private SessionInfo GetSession() { var auth = AuthorizationRequestFilterAttribute.GetAuthorization(Request); return(_sessionManager.Sessions.First(i => string.Equals(i.DeviceId, auth.DeviceId) && string.Equals(i.Client, auth.Client) && string.Equals(i.ApplicationVersion, auth.Version))); }
private async Task <AuthenticationResult> AuthenticateUser(AuthenticateUser request) { var user = _userManager.GetUserById(request.Id); if (user == null) { throw new ResourceNotFoundException("User not found"); } var auth = AuthorizationRequestFilterAttribute.GetAuthorization(Request); // Login in the old way if the header is missing if (string.IsNullOrEmpty(auth.Client) || string.IsNullOrEmpty(auth.Device) || string.IsNullOrEmpty(auth.DeviceId) || string.IsNullOrEmpty(auth.Version)) { var success = await _userManager.AuthenticateUser(user, request.Password).ConfigureAwait(false); if (!success) { // Unauthorized throw new UnauthorizedAccessException("Invalid user or password entered."); } return(new AuthenticationResult { User = _dtoService.GetUserDto(user) }); } var session = await _sessionMananger.AuthenticateNewSession(user, request.Password, auth.Client, auth.Version, auth.DeviceId, auth.Device, Request.RemoteIp).ConfigureAwait(false); var result = new AuthenticationResult { User = _dtoService.GetUserDto(user), SessionInfo = _sessionMananger.GetSessionInfoDto(session) }; return(result); }