public IActionResult Authenticate([FromBody] UserAuth userAuth)
{
var token = _jwtAuthenticationManager.Authenticate(userAuth.UserName, userAuth.Password);
if (token == null)
{
return(Unauthorized());
}
return(Ok(token));
}
public async Task <IActionResult> LoginAsync([FromBody] UserCred userCred)
{
var email = userCred.Email;
var password = userCred.Password;
//validate fields
if (email == "" || password == "")
{
return(NotFound(JsonConvert.SerializeObject("Please enter all fields", Formatting.Indented)));
}
//validate user
var token = jwtAuthenticationManager.Authenticate(email, password);
if (token == null)
{
return(Unauthorized(JsonConvert.SerializeObject("Invalid credentials", Formatting.Indented)));
}
User user = await UserMethods.getUser(email);
tokenObj sendToken = new tokenObj(token);
List <object> objects = new List <object>();
user.UserPassword = null;
objects.Add(sendToken);
objects.Add(user);
return(Ok(JsonConvert.SerializeObject(objects, Formatting.Indented)));
}
public AuthenticationResponse Refresh(RefreshCred refreshCred)
{
var tokenHandler = new JwtSecurityTokenHandler();
SecurityToken validatedToken;
var pricipal = tokenHandler.ValidateToken(refreshCred.JwtToken,
new TokenValidationParameters
{
ValidateIssuerSigningKey = true,
IssuerSigningKey = new SymmetricSecurityKey(key),
ValidateIssuer = false,
ValidateAudience = false,
ValidateLifetime = false //here we are saying that we don't care about the token's expiration date
}, out validatedToken);
var jwtToken = validatedToken as JwtSecurityToken;
if (jwtToken == null || !jwtToken.Header.Alg.Equals(SecurityAlgorithms.HmacSha256, StringComparison.InvariantCultureIgnoreCase))
{
throw new SecurityTokenException("Invalid token passed!");
}
var userName = pricipal.Identity.Name;
if (refreshCred.RefreshToken != jWTAuthenticationManager.UsersRefreshTokens[userName])
{
throw new SecurityTokenException("Invalid token passed!");
}
return(jWTAuthenticationManager.Authenticate(userName, pricipal.Claims.ToArray()));
}
public IActionResult Authenticate(string name, string password)
{
var token = jWTAuthenticationManager.Authenticate(name, password);
if (token == null)
{
return(Unauthorized());
}
return(Ok(token));
}
public IActionResult Authenticate([FromBody] UserCred userCred)
{
var token = jWTAuthenticationManager.Authenticate(userCred.Username, userCred.Password);
if (token == null)
{
return(Unauthorized());
}
return(Ok(token));
}
public IActionResult Authenticate(User user)
{
var token = _authenticationManager.Authenticate(user);
if (token != null)
{
return(Ok(token));
}
return(Unauthorized());
}
public IActionResult Authenticate([FromBody] LoginDetails login)
{
var token = jWTAuthenticationManager.Authenticate(login.UserName, login.Password);
if (token == null)
{
return(Unauthorized());
}
return(Ok(token));
}
public IActionResult Authenticate([FromBody] UserDTO user)
{
var token = jWTAuthenticationManager.Authenticate(user.username, user.Password).ToString();
if (token == null)
{
return(Unauthorized());
}
return(Ok(token));
}
public IActionResult Authenticate(UserCredentialDto userCredentialDto)
{
var token = _jWTAuthenticationManager.Authenticate(userCredentialDto.UserName, userCredentialDto.Password);
if (token != null)
{
return(Ok(token));
}
return(Unauthorized());
}
public ActionResult Authenticate(UserCred userCred)
{
var token = _jwtAuthenticationManager.Authenticate(userCred.Username, userCred.Password);
if (token == null)
{
logger.Info("Unauthorised attempt!");
return(Unauthorized());
}
logger.Info("sign in successful");
return(Ok(token));
}
public IActionResult Authenticate(AuthenticateRequest model)
{
var response = _JWTAuthenticationManager.Authenticate(model, ipAddress());
System.Threading.Thread.Sleep(2000);
if (response == null)
{
return(BadRequest(new { message = "Username or password is incorrect" }));
}
setTokenCookie(response.RefreshToken);
HttpContext.Session.SetString(response.Username, response.RefreshToken);
return(Ok(response));
}
public ActionResult <AccessToken> Authenticate([FromBody] TokenRequest apiKey)
{
var token = _authManager.Authenticate(apiKey.ApiKey);
if (token == null)
{
return(Unauthorized());
}
var jwt = new AccessToken
{
Token = token,
Expires = DateTime.UtcNow.AddHours(1)
};
return(Ok(jwt));
}
public ActionResult Login([FromBody] User user)
{
var existingUser = _userService.GetUser(user.UserName, user.Password);
if (existingUser == null)
{
return(Unauthorized());
}
var token = _jWTAuthenticationManager.Authenticate(user.UserName);
if (token == null)
{
return(Unauthorized());
}
return(Ok(token));
}
public AuthenticateResponse Refresh(RefreshCred refreshCred, string ipAddress)
{
var tokenHandler = new JwtSecurityTokenHandler();
var key = Encoding.ASCII.GetBytes(_appSettings.Secret);
var pricipal = tokenHandler.ValidateToken(refreshCred.JwtToken, new Microsoft.IdentityModel.Tokens.TokenValidationParameters
{
ValidateIssuerSigningKey = true,
IssuerSigningKey = new SymmetricSecurityKey(key),
ValidateIssuer = false,
ValidateAudience = false,
ValidateLifetime = false //here we are saying that we don't care about the token's expiration date
// set clockskew to zero so tokens expire exactly at token expiration time (instead of 5 minutes later)
// ClockSkew = TimeSpan.Zero
}, out SecurityToken validatedToken);
var jwtToken = validatedToken as JwtSecurityToken;
var lifeTime = new JwtSecurityTokenHandler().ReadToken(refreshCred.JwtToken).ValidTo;
if (jwtToken == null || !jwtToken.Header.Alg.Equals(SecurityAlgorithms.HmacSha256, StringComparison.InvariantCultureIgnoreCase))
{
throw new SecurityTokenException("Invalid token passed");
}
var userName = pricipal.Identity.Name;
var userId = Convert.ToInt32(pricipal.FindFirst("id").Value);
var Users = userBs.GetAll();
var user = Users.SingleOrDefault(x => x.Id == userId);
var sessionrefreshtoken = user?.RefreshTokens?.Where(x => x.Token.Trim().Equals(refreshCred?.RefreshToken?.Trim()))?.FirstOrDefault()?.Token;
//_session?.GetString(userName)?.ToString();
if (sessionrefreshtoken == null)
{
throw new SecurityTokenException("Invalid token passed!");
}
///jWTAuthenticationManager.UsersRefreshTokens[userName] need to fix why not working
//if ( user.RefreshTokens.Single(x => x.Token.Trim().Equals(refreshCred.RefreshToken.Trim())
//{
// // throw new SecurityTokenException("Invalid token passed!")
//}
return(jWTAuthenticationManager.Authenticate(userName, pricipal.Claims.ToArray(), ipAddress, refreshCred));
}
public async Task <IActionResult> AuthenticateAsync([FromBody] AuthenticateRequest model)
{
var response = _userService.Authenticate(model);
try
{
var users = await _userManager.FindByNameAsync(model.Username);
if (users == null)
{
return(NotFound());
}
if (response == null)
{
users.AccessFailedCount = users.AccessFailedCount + 1;
await _userManager.UpdateAsync(users);
_logger.LogWarning("Username or password is incorrect");
return(BadRequest(new { message = "Username or password is incorrect" }));
}
var accessCountMaxx = "3";
int accessCountMax = Int32.Parse(accessCountMaxx);
if (users.AccessFailedCount > accessCountMax)
{
_ = users.LockoutEnabled = true;
await _userManager.UpdateAsync(users);
_logger.LogWarning("User account locked out.");
return(BadRequest(new { message = "User account locked out." }));
}
}
catch (IOException e)
{
Console.WriteLine($"Username or password is incorrect: '{e}'");
}
_logger.LogInformation("User logged in.");
return(Ok(response));
}
public ActionResult LoginUser([FromBody] LoginUserModel userModel)
{
User user = dbcontext.User.Where(x => x.Email == userModel.Email).FirstOrDefault();
if (user == null)
{
Object response = new
{
message = "User does not exit",
code = HttpStatusCode.NoContent
};
return(Content(JsonConvert.SerializeObject(response)));
}
using (MD5 md5Hash = MD5.Create())
{
string password = MD5Hash.GetMd5Hash(md5Hash, userModel.Password);
if (user.Password == password)
{
string token = jWTAuthenticationManager.Authenticate(user.FirstName);
Object response = new
{
token = token,
user = user,
code = HttpStatusCode.OK
};
return(Content(JsonConvert.SerializeObject(response)));
}
else
{
Object response = new
{
message = "Password Incorrect",
code = HttpStatusCode.NoContent
};
return(Content(JsonConvert.SerializeObject(response)));
}
}
}
public string GenerateToken()
{
var token = jWTAuthenticationManager.Authenticate("Authorized", "Admin0@123");
return(token);
}
//--------------------------------------------------------------------------------------------------
//FUNCION QUE ACTUALIZARA LA INFORMACION DE UN USUARIO CUANDO SE REALICE EL LLAMADO DESDE
//LA PAGINA "PaginaConsultaTableros" DE LA APLICACION "Mtto App". EN ESTA FUNCION SE RECIBEN
//LOS PARAMETROS:
// -username: PARAMETRO ENVIADO EN EL URL DE LA SOLICITUD (username=<username> || USERNAME=<username>)
// -password: PARAMETRO ENVIADO EN EL URL DE LA SOLICITUD (password=<password> || PASSWORD=<password>)
//--------------------------------------------------------------------------------------------------
public async Task <IActionResult> LogInRequest([FromBody] LogInRequest request)
{
//SE CREA E INICIALIZA LA VARIABLE QUE SE RETORNARA SI TODAS LAS CONDICIONES SE CUMPLEN
LogInResponse response = null;
//SE EVALUA QUE EXISTA UN NOMBRE DE USUARIO QUE OBEDESCA AL NOMBRE DE USUARIO
if (this._context.Usuarios.Any
(x => x.Username.ToLower() == request.Username.ToLower())) //=> true => EXISTE UN REGISTRO EN LA TABLA USUARIOS QUE RESPONDE AL
// NOMBRE DE USUARIO ENVIADO COMO PARAMETRO.
{
//SI EXISTE, SE OBTIENE TODA LA INFORMACION DE DICHO REGISTRO Y SE ALMACENA EN UNA VARIABLE DEL TIPO USUARIO
Usuarios usuario = this._context.Usuarios.First //=> METODO QUE RETORNA EL PRIMER REGISTRO QUE COINCIDA
(x => x.Username.ToLower() == request.Username.ToLower()); //CON LA COMPARACION DE NOMBRE DE USUARIOS
//SE COMPARA QUE LA PROPIEDAD DEL OBJETO usuario (OBJETO QUE CONTIENE TODA LA INFORMACION DE USUARIO
//QUE DESEA INGRESAR) CON EL PARAMETRO "password"
if (usuario.Password == request.Password) //=> true => LA CONTRASEÑA ENVIADA ES CORRECTA
{
//SE INICIA LA TRANSACCION CON LA BASE DE DATOS
using (var transaction = this._context.Database.BeginTransaction())
{
//SE INICIA LA TRANSACCIONES CON LA BASE DE DATOS
try
{
//--------------------------------------------------------------------------------------------
//SE BUSCA LA INFORMACION PERSONAL DEL USUARIO QUE DESEA INGRESAR
var persona = await this._context.Personas.FindAsync(usuario.Cedula);
//--------------------------------------------------------------------------------------------
//SE EVALUA SI SE OBTUVO UN REGISTRO DE LA BUSQUEDA ANTERIOR
if (persona != null)
{
//DE EXISTIR SE DESECHA LA ENTIDAD RETENIDA
this._context.Entry(persona).State = EntityState.Detached;
}
//--------------------------------------------------------------------------------------------
//SE CREA E INICIALIZA UN OBJETO DEL TIPO "InformacionGeneral" (OBJETO QUE RETORNARA TODA LA
//INFORMACION DEL USUARIO QUE DESEA INGRESAR)
var fullinfo = InformacionGeneral.NewInformacionGeneral(persona, usuario);
//--------------------------------------------------------------------------------------------
//SE CREA E INICALIZA UN OBJETO DEL TIPO "UltimaConexion"
var ultimaconexion = new Ultimaconexion().NewUltimaConexion(persona, usuario);
//--------------------------------------------------------------------------------------------
//SE AÑADE A LA TABLAS "UltimaConexion" EL NUEVO REGISTRO
this._context.Ultimaconexion.Add(ultimaconexion); //SE REGISTRA/AÑADE EN LA BASE DE DATOS
this._context.Entry(ultimaconexion).State = EntityState.Added; //SE CAMBIA EL ESTADO DE LA ENTIDAD RETENIDA
//--------------------------------------------------------------------------------------------
//SE CREA E INICIALIZA UNA LISTA DE OBJETOS "UltimaConexion"
List <Ultimaconexion> lista = new List <Ultimaconexion>();
//SE LLENA LA LISTA PREVIAMENTE CREADA CON TODOS LOS REGISTROS DE CONEXION DEL USUARIO QUE DESEA INGRESAR
foreach (Ultimaconexion y in this._context.Ultimaconexion.ToList())
{
//SE EVAUA CADA UNO DE LOS REGISTROS DE LA LISTA Y SE COMPARA SI EL PARAMETRO UserId
//DEL REGISTRO ES IGUAL AL ID (CEDULA) DEL USUARIO QUE ESTA INGRESANDO
if (y.UserId == persona.Cedula)
{
//SE AÑADE A LA LISTA EL REGISTRO.
lista.Add(y);
}
}
//--------------------------------------------------------------------------------------------
//SE CREA UN NUEVO REGISTRO DE SOLICITUDES WEB Y SE AÑADE A LA TABLA "HistorialSolicitudesWeb"
Historialsolicitudesweb solicitudweb =
Historialsolicitudesweb.NewHistorialSolocitudesWeb(fullinfo.Usuario.Cedula, 0);
//--------------------------------------------------------------------------------------------
//SE REGISTRA/AÑADE UN NUEVO REGISTRO DE SOLICITUDES WEB
this._context.Historialsolicitudesweb.Add(solicitudweb);
this._context.Entry(solicitudweb).State = EntityState.Added;
//--------------------------------------------------------------------------------------------
//SE RETORNA EL TOKEN GENERADO LUEGO DE LA AUTENTICACION
string token = jwtauthenticationManager.Authenticate(request);
//--------------------------------------------------------------------------------------------
//SE EVALUA CUANTOS REGISTROS SE ACUMULARON EN LA LISTA "lista"
//MAS DE UN REGISTRO
if (lista.Count > 0)
{
//SE ENVIA LA INFORMACION DEL USUARIO Y EL PENULTIMO REGISTRO (ULTIMA CONEXION PREVIA A LA ACTUAL)
response = LogInResponse.NewLogInResponse(fullinfo, lista[lista.Count - 1].UltimaConexion1, token);
}
if (lista.Count == 0)
{
//SE ENVIA LA INFORMACION DEL USUARIO Y EL ULTIMO REGISTRO (CONEXION ACTUAL)
response = LogInResponse.NewLogInResponse(fullinfo, ultimaconexion.UltimaConexion1, token);
}
//--------------------------------------------------------------------------------------------
//SE GUARDAN LOS CAMBIOS REALIZADOS SOBRE LA BASE DE DATOS
await this._context.SaveChangesAsync();
//SE CULMINA LA TRANSACCION CON LA BASE DE DATOS
await transaction.CommitAsync();
}
//SI OCURRE ALGUNA EXCEPCION EN EL PROCESO DE LECTURA Y ESCRITURA DE LA BASE DE DATOS EL CODIGO
//SE REDIRIGE A LA SECCION CATCH DEL CICLO TRY...CATCH
catch (Exception ex) when(ex is DbUpdateException ||
ex is DbUpdateConcurrencyException)
{
Console.WriteLine("\n=================================================");
Console.WriteLine("=================================================");
Console.WriteLine("\nHa ocurrico un error:\n" + ex.Message.ToString());
Console.WriteLine("=================================================");
Console.WriteLine("=================================================\n");
//SE RETONA LA RESPUESTA "BadRequest" JUNTO CON UN MENSAJE INFORMANDO SOBRE EL ERROR
return(BadRequest("\nHa ocurrico un error, intentelo nuevamente"));
}
}
}
else
{
//SI EL NOMBRE DE USUARIO CONICIDE PERO LA CONTRASEÑA NO SE RETORNA UN BADREQUEST
return(BadRequest("Contraseña incorrecta"));
}
}
else
{
//SI EL NOMBRE DE USUARIO NO CONIDIDE SE RETORNA UN NOT FOUND
return(NotFound("Nombre de usuario no encontrado"));
}
//SE RETORNA EL CODIGO 200 OK JUNTO CON TODA LA INFORMACION DEL USUARIO
return(Ok(response));
}