public async Task <IActionResult> CreateToken([FromBody] LoginModel loginModel)
{
logger.LogInformation(string.Format("Login user : {0}", loginModel.UserName));
if (ModelState.IsValid)
{
ApplicationUser user = null;
//Sign in user id
string signInUser = loginModel.UserName;
if (RegexUtilities.IsValidEmail(signInUser))
{
//First check if emailId exists
user = await userManager.FindByEmailAsync(signInUser).ConfigureAwait(true);
}
else //Not emailId, then find by username.
{
user = await userManager.FindByNameAsync(signInUser).ConfigureAwait(true);
}
if (user == null)
{
return(Unauthorized());
}
signInUser = user?.UserName;
var loginResult = await signInManager.PasswordSignInAsync(signInUser, loginModel.Password, isPersistent : false, lockoutOnFailure : false).ConfigureAwait(true);
if (!loginResult.Succeeded)
{
return(Unauthorized());
}
Person person = personRepository.Find(null, p => p.Id == user.PersonId)?.Items.FirstOrDefault();
string authenticationToken = GetToken(user);
VerifyUserEmailAsync(user);
var agentId = (Guid?)null;
if (person.IsAgent)
{
agentId = agentRepository.Find(null, p => p.Name == user.Name)?.Items?.FirstOrDefault()?.Id;
}
string startsWith = "";
int skip = 0;
int take = 100;
var personOrgs = membershipManager.Search(user.PersonId, startsWith, skip, take);
// Issue #2791 We will disable the need for User Consent for this release.
bool isUserConsentRequired = false; // VerifyUserAgreementConsentStatus(user.PersonId);
var pendingAcessOrgs = membershipManager.PendingOrganizationAccess(user.PersonId);
var newRefreshToken = GenerateRefreshToken();
var authenticatedUser = new
{
personId = user.PersonId,
email = user.Email,
userName = user.UserName,
token = authenticationToken,
refreshToken = newRefreshToken,
user.ForcedPasswordChange,
isUserConsentRequired,
IsJoinOrgRequestPending = (pendingAcessOrgs?.Items?.Count > 0) ? true : false,
myOrganizations = personOrgs?.Items,
agent = agentId
};
//Save refresh token
await userManager.SetAuthenticationTokenAsync(user, userManager.Options.Tokens.AuthenticatorTokenProvider, "refresh", newRefreshToken).ConfigureAwait(false);
try
{
AuditLog auditLog = new AuditLog();
auditLog.ChangedFromJson = null;
auditLog.ChangedToJson = JsonConvert.SerializeObject(authenticatedUser);
auditLog.CreatedBy = user.Email;
auditLog.CreatedOn = DateTime.UtcNow;
auditLog.Id = Guid.NewGuid();
auditLog.IsDeleted = false;
auditLog.MethodName = "Login";
auditLog.ServiceName = this.ToString();
auditLog.Timestamp = new byte[1];
auditLog.ParametersJson = "";
auditLog.ExceptionJson = "";
auditLogRepository.Add(auditLog); //Log entry
}
catch (Exception ex)
{
ModelState.AddModelError("Audit Log", ex.Message);
return(BadRequest());
}
return(Ok(authenticatedUser));
}
return(BadRequest(ModelState));
}