public async Task <IActionResult> PostAsync([FromBody] AuthPost model)
{
var result = Unauthorized() as IActionResult;
var user = null as ApplicationUser;
var isAuthenticated = false;
switch (model.GrantType)
{
case GrantType.Password:
ValidateModelForGrantTypePassword(model);
user = await cachedUserManager.GetUserByUserNameAndFilterRoleAssignmentsByClientIdAsync(model.User, model.ClientId.Value);
if (user != null)
{
await ValidateUserStateAsync(user);
var checkPassword = await signInManager.CheckPasswordSignInAsync(user, model.Password);
if (checkPassword)
{
isAuthenticated = true;
}
}
break;
case GrantType.RefreshToken:
ValidateModelForGrantTypeRefreshToken(model);
if (cacheHandler.TryGetValue <RefreshTokenData>(model.RefreshToken, out var refreshTokenData))
{
await cacheHandler.RemoveAsync <RefreshTokenData>(model.RefreshToken);
user = await cachedUserManager.GetUserByUserNameAndFilterRoleAssignmentsByClientIdAsync(refreshTokenData.UserName, model.ClientId.Value);
isAuthenticated = true;
}
break;
}
if (isAuthenticated)
{
var authPostResult = new AuthPostResult(userPrincipalTokenizer.GenerateToken(user));
await cacheHandler.SetAsync(authPostResult.RefreshToken, new RefreshTokenData()
{
Token = authPostResult.RefreshToken,
UserName = user.UserName
});
result = Ok(authPostResult);
}
return(result);
}
public async Task <OperationResult <JwtToken> > CreateToken(string email, string password)
{
User user = await userManager.FindByEmailAsync(email);
if (user == null)
{
return(OperationResult <JwtToken> .Invalid("Login failed: invalid e-mail or password."));
}
OperationResult result = await signInManager.CheckPasswordSignInAsync(user, password, lockoutOnFailure : false);
if (!result.IsValid)
{
return(result.Cast <JwtToken>());
}
var encodedToken = tokenService.BuildToken(user);
return(OperationResult <JwtToken> .Valid(new JwtToken(encodedToken)));
}
public async Task <SignInResult> CheckPasswordSignInAsync(User user, string password)
{
return(await _signInManager.CheckPasswordSignInAsync(user, password));
}
