private async Task <ServiceResult> ValidateUserToken(long userid, string access_token, string refresh_token)
{
ServiceResult response = new ServiceResult(false, "");
ServiceResult <IEnumerable <UserTokenBo> > userTokenResult = await serviceManager.UserToken_Service.GetAsync(
filter : (x => x.UserId == userid && x.RefreshToken == refresh_token),
orderBy : (x => x.OrderByDescending(x => x.ExpiryDate)));
if (!userTokenResult.Success || userTokenResult.Data == null || userTokenResult.Data.FirstOrDefault() == null)
{
response = new ServiceResult(false, "Refresh token not found!");
return(response);
}
UserTokenBo userTokenBo = userTokenResult.Data.FirstOrDefault();
if (userTokenBo.ExpiryDate < DateTime.UtcNow)
{
response = new ServiceResult(false, "Refresh token expired!");
return(response);
}
if (userTokenBo.IsLogout)
{
response = new ServiceResult(false, "Refresh token logouted!");
return(response);
}
if (userTokenBo.AccessToken != access_token)
{
response = new ServiceResult(false, "Access token mismatch!");
return(response);
}
response = new ServiceResult(true, "");
return(response);
}
public async Task <GenericResponse> Put(long id, UserTokenDto dto)
{
if (id != dto.Id)
{
return(GenericResponse.Error(ResultType.Error, "Ids are mismatch!", "RT_PT_01", StatusCodes.Status500InternalServerError));
}
try
{
UserTokenBo bo = UserTokenBo.ConvertToBusinessObject(dto);
ServiceResult serviceResult = await serviceManager.UserToken_Service.UpdateAsync(id, bo);
if (serviceResult.Success)
{
await serviceManager.CommitAsync();
return(GenericResponse.Ok());
}
else
{
return(GenericResponse.Error(ResultType.Error, serviceResult.Error, "RT_PT_02", StatusCodes.Status500InternalServerError));
}
}
catch (Exception ex)
{
Log(ex.Message, LogLevel.Error, this.ControllerContext.RouteData.Values);
return(GenericResponse.Error(ResultType.Error, ex.Message, "RT_PT_03", StatusCodes.Status500InternalServerError));
}
}
public async Task <GenericResponse> Logout()
{
try{
Claim claim = null;
long userTokenId = 0;
string access_token = "";
IHttpContextAccessor httpContextAccessor = (IHttpContextAccessor)serviceManager.serviceContext.Items["IHttpContextAccessor"];
if (httpContextAccessor != null && httpContextAccessor.HttpContext != null && httpContextAccessor.HttpContext.User != null)
{
claim = httpContextAccessor.HttpContext.User.Claims.FirstOrDefault(c => c.Type == "utid");
if (claim != null)
{
if (!long.TryParse(claim.Value, out userTokenId))
{
userTokenId = 0;
}
}
}
if (userTokenId == 0)
{
access_token = serviceManager.serviceContext.Items["Token"].ToString();
if (string.IsNullOrEmpty(access_token))
{
return(GenericResponse.Error(ResultType.Error, "Token not found into the request!", "U_LO_01", StatusCodes.Status404NotFound));
}
}
UserTokenBo userTokenBo = null;
ServiceResult <IEnumerable <UserTokenBo> > result = null;
if (userTokenId > 0)
{
result = await serviceManager.UserToken_Service.GetAsync(
filter : (rt => rt.Id == userTokenId && rt.UserId == this.currentUserId),
orderBy : (rt => rt.OrderByDescending(x => x.ExpiryDate)));
}
else
{
result = await serviceManager.UserToken_Service.GetAsync(
filter : (rt => rt.AccessToken == access_token && rt.UserId == this.currentUserId),
orderBy : (rt => rt.OrderByDescending(x => x.ExpiryDate)));
}
if (!result.Success)
{
return(GenericResponse.Error(ResultType.Error, "User Token Not Found!", "U_LO_02", StatusCodes.Status404NotFound));
}
userTokenBo = result.Data.FirstOrDefault();
userTokenBo.LogoutTime = DateTime.Now;
userTokenBo.IsLogout = true;
await serviceManager.UserToken_Service.UpdateAsync(userTokenBo.Id, userTokenBo);
return(GenericResponse.Ok());
}
catch (Exception ex) {
return(GenericResponse.Error(ResultType.Error, ex.Message, "U_LO_03", StatusCodes.Status500InternalServerError));
}
}
public void OnAuthorization(AuthorizationFilterContext context)
{
var user = context.HttpContext.User;
if (!user.Identity.IsAuthenticated)
{
// it isn't needed to set unauthorized result
// as the base class already requires the user to be authenticated
// this also makes redirect to a login page work properly
// context.Result = new UnauthorizedResult();
return;
}
try
{
long userTokenId = 0;
Claim claim = user.Claims.FirstOrDefault(x => x.Type == "utid");
if (claim == null || !long.TryParse(claim.Value, out userTokenId))
{
context.Result = new JsonResult(new { message = "User Token Id Not Found!" })
{
StatusCode = StatusCodes.Status401Unauthorized
};
return;
}
UserTokenBo userTokenBo = null;
ServiceResult <UserTokenBo> result = serviceManager.UserToken_Service.GetByIdAsync(userTokenId).Result;
if (!result.Success)
{
context.Result = new JsonResult(new { message = "User Token Not Found!" })
{
StatusCode = StatusCodes.Status401Unauthorized
};
return;
}
userTokenBo = result.Data;
if (userTokenBo.IsLogout)
{
context.Result = new JsonResult(new { message = "Token Expired!" })
{
StatusCode = StatusCodes.Status401Unauthorized
};
return;
}
}
catch (Exception ex)
{
context.Result = new JsonResult(new { message = ex.Message })
{
StatusCode = StatusCodes.Status500InternalServerError
};
return;
}
}
private UserTokenBo GenerateUserToken(UserBo userBo)
{
UserTokenBo userToken = new UserTokenBo();
userToken.UserId = userBo.Id;
userToken.LoginTime = DateTime.UtcNow;
// Token Life Time Setting
int tokenLifeTimeSec = (userBo.UserType != null && userBo.UserType.TokenLifeTime > 0) ? userBo.UserType.TokenLifeTime : 60;
DateTime dtimeTokenLife = DateTime.UtcNow.AddSeconds(tokenLifeTimeSec);
userToken.ExpiryDate = dtimeTokenLife;
return(userToken);
}
private async Task <ServiceResult <TokenResponseDto> > GetTokenResponseAsync(UserBo user)
{
string accessToken = "";
string refreshToken = GenerateRefreshToken();
ServiceResult <TokenResponseDto> response = null;
UserTokenBo userTokenBo = GenerateUserToken(user);
userTokenBo.RefreshToken = refreshToken;
userTokenBo.AccessToken = "";
ServiceResult <UserTokenBo> userTokenResult = await serviceManager.UserToken_Service.CreateAsync(userTokenBo);
if (!userTokenResult.Success)
{
response = new ServiceResult <TokenResponseDto>(null, false, "User Token Create Failed!");
return(response);
}
userTokenBo = userTokenResult.Data;
try
{
//sign your token here here..
accessToken = GenerateAccessToken(userTokenBo.Id, user);
}
catch (Exception ex)
{
response = new ServiceResult <TokenResponseDto>(null, false, "Token Create Failed! " + (ex.Message));
return(response);
}
userTokenBo.AccessToken = accessToken;
await serviceManager.UserToken_Service.UpdateAsync(userTokenBo.Id, userTokenBo);
await serviceManager.UserLogin_Service.CreateAsync(new UserLoginBo()
{
UserId = user.Id, LoginTime = DateTime.UtcNow
});
TokenResponseDto tokenResponseDto = UserBo.ConvertToTokenResponseDto(user);
tokenResponseDto.AccessToken = accessToken;
tokenResponseDto.RefreshToken = refreshToken;
response = new ServiceResult <TokenResponseDto>(tokenResponseDto, true, "");
return(response);
}
public async Task <GenericResponse <UserTokenDto> > Get(long id)
{
UserTokenBo bo = null;
ServiceResult <UserTokenBo> result = await serviceManager.UserToken_Service.GetByIdAsync(id);
if (result.Success)
{
bo = result.Data;
}
else
{
Log(result.Error, LogLevel.Error, this.ControllerContext.RouteData.Values);
}
if (bo == null)
{
return(GenericResponse <UserTokenDto> .Error(ResultType.Error, "User Not Found!", "RT_G_01", StatusCodes.Status404NotFound));
}
return(GenericResponse <UserTokenDto> .Ok(UserTokenBo.ConvertToDto(bo)));
}
public async Task <GenericResponse <UserTokenDto> > Post([FromBody] UserTokenDto dto)
{
UserTokenBo bo = UserTokenBo.ConvertToBusinessObject(dto);
ServiceResult <UserTokenBo> result = await serviceManager.UserToken_Service.CreateAsync(bo);
if (result.Success)
{
bo = result.Data;
await serviceManager.CommitAsync();
}
else
{
return(GenericResponse <UserTokenDto> .Error(ResultType.Error, result.Error, "RT_PST_01", StatusCodes.Status500InternalServerError));
}
if (bo == null)
{
return(GenericResponse <UserTokenDto> .Error(ResultType.Error, "NOt Found!", "RT_PST_02", StatusCodes.Status404NotFound));
}
return(GenericResponse <UserTokenDto> .Ok(UserTokenBo.ConvertToDto(bo)));
}
