/// <summary>
/// Valid
/// </summary>
/// <param name="customer">Customer</param>
public virtual async Task <bool> Valid(TokenValidatedContext context)
{
_email = context.Principal.Claims.ToList().FirstOrDefault(x => x.Type == "Email")?.Value;
if (string.IsNullOrEmpty(_email))
{
_errorMessage = "Email not exists in the context";
return(await Task.FromResult(false));
}
var customer = await _customerService.GetCustomerByEmail(_email);
if (customer == null || !customer.Active || customer.Deleted)
{
_errorMessage = "Email not exists/or not active in the customer table";
return(await Task.FromResult(false));
}
var userapi = await _userApiService.GetUserByEmail(_email);
if (userapi == null || !userapi.IsActive)
{
_errorMessage = "User api not exists/or not active in the user api table";
return(await Task.FromResult(false));
}
return(await Task.FromResult(true));
}
public async Task <IActionResult> Create([FromBody] LoginModel model)
{
var claims = new Dictionary <string, string> {
{ "Email", model.Email }
};
var user = await _userApiService.GetUserByEmail(model.Email);
if (user != null)
{
claims.Add("Token", user.Token);
}
var token = await _mediator.Send(new GenerateTokenCommand()
{
Claims = claims
});
return(Content(token));
}
public LoginValidator(
IEnumerable <IValidatorConsumer <LoginModel> > validators,
ApiConfig apiConfig, ICustomerService customerService, IUserApiService userApiService, IEncryptionService encryptionService)
: base(validators)
{
if (!apiConfig.Enabled)
{
RuleFor(x => x).Must((x) => false).WithMessage("API is disabled");
}
RuleFor(x => x.Email).NotEmpty().WithMessage("Email is required");
RuleFor(x => x.Password).NotEmpty().WithMessage("Password is required");
RuleFor(x => x).MustAsync(async(x, context) =>
{
if (!string.IsNullOrEmpty(x.Email))
{
var userapi = await userApiService.GetUserByEmail(x.Email.ToLowerInvariant());
if (userapi != null && userapi.IsActive)
{
var base64EncodedBytes = System.Convert.FromBase64String(x.Password);
var password = System.Text.Encoding.UTF8.GetString(base64EncodedBytes);
if (userapi.Password == encryptionService.EncryptText(password, userapi.PrivateKey))
{
return(true);
}
}
}
return(false);
}).WithMessage(("User not exists or password is wrong"));
RuleFor(x => x).MustAsync(async(x, context) =>
{
if (!string.IsNullOrEmpty(x.Email))
{
var customer = await customerService.GetCustomerByEmail(x.Email.ToLowerInvariant());
if (customer != null && customer.Active && !customer.IsSystemAccount)
{
return(true);
}
}
return(false);
}).WithMessage("Customer not exist");
}