public async Task <IActionResult> GetToken([FromBody] JwtTokenViewModel model)
{
if (ModelState.IsValid)
{
ApplicationUser user = await _userManager.FindByNameAsync(model.UserName);
var signInResult = await _signInManager.CheckPasswordSignInAsync(user, model.Password, false);
if (signInResult.Succeeded)
{
var key = new SymmetricSecurityKey(Encoding.UTF8.GetBytes(JwtConfiguration.Key));
var creds = new SigningCredentials(key, SecurityAlgorithms.HmacSha256);
var claims = new[]
{
new Claim(JwtRegisteredClaimNames.Sub, model.UserName),
new Claim(JwtRegisteredClaimNames.Jti, Guid.NewGuid().ToString()),
new Claim(JwtRegisteredClaimNames.UniqueName, model.UserName)
};
var token = new JwtSecurityToken(
JwtConfiguration.Issuer,
JwtConfiguration.Audience,
claims,
expires: DateTime.UtcNow.AddHours(1),
signingCredentials: creds
);
var result = new
{
token = new JwtSecurityTokenHandler().WriteToken(token),
expiration = token.ValidTo
};
return(Created("", result));
}
}
return(BadRequest());
}
public async Task <IActionResult> Login([FromBody] CredentialsBindingModel credentials
)
{
if (!ModelState.IsValid)
{
throw new Exception();
}
ClaimsIdentity identity = GetClaimsIdentity(credentials.UserName, credentials.Password).Result;
if (identity == null)
{
throw new Exception("Please enter valid credentials");
}
JwtTokenViewModel jwt = Tokens.GenerateJwt(identity, _jwtFactory, _jwtOptions).Result;
// var refreshToken = await _userService.GetRefreshToken(jwt.Id);
// jwt.RefreshToken = refreshToken.Token;
LoginAppViewModel model = new LoginAppViewModel
{
// Content = jwt
};
return(Success(model));
}
public async Task <IActionResult> Login(LoginViewModel model, string returnUrl = null)
{
ViewData["ReturnUrl"] = returnUrl;
if (ModelState.IsValid)
{
// This doesn't count login failures towards account lockout
// To enable password failures to trigger account lockout, set lockoutOnFailure: true
//var result = await _signInManager.PasswordSignInAsync(model.Email, model.Password, model.RememberMe, lockoutOnFailure: false);
//if (result.Succeeded)
//{
// _logger.LogInformation(1, "User logged in.");
// return RedirectToLocal(returnUrl);
//}
//if (result.RequiresTwoFactor)
//{
// return RedirectToAction(nameof(SendCode), new { ReturnUrl = returnUrl, RememberMe = model.RememberMe });
//}
/*
* if (result.IsLockedOut)
* {
* _logger.LogWarning(2, "User account locked out.");
* return View("Lockout");
* }
* else
* {
* ModelState.AddModelError(string.Empty, "Invalid login attempt.");
* return View(model);
* }
*/
var jwtTokenViewModel = new JwtTokenViewModel()
{
UserName = model.Email, Password = model.Password
};
using var httpClient = new HttpClient();
using var content = new StringContent(JsonConvert.SerializeObject(jwtTokenViewModel), System.Text.Encoding.UTF8, "application/json");
HttpResponseMessage responseMessage = await httpClient.PostAsync("https://localhost:44329/account/gettoken", content);
if (responseMessage.StatusCode == System.Net.HttpStatusCode.Created)
{
var userToken = JsonConvert.DeserializeObject <JwtToken>(responseMessage.Content.ReadAsStringAsync().Result);
HttpContext.Session.SetString("JWTtoken", userToken.Token);
return(RedirectToLocal(returnUrl));
}
}
// If we got this far, something failed, redisplay form
return(View(model));
}
public async Task <IActionResult> CreateToken([FromBody] JwtTokenViewModel model)
{
if (ModelState.IsValid)
{
IdentityUser user = await _userManager.FindByNameAsync(model.UserName);
var Signresult = await _signInManager.CheckPasswordSignInAsync(user, model.Password, false);
var userRoles = await _userManager.GetRolesAsync(user);
if (Signresult.Succeeded)
{
var key = new SymmetricSecurityKey(Encoding.UTF8.GetBytes(ApiJwtConst.key));
var creds = new SigningCredentials(key, SecurityAlgorithms.HmacSha256);
var claims = new List <Claim> ();
claims.Add(new Claim(JwtRegisteredClaimNames.Sub, model.UserName));
claims.Add(new Claim(JwtRegisteredClaimNames.Jti, Guid.NewGuid().ToString()));
claims.Add(new Claim(JwtRegisteredClaimNames.UniqueName, model.UserName));
foreach (var role in userRoles)
{
claims.Add(new Claim(ClaimTypes.Role, role));
}
var token = new JwtSecurityToken(
ApiJwtConst.Issuer,
ApiJwtConst.Audience,
claims,
expires: DateTime.UtcNow.AddMinutes(30),
signingCredentials: creds
);
var result = new
{
token = new JwtSecurityTokenHandler().WriteToken(token),
expiration = token.ValidTo
};
return(Created("", result));
}
else
{
return(BadRequest("Invalid credential"));
}
}
return(BadRequest());
}
public static async Task <JwtTokenViewModel> GenerateJwt(
ClaimsIdentity identity,
IJwtFactory jwtFactory,
JwtIssuerOptions jwtOptions
)
{
JwtTokenViewModel response = new JwtTokenViewModel
{
Id = identity.Claims.Single(c => c.Type == "id").Value,
AuthToken = await jwtFactory.GenerateEncodedToken(identity.Claims.Single(c => c.Type == "id").Value, identity),
ExpiresIn = (int)jwtOptions.ValidFor.TotalSeconds,
RefreshToken = Guid.NewGuid().ToString()
};
return(response);
}
public async Task <IActionResult> CreateToken([FromForm] JwtTokenViewModel model)
{
if (ModelState.IsValid)
{
User user = await _userManager.FindByEmailAsync(model.Email);
var role = await _userManager.GetRolesAsync(user);
IdentityOptions _options = new IdentityOptions();
var signInResult = await _signInManager.CheckPasswordSignInAsync(user, model.Password, false);
if (signInResult.Succeeded)
{
var key = new SymmetricSecurityKey(Encoding.UTF8.GetBytes(MVSJwtConstants.Key));
var creds = new SigningCredentials(key, SecurityAlgorithms.HmacSha256);
var claims = new []
{
new Claim(JwtRegisteredClaimNames.Sub, model.Email),
new Claim(JwtRegisteredClaimNames.Jti, Guid.NewGuid().ToString()),
new Claim(JwtRegisteredClaimNames.Email, model.Email),
new Claim(_options.ClaimsIdentity.RoleClaimType, role.FirstOrDefault())
};
var token = new JwtSecurityToken(
MVSJwtConstants.Issuer,
MVSJwtConstants.Audience,
claims,
expires: DateTime.UtcNow.AddMinutes(30),
signingCredentials: creds
);
var results = new
{
token = new JwtSecurityTokenHandler().WriteToken(token),
expiration = token.ValidTo
};
return(Created("", results));
}
return(BadRequest());
}
return(BadRequest());
}
public async Task <IActionResult> SignIn([FromBody] LoginViewModel loginViewModel)
{
var user = await _userManager.FindByEmailAsync(loginViewModel.Email);
if (user == null)
{
return(new NotFoundResult());
}
var result = await _signInManager.CheckPasswordSignInAsync(user, loginViewModel.Password, false);
if (result.Succeeded)
{
var token = new JwtTokenViewModel
{
AccessToken = _jwtTokenGenerator.Generate(user),
RefreshToken = _refreshTokenGenerator.Generate()
};
try
{
await _tokenProvider.RegisterRefreshToken(token.RefreshToken, user.Id);
await _tokenProvider.RegisterAccessToken(
_jwtTokenHelper.GetSignature(token.AccessToken),
_jwtTokenHelper.GetExpirationDate(token.AccessToken),
user.Id);
}
catch (Exception)
{
return(new StatusCodeResult((int)HttpStatusCode.InternalServerError));
}
return(new OkObjectResult(token));
}
if (result.IsLockedOut || result.IsNotAllowed)
{
return(new ForbidResult());
}
return(new ForbidResult());
}
public async Task <IActionResult> RefreshAccessToken(Guid refreshToken)
{
var refreshTokenObject = await _tokenProvider.GetRefreshToken(refreshToken);
if (refreshTokenObject == null)
{
return(BadRequest());
}
var user = await _userManager.FindByIdAsync(refreshTokenObject.UserId.ToString());
if (user == null)
{
return(BadRequest());
}
var token = new JwtTokenViewModel
{
AccessToken = _tokenGenerator.Generate(user),
RefreshToken = refreshToken.ToString()
};
try
{
await _tokenProvider.UpdateRefreshToken(refreshToken);
await _tokenProvider.RegisterAccessToken(
_jwtTokenHelper.GetSignature(token.AccessToken),
_jwtTokenHelper.GetExpirationDate(token.AccessToken),
user.Id);
}
catch (Exception)
{
return(new StatusCodeResult((int)HttpStatusCode.InternalServerError));
}
return(new OkObjectResult(token));
}
public async Task <JwtTokenViewModel> GenerateToken(UserViewModel userViewModel)
{
var user = await _userManager.FindByEmailAsync(userViewModel.Email);
if (user == null)
{
throw new Exception($"The user with {userViewModel.Email} does not exist.");
}
var userClaims = await _userManager.GetClaimsAsync(user);
var claims = userClaims;
claims.Add(new Claim(ClaimTypes.Email, userViewModel.Email));
claims.Add(new Claim(ClaimTypes.Name, userViewModel.Email));
claims.Add(new Claim("Role", userClaims.First(item => item.Type == ClaimTypes.Role).Value));
claims.Add(new Claim("LastName", userViewModel.LastName ?? ""));
claims.Add(new Claim("FirstName", user.FirstName ?? ""));
var key = new SymmetricSecurityKey(Encoding.UTF8.GetBytes(_configuration["Tokens:Key"]));
var creds = new SigningCredentials(key, SecurityAlgorithms.HmacSha256);
var expiresIn = DateTime.Now.AddDays(30);
var token = new JwtSecurityToken(
issuer: _configuration["Tokens:Issuer"],
audience: _configuration["Tokens:Audience"],
claims: claims,
expires: expiresIn,
signingCredentials: creds);
var tokenString = new JwtSecurityTokenHandler().WriteToken(token);
var accessToken = new JwtTokenViewModel
{
access_token = tokenString,
expires_in = (int)(expiresIn - DateTime.Now).TotalMinutes
};
return(accessToken);
}
public async Task <IActionResult> CreateToken([FromBody] JwtTokenViewModel model)
{
if (ModelState.IsValid)
{
AspNetUser user = await _userManager.FindByNameAsync(model.UserName);
if (user == null)
{
return(BadRequest("no user found"));
}
// var IsSuccess= Hasher.VerifyHashedPassword(user.PasswordHash, model.Password);
var Signresult = await _signInManager.CheckPasswordSignInAsync(user, model.Password, false);
List <string> userRoles = new List <string>();
//var userRoles = await _userManager.GetRolesAsync(user);
var LstuserRoles = await _context.AspNetUserRoles.Where(e => e.UserId == user.Id).ToListAsync();
foreach (var item in LstuserRoles)
{
var t = await _context.AspNetRoles.Where(e => e.Id == item.RoleId).SingleAsync();
if (t != null)
{
userRoles.Add(t.Name);
}
}
if (Signresult.Succeeded)
{
var key = new SymmetricSecurityKey(Encoding.UTF8.GetBytes(ApiConst.key));
var creds = new SigningCredentials(key, SecurityAlgorithms.HmacSha256);
var claims = new List <Claim>();
claims.Add(new Claim(JwtRegisteredClaimNames.Sub, model.UserName));
claims.Add(new Claim(JwtRegisteredClaimNames.Jti, Guid.NewGuid().ToString()));
claims.Add(new Claim(JwtRegisteredClaimNames.UniqueName, model.UserName));
foreach (var role in userRoles)
{
claims.Add(new Claim(ClaimTypes.Role, role));
}
var token = new JwtSecurityToken(
ApiConst.Issuer,
ApiConst.Audience,
claims,
expires: DateTime.UtcNow.AddMinutes(30),
signingCredentials: creds
);
var result = new Token
{
token = new JwtSecurityTokenHandler().WriteToken(token),
expiration = token.ValidTo
};
return(Created("", result));
}
else
{
return(BadRequest("Invalid credential"));
}
}
return(BadRequest());
}
