCode);
if (user == null)
{
//throw new ArgumentException("User is not registered!");
return(new UserLoginResponseModel()
{
DisplayName = "",
AccessToken = ""
});
}
if (user.AccessToken == null)
{
user.AccessToken = SessionGenerator.GenerateSessionKey(user.Id);
this.unitOfWork.userRepository.Update(user.Id, user);
}
return(UserLoginResponseModel.FromEntity(user));
});
return(responseMessage);
}
public async Task <UserLoginResponseModel> ValidateUser(string email, string password)
{
// we are gonna check if the email exists in the database
var user = await _userRepository.GetUserByEmail(email);
var hashedPassword = _encryptionService.HashPassword(password, user.Salt);
var isSuccess = user.HashedPassword == hashedPassword;
var response = new UserLoginResponseModel
{
Id = user.Id,
Email = user.Email,
FirstName = user.FirstName,
LastName = user.LastName,
DateOfBirth = user.DateOfBirth
};
//var response = _mapper.Map<UserLoginResponseModel>(user);
//var userRoles = roles.ToList();
//if (userRoles.Any())
//{
// response.Roles = userRoles.Select(r => r.Role.Name).ToList();
//}
if (isSuccess)
{
return(response);
}
else
{
return(null);
}
}
public async Task <IActionResult> Login([FromBody] UserLoginRequestModel model)
{
UserLoginResponseModel response = await this._authorizationService.Login(model);
if (!response.Succeeded)
{
this.ModelState.AddModelError("", "Invalid username or password");
return(this.BadRequest(this.ModelState));
}
return(this.Ok(response));
}
//RESET OR CHANGE PASSWORD
public string SendOtpForPassReset(string otp, string email)
{
bool IsEmailTaken(string email)
{
MysqlConnectionProvider dbConnection = new MysqlConnectionProvider();
dbConnection.CreateQuery("SELECT COUNT(*) AS \"COUNTER\" FROM users WHERE email='" + email + "'");
MySqlDataReader reader = dbConnection.DoQuery();
string counter = "";
while (reader.Read())
{
counter = reader["COUNTER"].ToString();
}
dbConnection.Dispose();
return(!counter.Equals("0"));
}
if (!IsEmailTaken(email))
{
return("Email Not Found");
}
SendgridEmailProvider sendgridEmailProvider = new SendgridEmailProvider();
sendgridEmailProvider.Send("*****@*****.**", "Shanty", email, "User", "Shanty - OTP", "OTP for Password Reset", "<strong>OTP: " + otp + "</strong>");
MysqlConnectionProvider dbConnection = new MysqlConnectionProvider();
dbConnection.CreateQuery("SELECT id,isemailverified FROM users WHERE email='" + email + "'");
UserLoginResponseModel userLoginResponseModel = null;
string isEmailVerified = "";
MySqlDataReader reader = dbConnection.DoQuery();
while (reader.Read())
{
userLoginResponseModel = new UserLoginResponseModel();
userLoginResponseModel.Id = reader["id"].ToString();
isEmailVerified = reader["isemailverified"].ToString();
}
dbConnection.Dispose();
dbConnection = null;
if (userLoginResponseModel != null)
{
if (isEmailVerified == "false")
{
return("Email Not Verified");
}
return(new JwtAuthenticationProvider().GenerateJsonWebToken(userLoginResponseModel));
}
return("");
}
public UserLoginResponseModel ValidateLogin(UserLoginReqeuestModel model)
{
UserLoginResponseModel ObjResponse = new UserLoginResponseModel();
try
{
Users user = _ObjDBContext.Users.FirstOrDefault(u => u.Email.ToLower() == model.Email.ToLower() && u.IsActive == true && u.IsDeleted == false);
if (user != null)
{
var passwordHash = HashHelper.GetPasswordHash(user.SecurityStamp, model.Password);
if (user.PasswordHash != passwordHash)
{
ObjResponse.ResponseMessage = "Password is Wrong !";
ObjResponse.StatusCode = 201;
}
else
{
//Below for generate JWT Token
var tokenHandler = new JwtSecurityTokenHandler();
var key = Encoding.ASCII.GetBytes(Key);
var tokenDescriptor = new SecurityTokenDescriptor
{
Subject = new ClaimsIdentity(new Claim[]
{
new Claim(ClaimTypes.Name, user.Email.ToString())
}),
Expires = DateTime.Now.AddDays(7),
SigningCredentials = new SigningCredentials(new SymmetricSecurityKey(key), SecurityAlgorithms.HmacSha256Signature)
};
var token = tokenHandler.CreateToken(tokenDescriptor);
ObjResponse.Token = tokenHandler.WriteToken(token);
ObjResponse.ExpiryDate = tokenDescriptor.Expires;
ObjResponse.ResponseMessage = "Ok";
ObjResponse.StatusCode = 200;
}
}
else
{
ObjResponse.ResponseMessage = "Email Id is Wrong !";
ObjResponse.StatusCode = 201;
}
}
catch (Exception ex)
{
ObjResponse.ResponseMessage = Convert.ToString(ex);
ObjResponse.StatusCode = 401;
}
return(ObjResponse);
}
public UserLoginResponseModel login(UserLoginRequestModel userLoginRequestModel, out ErrorModel errorModel)
{
errorModel = null;
try
{
Auth authHelper = new Auth();
UserLoginResponseModel loginResponseModel = authHelper.login(userLoginRequestModel, out errorModel);
return(loginResponseModel);
}
catch (Exception)
{
return(null);
}
}
public string GenerateJsonWebToken(UserLoginResponseModel userLoginResponseModel)
{
var securityKey = new SymmetricSecurityKey(Encoding.UTF8.GetBytes(Environment.GetEnvironmentVariable("JWT_KEY")));
var credentials = new SigningCredentials(securityKey, SecurityAlgorithms.HmacSha256);
var claims = new[]
{
new Claim(JwtRegisteredClaimNames.Sid, userLoginResponseModel.Id),
};
var token = new JwtSecurityToken(Environment.GetEnvironmentVariable("JWT_ISSUER"),
Environment.GetEnvironmentVariable("JWT_ISSUER"),
claims,
expires: DateTime.Now.AddMinutes(600),
signingCredentials: credentials);
return(new JwtSecurityTokenHandler().WriteToken(token));
}
private async void SendMail(string BODY)
{
string res = await this.http.PostAsync("http://192.168.0.184:5000/email", BODY, "application/json", "POST", token);
UserLoginResponseModel response = JsonConvert.DeserializeObject <UserLoginResponseModel>(res);
if (response.status)
{
MessageBox.Show("Email sent successfuly!");
}
else
{
MessageBox.Show("Error occured!");
}
TitleProductSection.Text = selectedProduct.title;
}
private string GenerateJWT(UserLoginResponseModel model)
{
// we will use the token libraries to create token
var claims = new List <Claim>()
{
new Claim(ClaimTypes.NameIdentifier, model.Id.ToString()),
new Claim(JwtRegisteredClaimNames.Email, model.Email),
new Claim(JwtRegisteredClaimNames.GivenName, model.FirstName),
new Claim(JwtRegisteredClaimNames.FamilyName, model.LastName)
};
// create identity object and store claims
var identityClaims = new ClaimsIdentity();
identityClaims.AddClaims(claims);
// read the secret key from app settings, make sure secret key is unique and not guessable
// In real world we use something like Azure KeyVault to store any secrets of application
var secretKey = _configuration["JwtSettings:SecretKey"];
var securityKey = new SymmetricSecurityKey(Encoding.UTF8.GetBytes(secretKey));
// get the expiration time of the token
var expires = DateTime.UtcNow.AddDays(_configuration.GetValue <int>("JwtSettings:Expiration"));
//pick an hashing algorithm
var credentials = new SigningCredentials(securityKey, SecurityAlgorithms.HmacSha256Signature);
// create the token object that yu will use to create the token that will include all the information such as credentials, claims, expiration time,
var tokenHandler = new JwtSecurityTokenHandler();
var tokenDescriptor = new SecurityTokenDescriptor()
{
Subject = identityClaims,
Expires = expires,
SigningCredentials = credentials,
Issuer = _configuration["JwtSettings:Issuer"],
Audience = _configuration["JwtSettings:Audience"]
};
var encodedJwt = tokenHandler.CreateToken(tokenDescriptor);
return(tokenHandler.WriteToken(encodedJwt));
}
private string CreateJWT(UserLoginResponseModel model)
{
var claims = new List <Claim>()
{
new Claim(ClaimTypes.NameIdentifier, model.Id.ToString()),
new Claim(JwtRegisteredClaimNames.GivenName, model.FirstName),
new Claim(JwtRegisteredClaimNames.FamilyName, model.LastName),
new Claim(JwtRegisteredClaimNames.Email, model.Email)
};
// create identity object and store above claims
var identityClaims = new ClaimsIdentity();
identityClaims.AddClaims(claims);
// read the secret key from the app.settings.json, make sure secret key is unique and non guessable
// In real world we dont store these secret keys in appsettings, we use something like Azure KeyVault
var securityKey = new SymmetricSecurityKey(Encoding.UTF8.GetBytes(_configuration["MovieShopSecretKey"]));
//pick a builtin algorithm for hashing
var credentials = new SigningCredentials(securityKey, SecurityAlgorithms.HmacSha256Signature);
// establish the expiration time for the token
var expires = DateTime.Now.AddDays(_configuration.GetValue <int>("ExpirationDuration"));
var tokenHandler = new JwtSecurityTokenHandler();
// create a object that's gonna store all the above information
var tokenObject = new SecurityTokenDescriptor()
{
Subject = identityClaims,
Expires = expires,
SigningCredentials = credentials,
Issuer = _configuration["MovieShopIssuer"],
Audience = _configuration["MovieShopAudience"]
};
var encodedJwt = tokenHandler.CreateToken(tokenObject);
return(tokenHandler.WriteToken(encodedJwt));
}
public string GenerateJwtToken(UserLoginResponseModel userLoginModel)
{
var claims = new List <Claim>
{
new Claim(ClaimTypes.Email, userLoginModel.Email),
new Claim(ClaimTypes.GivenName, userLoginModel.FirstName),
new Claim(ClaimTypes.Surname, userLoginModel.LastName),
new Claim(ClaimTypes.DateOfBirth, userLoginModel.DateOfBirth.ToString()),
new Claim(ClaimTypes.NameIdentifier, userLoginModel.Id.ToString()),
};
foreach (var role in userLoginModel.Roles)
{
claims.Add(new Claim(ClaimTypes.Role, role.Name));
}
var identityClaims = new ClaimsIdentity();
identityClaims.AddClaims(claims);
var securityKey =
new SymmetricSecurityKey(Encoding.UTF8.GetBytes(_configuration["TokenSettings:PrivateKey"]));
var credentials = new SigningCredentials(securityKey, SecurityAlgorithms.HmacSha256Signature);
var expires = DateTime.UtcNow.AddHours(_configuration.GetValue <double>("TokenSettings:ExpirationHours"));
var tokenHandler = new JwtSecurityTokenHandler();
var tokenObject = new SecurityTokenDescriptor
{
Subject = identityClaims,
Expires = expires,
SigningCredentials = credentials,
Issuer = _configuration["TokenSettings:Issuer"],
Audience = _configuration["TokenSettings:Audience"],
};
var encodedJwt = tokenHandler.CreateToken(tokenObject);
return(tokenHandler.WriteToken(encodedJwt));
}
private async void UserSignIn(string body)
{
string res = await this.http.PostAsync("http://192.168.0.184:5000/user/login", body);
UserLoginResponseModel response = JsonConvert.DeserializeObject <UserLoginResponseModel>(res);
if (response.status)
{
SignInContainer.Visibility = Visibility.Collapsed;
HomeContainer.Visibility = Visibility.Visible;
File.WriteAllText("token.txt", response.token);
SignInSectionUsername.Text = "";
SignInSectionPassword.Password = "";
this.AuthUser(response.token);
}
else
{
MessageBox.Show("User is not valid!");
}
}
public async Task <UserLoginResponseModel> ValidateUser(string email, string password)
{
var user = await _userRepository.GetUserByEmail(email);
if (user == null)
{
return(null);
}
var isSuccess = user.Password == password;
var response = new UserLoginResponseModel
{
Id = user.Id,
Email = user.Email,
FullName = user.FullName,
JoinedOn = user.JoinedOn,
Password = user.Password
};
return(response);
}
//Execute when user login
public async Task <UserLoginResponseModel> ValidateUser(string email, string password)
{
var user = await _userRepository.GetUserByEmail(email);
if (user == null)
{
return(null);
}
var hashedpassword = _cryptoService.HashPassword(password, user.Salt);
var isSuccess = hashedpassword == user.HashedPassword;
var returnedModel = new UserLoginResponseModel
{
Id = user.Id,
Email = user.Email,
FirstName = user.FirstName,
LastName = user.LastName,
DateOfBirth = user.DateOfBirth,
};
return(isSuccess ? returnedModel : null);
}
public string GenerateToken(UserLoginResponseModel user)
{
var claims = new List <Claim>
{
new Claim(ClaimTypes.NameIdentifier, user.Id.ToString()),
// new Claim(JwtRegisteredClaimNames.Birthdate, user.DateOfBirth?.ToShortDateString()),
new Claim(JwtRegisteredClaimNames.GivenName, user.FirstName),
new Claim(JwtRegisteredClaimNames.FamilyName, user.LastName),
new Claim(JwtRegisteredClaimNames.Email, user.Email),
};
if (user.Roles != null)
{
claims.AddRange(user.Roles.Select(role => new Claim(ClaimTypes.Role, role)));
}
var identityClaims = new ClaimsIdentity();
identityClaims.AddClaims(claims);
var securityKey = new SymmetricSecurityKey(Encoding.UTF8.GetBytes(_config["TokenSettings:PrivateKey"]));
var credentials = new SigningCredentials(securityKey, SecurityAlgorithms.HmacSha256Signature);
var expires = DateTime.UtcNow.AddHours(_config.GetValue <double>("TokenSettings:ExpirationHours"));
var tokenHandler = new JwtSecurityTokenHandler();
var tokenDescriptor = new SecurityTokenDescriptor
{
Subject = identityClaims,
Expires = expires,
SigningCredentials = credentials,
Issuer = _config["TokenSettings:Issuer"],
Audience = _config["TokenSettings:Audience"]
};
var encodedJwt = tokenHandler.CreateToken(tokenDescriptor);
return(tokenHandler.WriteToken(encodedJwt));
}
public UserLoginResponseModel Login(string username, string password)
{
var appuser = this._userRepository.GetSingle(s => s.UserName == username, new string[] { "AppRole" });
if (appuser == null || !IdentytiHelper.VerifyHashedPassword(appuser.PassWord, password) || appuser.Lock == true)
{
return(null);
}
var result = new UserLoginResponseModel()
{
UserId = appuser.UserId,
Username = appuser.UserName,
ProviderKey = Guid.NewGuid().ToString(),
Roles = new SelectResponseModel
{
id = appuser.AppRole.Id.ToString(),
text = appuser.AppRole.Name
}
};
return(result);
}
public UserLoginResponseModel ValidateUser(UserLoginModel userLoginModel, string guid)
{
var onlineRequestValidationModel = _tempcartService.ValidateOnlineRequest(guid);
var model = new UserLoginResponseModel()
{
RequestValidationModel = onlineRequestValidationModel
};
if (onlineRequestValidationModel.RequestStatus != OnlineRequestStatus.Valid)
{
return(model);
}
if (!ModelState.IsValid)
{
throw new Exception("Please enter a valid Username/Password!");
}
var isValid = _userLoginRepository.ValidateUser(userLoginModel.UserName, userLoginModel.Password);
if (!isValid)
{
GetLoginFailureMessage(userLoginModel);
}
var userLogin = _userLoginRepository.GetByUserName(userLoginModel.UserName);
var customer = _customerRepository.GetCustomerByUserId(userLogin.Id);
model = new UserLoginResponseModel {
CustomerId = customer.CustomerId, CustomerName = customer.NameAsString, IsValid = true, Message = "", RequestValidationModel = onlineRequestValidationModel
};
return(model);
}
//USER LOGIN
public string LoginUser(string email, string pass)
{
MysqlConnectionProvider dbConnection = new MysqlConnectionProvider();
dbConnection.CreateQuery("SELECT id,pass,isemailverified FROM users WHERE email='" + email + "'");
UserLoginResponseModel userLoginResponseModel = null;
string passFromDb = "";
string isEmailVerified = "";
MySqlDataReader reader = dbConnection.DoQuery();
while (reader.Read())
{
userLoginResponseModel = new UserLoginResponseModel();
userLoginResponseModel.Id = reader["id"].ToString();
passFromDb = reader["pass"].ToString();
isEmailVerified = reader["isemailverified"].ToString();
}
dbConnection.Dispose();
dbConnection = null;
if (userLoginResponseModel != null)
{
if (BCrypt.Net.BCrypt.Verify(pass, passFromDb))
{
if (isEmailVerified == "false")
{
return("Email Not Verified");
}
return(new JwtAuthenticationProvider().GenerateJsonWebToken(userLoginResponseModel));
}
else
{
return("");
}
}
return("");
}
public async Task <UserLoginResponseModel> ValidateUser(string email, string password)
{
var user = await _repository.GetUserByEmail(email);
if (user == null)
{
return(null);
}
var hashedPassword = _cryptoService.HashPasswordWithSalt(password, user.Salt);
if (hashedPassword == user.HashedPassword)
{
var responseUser = new UserLoginResponseModel()
{
Id = user.Id,
Email = user.Email,
FirstName = user.FirstName,
LastName = user.LastName,
DateOfBirth = user.DateOfBirth
};
responseUser.Roles = new List <RoleModel>();
foreach (var role in user.Roles)
{
responseUser.Roles.Add(new RoleModel
{
Id = role.Id,
Name = role.Name
});
}
return(responseUser);
}
return(null);
}
