/// <summary> /// Posts the specified request. /// </summary> /// <param name="request">The request.</param> public object Post(AuthenticateUser request) { // No response needed. Will throw an exception on failure. var result = AuthenticateUser(request).Result; return(result); }
/// <summary> /// Posts the specified request. /// </summary> /// <param name="request">The request.</param> public object Post(AuthenticateUser request) { var user = _userManager.GetUserById(request.Id); if (user == null) { throw new ResourceNotFoundException("User not found"); } return(Post(new AuthenticateUserByName { Username = user.Name, Password = request.Password })); }
/// <summary> /// Posts the specified request. /// </summary> /// <param name="request">The request.</param> public void Post(AuthenticateUser request) { var user = _userManager.GetUserById(request.Id); if (user == null) { throw new ResourceNotFoundException("User not found"); } var success = _userManager.AuthenticateUser(user, request.Password).Result; if (!success) { // Unauthorized throw new UnauthorizedAccessException("Invalid user or password entered."); } }
private async Task <AuthenticationResult> AuthenticateUser(AuthenticateUser request) { var user = _userManager.GetUserById(request.Id); if (user == null) { throw new ResourceNotFoundException("User not found"); } var auth = AuthorizationRequestFilterAttribute.GetAuthorization(Request); // Login in the old way if the header is missing if (string.IsNullOrEmpty(auth.Client) || string.IsNullOrEmpty(auth.Device) || string.IsNullOrEmpty(auth.DeviceId) || string.IsNullOrEmpty(auth.Version)) { var success = await _userManager.AuthenticateUser(user, request.Password).ConfigureAwait(false); if (!success) { // Unauthorized throw new UnauthorizedAccessException("Invalid user or password entered."); } return(new AuthenticationResult { User = _dtoService.GetUserDto(user) }); } var session = await _sessionMananger.AuthenticateNewSession(user, request.Password, auth.Client, auth.Version, auth.DeviceId, auth.Device, Request.RemoteIp).ConfigureAwait(false); var result = new AuthenticationResult { User = _dtoService.GetUserDto(user), SessionInfo = _sessionMananger.GetSessionInfoDto(session) }; return(result); }
/// <summary> /// Posts the specified request. /// </summary> /// <param name="request">The request.</param> public object Post(AuthenticateUser request) { var user = _userManager.GetUserById(request.Id); if (user == null) { throw new ResourceNotFoundException("User not found"); } if (!string.IsNullOrEmpty(request.Password) && string.IsNullOrEmpty(request.Pw)) { throw new MethodNotAllowedException("Hashed-only passwords are not valid for this API."); } return(Post(new AuthenticateUserByName { Username = user.Name, Password = null, // This should always be null Pw = request.Pw })); }
private async Task <AuthenticationResult> AuthenticateUser(AuthenticateUser request) { var user = _userManager.GetUserById(request.Id); if (user == null) { throw new ResourceNotFoundException("User not found"); } var success = await _userManager.AuthenticateUser(user, request.Password).ConfigureAwait(false); if (!success) { // Unauthorized throw new UnauthorizedAccessException("Invalid user or password entered."); } var result = new AuthenticationResult { User = await new UserDtoBuilder(Logger).GetUserDto(user).ConfigureAwait(false) }; return(result); }
/// <summary> /// Posts the specified request. /// </summary> /// <param name="request">The request.</param> public void Post(AuthenticateUser request) { // No response needed. Will throw an exception on failure. var result = AuthenticateUser(request).Result; }