public async Task <IActionResult> RequestToken(RequestTokenDto dto)
{
_logger.LogInformation("Requesting user token for user {Email}", dto?.Email);
if (!await _userService.ValidateUserPassword(dto.Email, dto.Password))
{
_logger.LogWarning("Username or password is invalid");
return(BadRequest("Username or password is invalid"));
}
var user = await _userService.GetUser(dto.Email);
if (!user.IsActive)
{
_logger.LogWarning("User is suspended");
return(BadRequest("User is suspended"));
}
var userRole = await _userService.GetUserRole(dto.Email);
var userProjects = await GetUserProjects(dto.Email);
var tokenKey = _configuration["Security:Tokens:Key"];
var tokenIssuer = _configuration["Security:Tokens:Issuer"];
var tokenAudience = _configuration["Security:Tokens:Audience"];
var token = AuthorizationToken.GenerateToken(user.Id, dto.Email, userRole, userProjects, tokenKey, tokenIssuer,
tokenAudience);
return(Ok(token));
}
public async Task <IActionResult> RefreshToken()
{
var userId = User.GetUserId();
_logger.LogRequest("Refreshing user token for user {userId}", userId);
var user = await _userService.GetUserById(userId);
if (!user.IsActive)
{
_logger.LogWarning("User is suspended");
return(BadRequest("User is suspended"));
}
var userRole = await _userService.GetUserRole(user.UserName);
var userProjects = await GetUserProjects(user.UserName);
var tokenKey = _configuration["Security:Tokens:Key"];
var tokenIssuer = _configuration["Security:Tokens:Issuer"];
var tokenAudience = _configuration["Security:Tokens:Audience"];
var token = AuthorizationToken.GenerateToken(user.Id, user.UserName, user.FirstName, user.LastName,
userRole, userProjects, tokenKey, tokenIssuer, tokenAudience);
_logger.LogRequest("Refreshed token for user {userId} retrieved", userId);
return(Ok(token));
}
public async Task <IActionResult> RefreshToken()
{
var user = await _userService.GetUser(User.Identity.Name);
if (!user.IsActive)
{
_logger.LogWarning("User is suspended");
return(BadRequest("User is suspended"));
}
var userRole = await _userService.GetUserRole(user.Email);
var userProjects = await GetUserProjects(user.Email);
var tokenKey = _configuration["Security:Tokens:Key"];
var tokenIssuer = _configuration["Security:Tokens:Issuer"];
var tokenAudience = _configuration["Security:Tokens:Audience"];
var token = AuthorizationToken.GenerateToken(user.Id, user.Email, user.FirstName, user.LastName,
userRole, userProjects, tokenKey, tokenIssuer, tokenAudience);
return(Ok(token));
}
public async Task <IActionResult> RequestToken(RequestTokenDto dto)
{
_logger.LogRequest("Requesting user token for user {UserName}", dto?.UserName);
var signInResult = await _userService.ValidateUserPassword(dto.UserName, dto.Password);
if (!signInResult.Succeeded)
{
if (signInResult.RequiresTwoFactor && _applicationSetting.EnableTwoFactorAuth)
{
if (!string.IsNullOrEmpty(dto.AuthenticatorCode))
{
var twoFactorResult = await _userService.VerifyTwoFactorToken(dto.UserName, dto.AuthenticatorCode);
if (!twoFactorResult)
{
return(BadRequest("Authenticator Code is not correct"));
}
}
else if (!string.IsNullOrEmpty(dto.RecoveryCode))
{
var recoveryResult = await _userService.RedeemTwoFactorRecoveryCode(dto.UserName, dto.RecoveryCode);
if (!recoveryResult)
{
return(BadRequest("Recovery Code is not correct"));
}
}
else
{
return(Accepted("/account/token", TokenResponses.RequiresTwoFactor));
}
}
else if (!signInResult.RequiresTwoFactor)
{
_logger.LogWarning("Username or password is invalid. Username: {UserName}", dto?.UserName);
return(BadRequest("Username or password is invalid"));
}
}
var user = await _userService.GetUser(dto.UserName);
if (!user.IsActive)
{
_logger.LogWarning("User is suspended");
return(BadRequest("User is suspended"));
}
var userRole = await _userService.GetUserRole(dto.UserName);
var userProjects = await GetUserProjects(dto.UserName);
var tokenKey = _configuration["Security:Tokens:Key"];
var tokenIssuer = _configuration["Security:Tokens:Issuer"];
var tokenAudience = _configuration["Security:Tokens:Audience"];
var token = AuthorizationToken.GenerateToken(user.Id, user.UserName, user.FirstName, user.LastName,
userRole, userProjects, tokenKey, tokenIssuer, tokenAudience);
_logger.LogResponse("Token for user {UserName} retrieved", dto?.UserName);
return(Ok(token));
}
