/// <summary> /// Logs the user in to the API /// </summary> public LoginUserResponse ExecuteLoginUser(LoginUserQueryParam loginParams) { if (string.IsNullOrWhiteSpace(loginParams.Email)) { throw new UseCaseException() { UserErrorMessage = "Could not login as the email address was invalid" } } ; if (string.IsNullOrWhiteSpace(loginParams.Password)) { throw new UseCaseException() { UserErrorMessage = "Could not login as the password was invalid" } } ; var loginResult = _authenticateGateway.LoginUser(loginParams); if (!loginResult.Success) { throw new UseCaseException() { UserErrorMessage = loginResult.ResponseMessage == null ? "Could not login as the email and/or password was invalid" : loginResult.ResponseMessage } } ; var user = _usersGateway.GetUserByEmail(loginParams.Email, UserStatus.Active); var loginResponse = CreateLoginSession(loginParams, user); return(loginResponse); }
public LoginUserQueryParam ChangePassword(ResetPasswordQueryParams changePasswordParams) { var userPool = new CognitoUserPool(_connectionInfo.UserPoolId, _connectionInfo.ClientId, _provider); var cognitoUser = new CognitoUser(changePasswordParams.Email, _connectionInfo.ClientId, userPool, _provider); try { AuthFlowResponse authResponse = null; authResponse = cognitoUser.StartWithSrpAuthAsync(new InitiateSrpAuthRequest() { Password = changePasswordParams.Password }).Result; while (authResponse.AuthenticationResult == null) { if (authResponse.ChallengeName == ChallengeNameType.NEW_PASSWORD_REQUIRED) { authResponse = cognitoUser.RespondToNewPasswordRequiredAsync(new RespondToNewPasswordRequiredRequest() { SessionID = authResponse.SessionID, NewPassword = changePasswordParams.NewPassword, }).Result; } } if (authResponse.AuthenticationResult != null) { LoggingHandler.LogInfo("User successfully authenticated."); var loginParams = new LoginUserQueryParam(); loginParams.Email = changePasswordParams.Email; loginParams.Password = changePasswordParams.NewPassword; return(loginParams); } else { LoggingHandler.LogError("Error in authentication process."); } } catch (AggregateException e) { e.Handle((x) => { if (x is NotAuthorizedException) // This we know how to handle. { LoggingHandler.LogInfo("Authentication Gateway: Invalid credentials provided."); return(true); } if (x is UserNotFoundException) // This we know how to handle. { LoggingHandler.LogInfo("Authentication Gateway: User not found."); return(true); } return(false); // Let anything else stop the application. }); } return(null); }
public IActionResult LoginUser([FromBody] LoginUserQueryParam queryParam) { try { queryParam.IpAddress = HttpContext.Connection.RemoteIpAddress.ToString(); var response = _authenticateUseCase.ExecuteLoginUser(queryParam); Response.Cookies.Append(Cookies.AccessTokenName, response.AccessToken); return(Ok()); } catch (UseCaseException e) { return(BadRequest(e)); } }
public AuthenticationResult LoginUser(LoginUserQueryParam loginUserQueryParam) { InitiateAuthRequest iaRequest = new InitiateAuthRequest { ClientId = _connectionInfo.ClientId, AuthFlow = AuthFlowType.USER_PASSWORD_AUTH }; iaRequest.AuthParameters.Add("USERNAME", loginUserQueryParam.Email); iaRequest.AuthParameters.Add("PASSWORD", loginUserQueryParam.Password); InitiateAuthResponse authResp = new InitiateAuthResponse(); var authResult = new AuthenticationResult(); try { authResp = _provider.InitiateAuthAsync(iaRequest).Result; authResult.AccessToken = authResp.AuthenticationResult.AccessToken; authResult.IdToken = authResp.AuthenticationResult.IdToken; authResult.RefreshToken = authResp.AuthenticationResult.RefreshToken; authResult.TokenType = authResp.AuthenticationResult.TokenType; authResult.ExpiresIn = authResp.AuthenticationResult.ExpiresIn; authResult.Success = true; } catch (AggregateException e) { e.Handle((x) => { if (x is UserNotConfirmedException) // This we know how to handle. { LoggingHandler.LogInfo("User not confirmed."); authResult.Success = false; authResult.ResponseMessage = "User not confirmed"; return(true); } if (x is NotAuthorizedException) // This we know how to handle. { LoggingHandler.LogInfo("Invalid credentials provided."); authResult.Success = false; authResult.ResponseMessage = "Invalid credentials provided."; return(true); } return(false); // Let anything else stop the application. }); } return(authResult); }