public IActionResult Authenticate([FromBody] UserAuth userAuth) { var token = _jwtAuthenticationManager.Authenticate(userAuth.UserName, userAuth.Password); if (token == null) { return(Unauthorized()); } return(Ok(token)); }
public async Task <IActionResult> LoginAsync([FromBody] UserCred userCred) { var email = userCred.Email; var password = userCred.Password; //validate fields if (email == "" || password == "") { return(NotFound(JsonConvert.SerializeObject("Please enter all fields", Formatting.Indented))); } //validate user var token = jwtAuthenticationManager.Authenticate(email, password); if (token == null) { return(Unauthorized(JsonConvert.SerializeObject("Invalid credentials", Formatting.Indented))); } User user = await UserMethods.getUser(email); tokenObj sendToken = new tokenObj(token); List <object> objects = new List <object>(); user.UserPassword = null; objects.Add(sendToken); objects.Add(user); return(Ok(JsonConvert.SerializeObject(objects, Formatting.Indented))); }
public AuthenticationResponse Refresh(RefreshCred refreshCred) { var tokenHandler = new JwtSecurityTokenHandler(); SecurityToken validatedToken; var pricipal = tokenHandler.ValidateToken(refreshCred.JwtToken, new TokenValidationParameters { ValidateIssuerSigningKey = true, IssuerSigningKey = new SymmetricSecurityKey(key), ValidateIssuer = false, ValidateAudience = false, ValidateLifetime = false //here we are saying that we don't care about the token's expiration date }, out validatedToken); var jwtToken = validatedToken as JwtSecurityToken; if (jwtToken == null || !jwtToken.Header.Alg.Equals(SecurityAlgorithms.HmacSha256, StringComparison.InvariantCultureIgnoreCase)) { throw new SecurityTokenException("Invalid token passed!"); } var userName = pricipal.Identity.Name; if (refreshCred.RefreshToken != jWTAuthenticationManager.UsersRefreshTokens[userName]) { throw new SecurityTokenException("Invalid token passed!"); } return(jWTAuthenticationManager.Authenticate(userName, pricipal.Claims.ToArray())); }
public IActionResult Authenticate(string name, string password) { var token = jWTAuthenticationManager.Authenticate(name, password); if (token == null) { return(Unauthorized()); } return(Ok(token)); }
public IActionResult Authenticate([FromBody] UserCred userCred) { var token = jWTAuthenticationManager.Authenticate(userCred.Username, userCred.Password); if (token == null) { return(Unauthorized()); } return(Ok(token)); }
public IActionResult Authenticate(User user) { var token = _authenticationManager.Authenticate(user); if (token != null) { return(Ok(token)); } return(Unauthorized()); }
public IActionResult Authenticate([FromBody] LoginDetails login) { var token = jWTAuthenticationManager.Authenticate(login.UserName, login.Password); if (token == null) { return(Unauthorized()); } return(Ok(token)); }
public IActionResult Authenticate([FromBody] UserDTO user) { var token = jWTAuthenticationManager.Authenticate(user.username, user.Password).ToString(); if (token == null) { return(Unauthorized()); } return(Ok(token)); }
public IActionResult Authenticate(UserCredentialDto userCredentialDto) { var token = _jWTAuthenticationManager.Authenticate(userCredentialDto.UserName, userCredentialDto.Password); if (token != null) { return(Ok(token)); } return(Unauthorized()); }
public ActionResult Authenticate(UserCred userCred) { var token = _jwtAuthenticationManager.Authenticate(userCred.Username, userCred.Password); if (token == null) { logger.Info("Unauthorised attempt!"); return(Unauthorized()); } logger.Info("sign in successful"); return(Ok(token)); }
public IActionResult Authenticate(AuthenticateRequest model) { var response = _JWTAuthenticationManager.Authenticate(model, ipAddress()); System.Threading.Thread.Sleep(2000); if (response == null) { return(BadRequest(new { message = "Username or password is incorrect" })); } setTokenCookie(response.RefreshToken); HttpContext.Session.SetString(response.Username, response.RefreshToken); return(Ok(response)); }
public ActionResult <AccessToken> Authenticate([FromBody] TokenRequest apiKey) { var token = _authManager.Authenticate(apiKey.ApiKey); if (token == null) { return(Unauthorized()); } var jwt = new AccessToken { Token = token, Expires = DateTime.UtcNow.AddHours(1) }; return(Ok(jwt)); }
public ActionResult Login([FromBody] User user) { var existingUser = _userService.GetUser(user.UserName, user.Password); if (existingUser == null) { return(Unauthorized()); } var token = _jWTAuthenticationManager.Authenticate(user.UserName); if (token == null) { return(Unauthorized()); } return(Ok(token)); }
public AuthenticateResponse Refresh(RefreshCred refreshCred, string ipAddress) { var tokenHandler = new JwtSecurityTokenHandler(); var key = Encoding.ASCII.GetBytes(_appSettings.Secret); var pricipal = tokenHandler.ValidateToken(refreshCred.JwtToken, new Microsoft.IdentityModel.Tokens.TokenValidationParameters { ValidateIssuerSigningKey = true, IssuerSigningKey = new SymmetricSecurityKey(key), ValidateIssuer = false, ValidateAudience = false, ValidateLifetime = false //here we are saying that we don't care about the token's expiration date // set clockskew to zero so tokens expire exactly at token expiration time (instead of 5 minutes later) // ClockSkew = TimeSpan.Zero }, out SecurityToken validatedToken); var jwtToken = validatedToken as JwtSecurityToken; var lifeTime = new JwtSecurityTokenHandler().ReadToken(refreshCred.JwtToken).ValidTo; if (jwtToken == null || !jwtToken.Header.Alg.Equals(SecurityAlgorithms.HmacSha256, StringComparison.InvariantCultureIgnoreCase)) { throw new SecurityTokenException("Invalid token passed"); } var userName = pricipal.Identity.Name; var userId = Convert.ToInt32(pricipal.FindFirst("id").Value); var Users = userBs.GetAll(); var user = Users.SingleOrDefault(x => x.Id == userId); var sessionrefreshtoken = user?.RefreshTokens?.Where(x => x.Token.Trim().Equals(refreshCred?.RefreshToken?.Trim()))?.FirstOrDefault()?.Token; //_session?.GetString(userName)?.ToString(); if (sessionrefreshtoken == null) { throw new SecurityTokenException("Invalid token passed!"); } ///jWTAuthenticationManager.UsersRefreshTokens[userName] need to fix why not working //if ( user.RefreshTokens.Single(x => x.Token.Trim().Equals(refreshCred.RefreshToken.Trim()) //{ // // throw new SecurityTokenException("Invalid token passed!") //} return(jWTAuthenticationManager.Authenticate(userName, pricipal.Claims.ToArray(), ipAddress, refreshCred)); }
public async Task <IActionResult> AuthenticateAsync([FromBody] AuthenticateRequest model) { var response = _userService.Authenticate(model); try { var users = await _userManager.FindByNameAsync(model.Username); if (users == null) { return(NotFound()); } if (response == null) { users.AccessFailedCount = users.AccessFailedCount + 1; await _userManager.UpdateAsync(users); _logger.LogWarning("Username or password is incorrect"); return(BadRequest(new { message = "Username or password is incorrect" })); } var accessCountMaxx = "3"; int accessCountMax = Int32.Parse(accessCountMaxx); if (users.AccessFailedCount > accessCountMax) { _ = users.LockoutEnabled = true; await _userManager.UpdateAsync(users); _logger.LogWarning("User account locked out."); return(BadRequest(new { message = "User account locked out." })); } } catch (IOException e) { Console.WriteLine($"Username or password is incorrect: '{e}'"); } _logger.LogInformation("User logged in."); return(Ok(response)); }
public ActionResult LoginUser([FromBody] LoginUserModel userModel) { User user = dbcontext.User.Where(x => x.Email == userModel.Email).FirstOrDefault(); if (user == null) { Object response = new { message = "User does not exit", code = HttpStatusCode.NoContent }; return(Content(JsonConvert.SerializeObject(response))); } using (MD5 md5Hash = MD5.Create()) { string password = MD5Hash.GetMd5Hash(md5Hash, userModel.Password); if (user.Password == password) { string token = jWTAuthenticationManager.Authenticate(user.FirstName); Object response = new { token = token, user = user, code = HttpStatusCode.OK }; return(Content(JsonConvert.SerializeObject(response))); } else { Object response = new { message = "Password Incorrect", code = HttpStatusCode.NoContent }; return(Content(JsonConvert.SerializeObject(response))); } } }
public string GenerateToken() { var token = jWTAuthenticationManager.Authenticate("Authorized", "Admin0@123"); return(token); }
//-------------------------------------------------------------------------------------------------- //FUNCION QUE ACTUALIZARA LA INFORMACION DE UN USUARIO CUANDO SE REALICE EL LLAMADO DESDE //LA PAGINA "PaginaConsultaTableros" DE LA APLICACION "Mtto App". EN ESTA FUNCION SE RECIBEN //LOS PARAMETROS: // -username: PARAMETRO ENVIADO EN EL URL DE LA SOLICITUD (username=<username> || USERNAME=<username>) // -password: PARAMETRO ENVIADO EN EL URL DE LA SOLICITUD (password=<password> || PASSWORD=<password>) //-------------------------------------------------------------------------------------------------- public async Task <IActionResult> LogInRequest([FromBody] LogInRequest request) { //SE CREA E INICIALIZA LA VARIABLE QUE SE RETORNARA SI TODAS LAS CONDICIONES SE CUMPLEN LogInResponse response = null; //SE EVALUA QUE EXISTA UN NOMBRE DE USUARIO QUE OBEDESCA AL NOMBRE DE USUARIO if (this._context.Usuarios.Any (x => x.Username.ToLower() == request.Username.ToLower())) //=> true => EXISTE UN REGISTRO EN LA TABLA USUARIOS QUE RESPONDE AL // NOMBRE DE USUARIO ENVIADO COMO PARAMETRO. { //SI EXISTE, SE OBTIENE TODA LA INFORMACION DE DICHO REGISTRO Y SE ALMACENA EN UNA VARIABLE DEL TIPO USUARIO Usuarios usuario = this._context.Usuarios.First //=> METODO QUE RETORNA EL PRIMER REGISTRO QUE COINCIDA (x => x.Username.ToLower() == request.Username.ToLower()); //CON LA COMPARACION DE NOMBRE DE USUARIOS //SE COMPARA QUE LA PROPIEDAD DEL OBJETO usuario (OBJETO QUE CONTIENE TODA LA INFORMACION DE USUARIO //QUE DESEA INGRESAR) CON EL PARAMETRO "password" if (usuario.Password == request.Password) //=> true => LA CONTRASEÑA ENVIADA ES CORRECTA { //SE INICIA LA TRANSACCION CON LA BASE DE DATOS using (var transaction = this._context.Database.BeginTransaction()) { //SE INICIA LA TRANSACCIONES CON LA BASE DE DATOS try { //-------------------------------------------------------------------------------------------- //SE BUSCA LA INFORMACION PERSONAL DEL USUARIO QUE DESEA INGRESAR var persona = await this._context.Personas.FindAsync(usuario.Cedula); //-------------------------------------------------------------------------------------------- //SE EVALUA SI SE OBTUVO UN REGISTRO DE LA BUSQUEDA ANTERIOR if (persona != null) { //DE EXISTIR SE DESECHA LA ENTIDAD RETENIDA this._context.Entry(persona).State = EntityState.Detached; } //-------------------------------------------------------------------------------------------- //SE CREA E INICIALIZA UN OBJETO DEL TIPO "InformacionGeneral" (OBJETO QUE RETORNARA TODA LA //INFORMACION DEL USUARIO QUE DESEA INGRESAR) var fullinfo = InformacionGeneral.NewInformacionGeneral(persona, usuario); //-------------------------------------------------------------------------------------------- //SE CREA E INICALIZA UN OBJETO DEL TIPO "UltimaConexion" var ultimaconexion = new Ultimaconexion().NewUltimaConexion(persona, usuario); //-------------------------------------------------------------------------------------------- //SE AÑADE A LA TABLAS "UltimaConexion" EL NUEVO REGISTRO this._context.Ultimaconexion.Add(ultimaconexion); //SE REGISTRA/AÑADE EN LA BASE DE DATOS this._context.Entry(ultimaconexion).State = EntityState.Added; //SE CAMBIA EL ESTADO DE LA ENTIDAD RETENIDA //-------------------------------------------------------------------------------------------- //SE CREA E INICIALIZA UNA LISTA DE OBJETOS "UltimaConexion" List <Ultimaconexion> lista = new List <Ultimaconexion>(); //SE LLENA LA LISTA PREVIAMENTE CREADA CON TODOS LOS REGISTROS DE CONEXION DEL USUARIO QUE DESEA INGRESAR foreach (Ultimaconexion y in this._context.Ultimaconexion.ToList()) { //SE EVAUA CADA UNO DE LOS REGISTROS DE LA LISTA Y SE COMPARA SI EL PARAMETRO UserId //DEL REGISTRO ES IGUAL AL ID (CEDULA) DEL USUARIO QUE ESTA INGRESANDO if (y.UserId == persona.Cedula) { //SE AÑADE A LA LISTA EL REGISTRO. lista.Add(y); } } //-------------------------------------------------------------------------------------------- //SE CREA UN NUEVO REGISTRO DE SOLICITUDES WEB Y SE AÑADE A LA TABLA "HistorialSolicitudesWeb" Historialsolicitudesweb solicitudweb = Historialsolicitudesweb.NewHistorialSolocitudesWeb(fullinfo.Usuario.Cedula, 0); //-------------------------------------------------------------------------------------------- //SE REGISTRA/AÑADE UN NUEVO REGISTRO DE SOLICITUDES WEB this._context.Historialsolicitudesweb.Add(solicitudweb); this._context.Entry(solicitudweb).State = EntityState.Added; //-------------------------------------------------------------------------------------------- //SE RETORNA EL TOKEN GENERADO LUEGO DE LA AUTENTICACION string token = jwtauthenticationManager.Authenticate(request); //-------------------------------------------------------------------------------------------- //SE EVALUA CUANTOS REGISTROS SE ACUMULARON EN LA LISTA "lista" //MAS DE UN REGISTRO if (lista.Count > 0) { //SE ENVIA LA INFORMACION DEL USUARIO Y EL PENULTIMO REGISTRO (ULTIMA CONEXION PREVIA A LA ACTUAL) response = LogInResponse.NewLogInResponse(fullinfo, lista[lista.Count - 1].UltimaConexion1, token); } if (lista.Count == 0) { //SE ENVIA LA INFORMACION DEL USUARIO Y EL ULTIMO REGISTRO (CONEXION ACTUAL) response = LogInResponse.NewLogInResponse(fullinfo, ultimaconexion.UltimaConexion1, token); } //-------------------------------------------------------------------------------------------- //SE GUARDAN LOS CAMBIOS REALIZADOS SOBRE LA BASE DE DATOS await this._context.SaveChangesAsync(); //SE CULMINA LA TRANSACCION CON LA BASE DE DATOS await transaction.CommitAsync(); } //SI OCURRE ALGUNA EXCEPCION EN EL PROCESO DE LECTURA Y ESCRITURA DE LA BASE DE DATOS EL CODIGO //SE REDIRIGE A LA SECCION CATCH DEL CICLO TRY...CATCH catch (Exception ex) when(ex is DbUpdateException || ex is DbUpdateConcurrencyException) { Console.WriteLine("\n================================================="); Console.WriteLine("================================================="); Console.WriteLine("\nHa ocurrico un error:\n" + ex.Message.ToString()); Console.WriteLine("================================================="); Console.WriteLine("=================================================\n"); //SE RETONA LA RESPUESTA "BadRequest" JUNTO CON UN MENSAJE INFORMANDO SOBRE EL ERROR return(BadRequest("\nHa ocurrico un error, intentelo nuevamente")); } } } else { //SI EL NOMBRE DE USUARIO CONICIDE PERO LA CONTRASEÑA NO SE RETORNA UN BADREQUEST return(BadRequest("Contraseña incorrecta")); } } else { //SI EL NOMBRE DE USUARIO NO CONIDIDE SE RETORNA UN NOT FOUND return(NotFound("Nombre de usuario no encontrado")); } //SE RETORNA EL CODIGO 200 OK JUNTO CON TODA LA INFORMACION DEL USUARIO return(Ok(response)); }