public virtual async Task <ActionResult> Token([FromForm] TokenRequest tokenRequest, CancellationToken cancellationToken)
        {
            if (!tokenRequest.Grant_type.Equals("password", StringComparison.OrdinalIgnoreCase))
            {
                throw new Exception("OAuth flow is not password.");
            }

            //var user = await userRepository.GetByUserAndPass(username, password, cancellationToken);
            var user = await _userManager.FindByNameAsync(tokenRequest.Username);

            if (user == null)
            {
                throw new BadRequestException("نام کاربری یا رمز عبور اشتباه است");
            }

            var isPasswordValid = await _userManager.CheckPasswordAsync(user, tokenRequest.Password);

            if (!isPasswordValid)
            {
                throw new BadRequestException("نام کاربری یا رمز عبور اشتباه است");
            }

            //if (user == null)
            //    throw new BadRequestException("نام کاربری یا رمز عبور اشتباه است");

            var jwt = await _jwtService.GenerateAsync(user);

            return(new JsonResult(jwt));
        }
        public virtual async Task <SignInStatus> PasswordSignIn(string userName, string password, bool isPersistent, bool shouldLockout)
        {
            var user = await _userManager.FindByNameAsync(userName).ConfigureAwait(false);

            if (user == null)
            {
                return(SignInStatus.Failure);
            }
            if (await _userManager.IsLockedOutAsync(user.Id).ConfigureAwait(false))
            {
                return(SignInStatus.LockedOut);
            }
            if (await _userManager.CheckPasswordAsync(user, password).ConfigureAwait(false))
            {
                return(await SignInOrTwoFactor(user, isPersistent).ConfigureAwait(false));
            }
            if (shouldLockout)
            {
                // If lockout is requested, increment access failed count which might lock out the user
                await _userManager.AccessFailedAsync(user.Id).ConfigureAwait(false);

                if (await _userManager.IsLockedOutAsync(user.Id).ConfigureAwait(false))
                {
                    return(SignInStatus.LockedOut);
                }
            }
            return(SignInStatus.Failure);
        }
        public async Task <ApiResult <UserViewModelApi> > SignIn([FromBody] SignInViewModel viewModel)
        {
            if (ModelState.IsValid)
            {
                AppUser user = await _userManager.FindUserWithRolesByNameAsync(viewModel.UserName);

                if (user == null)
                {
                    return(BadRequest(NotificationMessages.UserNotFound));
                }

                bool result = await _userManager.CheckPasswordAsync(user, viewModel.Password);

                if (!result)
                {
                    return(BadRequest(NotificationMessages.InvalidUserNameOrPassword));
                }

                UserViewModelApi userViewModel = await _userManager.FindUserApiByIdAsync(user.Id);

                userViewModel.Image = $"{Request.Scheme}://{Request.Host}{Request.PathBase.Value}/wwwroot/Users/{userViewModel.Image}";
                userViewModel.Token = await _jwtService.GenerateAccessTokenAsync(user);

                return(Ok(userViewModel));
            }

            return(BadRequest(ModelState.GetErrorsModelState()));
        }
예제 #4
0
        public virtual async Task <ApiResult <string> > SignIn([FromBody] SignInBaseViewModel ViewModel)
        {
            var User = await _userManager.FindByNameAsync(ViewModel.UserName);

            if (User == null)
            {
                return(BadRequest("نام کاربری یا کلمه عبور شما صحیح نمی باشد."));
            }
            else
            {
                var result = await _userManager.CheckPasswordAsync(User, ViewModel.Password);

                if (result)
                {
                    return(Ok(await _jwtService.GenerateTokenAsync(User)));
                }
                else
                {
                    return(BadRequest("نام کاربری یا کلمه عبور شما صحیح نمی باشد."));
                }
            }
        }
        public async Task <IHttpActionResult> ProfileUpdate(IdentityUser profile)
        {
            if (!ModelState.IsValid)
            {
                return(BadRequest(ModelState));
            }
            var currentUser = User.Identity.Name;

            var userinfo = await _userManager.FindByNameAsync(currentUser);

            var passwordValidation = await _userManager.CheckPasswordAsync(userinfo, profile.PasswordHash);

            if (passwordValidation)
            {
                var identityUser = new IdentityUser
                {
                    Id            = userinfo.Id,
                    UserName      = userinfo.UserName,
                    Email         = profile.Email,
                    Name          = profile.Name,
                    Company       = profile.Company,
                    PasswordHash  = userinfo.PasswordHash,
                    SecurityStamp = userinfo.SecurityStamp,
                    Roles         = userinfo.Roles,
                    Image         = userinfo.Image,
                };
                var result = await _userManager.UpdateAsync(identityUser);

                if (!result.Succeeded)
                {
                    return(BadRequest(ModelState));
                }
                return(Ok(identityUser));
            }
            return(BadRequest(ModelState));
        }
예제 #6
0
        public async Task <ResponseTokenViewModel> AuthenticateUser(HttpRequest request, RequestTokenViewModel requestToken)
        {
            string ipAddress = _httpContextAccessor.HttpContext.Connection?.RemoteIpAddress.ToString();

            ResponseTokenViewModel responseTokenViewModel = new ResponseTokenViewModel();

            if (requestToken.GrantType == "Password")
            {
                AppUser user = await _userManager.FindUserWithRolesByNameAsync(requestToken.UserName);

                if (user == null)
                {
                    responseTokenViewModel.IsSuccess     = false;
                    responseTokenViewModel.Message       = NotificationMessages.UserNotFound;
                    responseTokenViewModel.ApiStatusCode = ApiResultStatusCode.UnAuthorized;

                    //throw new AppException(ApiResultStatusCode.UnAuthorized, NotificationMessages.UserNotFound, HttpStatusCode.BadRequest);
                }
                else
                {
                    bool result = await _userManager.CheckPasswordAsync(user, requestToken.Password);

                    if (!result)
                    {
                        responseTokenViewModel.IsSuccess     = false;
                        responseTokenViewModel.Message       = NotificationMessages.InvalidUserNameOrPassword;
                        responseTokenViewModel.ApiStatusCode = ApiResultStatusCode.UnAuthorized;
                        // throw new AppException(ApiResultStatusCode.UnAuthorized, NotificationMessages.InvalidUserNameOrPassword, HttpStatusCode.BadRequest);
                    }
                    else
                    {
                        UserViewModelApi userViewModel = await _userManager.FindUserApiByIdAsync(user.Id);

                        userViewModel.Image = $"{request.Scheme}://{request.Host}{request.PathBase.Value}/wwwroot/Users/{userViewModel.Image}";

                        RefreshToken oldRefreshToken = await _refreshTokenService.GetRefreshTokenByUserIdAsync(user.Id);

                        if (oldRefreshToken != null)
                        {
                            await _refreshTokenService.RemoveRefreshTokenAsync(oldRefreshToken);
                        }

                        RefreshToken refreshToken = _refreshTokenService.CreateRefreshToken(_siteSettings.RefreshTokenSetting, user.Id, requestToken.IsRemember, ipAddress);
                        await _refreshTokenService.AddRefreshTokenAsync(refreshToken);

                        responseTokenViewModel.AccessToken = await GenerateAccessTokenAsync(user);

                        responseTokenViewModel.RefreshToken = refreshToken.Value;
                        responseTokenViewModel.User         = userViewModel;
                        responseTokenViewModel.IsSuccess    = true;
                    }
                }
            }
            else if (requestToken.GrantType == "RefreshToken")
            {
                responseTokenViewModel = await GenerateAccessAndRefreshToken(requestToken, ipAddress);
            }
            else
            {
                responseTokenViewModel.IsSuccess     = false;
                responseTokenViewModel.ApiStatusCode = ApiResultStatusCode.NotFound;
                responseTokenViewModel.Message       = NotificationMessages.UserNotFound;
                //throw new AppException(ApiResultStatusCode.BadRequest, NotificationMessages.TargetNotFounded, HttpStatusCode.BadRequest);
            }
            return(responseTokenViewModel);
        }