public ActionResult Login(LoginViewModel vm) { var customerService = _uow.GetRepository<Customer>(); var tokenService = _uow.GetRepository<ApiToken>(); var success = WebSecurity.Login(vm.EmailAddress, vm.Password); var user = new Customer(); if (!success) return Json(user); var userId = WebSecurity.GetUserId(vm.EmailAddress); user = customerService.GetById(userId); var token = new ApiToken { Key = HashSecurity.GenerateAppSecret(), UserId = user.Id, Created = DateTime.Now, ValidUntil = DateTime.Now.AddDays(30), ExplicitExpirationDate = null }; tokenService.InsertOrUpdate(token); _uow.SaveChanges(); return Json(new {user, token}); }
public ActionResult ValidateToken(string token) { var tokenService = _uow.GetRepository<ApiToken>(); var customerService = _uow.GetRepository<Customer>(); var user = new Customer(); var foundToken = tokenService.Query() .FirstOrDefault(t => t.Key == token); var isValid = foundToken != null && !foundToken.ExplicitExpirationDate.HasValue && foundToken.ValidUntil > DateTime.Now; if (isValid) { user = customerService.GetById(foundToken.UserId); } return Json(new { isValid, user, token = foundToken }); }