[Create(@"{code}", false, false)] //NOTE: this method doesn't requires auth!!! //NOTE: this method doesn't check payment!!!
public AuthenticationTokenData AuthenticateMe(string userName, string password, string provider, string accessToken, string code)
{
bool viaEmail;
var user = GetUser(userName, password, provider, accessToken, out viaEmail);
try
{
SmsManager.ValidateSmsCode(user, code);
var token = SecurityContext.AuthenticateMe(user.ID);
MessageService.Send(Request, MessageAction.LoginSuccessViaApiSms);
var tenant = CoreContext.TenantManager.GetCurrentTenant().TenantId;
var expires = TenantCookieSettings.GetExpiresTime(tenant);
return(new AuthenticationTokenData
{
Token = token,
Expires = new ApiDateTime(expires),
Sms = true,
PhoneNoise = SmsSender.BuildPhoneNoise(user.MobilePhone)
});
}
catch
{
MessageService.Send(Request, user.DisplayUserName(false), MessageAction.LoginFailViaApiSms, MessageTarget.Create(user.ID));
throw new AuthenticationException("User authentication failed");
}
finally
{
SecurityContext.Logout();
}
}
public static string EncryptCookie(int tenant, Guid userid)
{
var settingsTenant = TenantCookieSettings.GetForTenant(tenant);
var expires = TenantCookieSettings.GetExpiresTime(tenant);
var settingsUser = TenantCookieSettings.GetForUser(tenant, userid);
return(EncryptCookie(tenant, userid, settingsTenant.Index, expires, settingsUser.Index));
}
private static DateTime GetExpiresDate(bool session)
{
var expires = DateTime.MinValue;
if (!session)
{
var tenant = CoreContext.TenantManager.GetCurrentTenant().TenantId;
expires = TenantCookieSettings.GetExpiresTime(tenant);
}
return(expires);
}
[Create(@"", false, false)] //NOTE: this method doesn't requires auth!!! //NOTE: this method doesn't check payment!!!
public AuthenticationTokenData AuthenticateMe(string userName, string password, string provider, string accessToken)
{
bool viaEmail;
var user = GetUser(userName, password, provider, accessToken, out viaEmail);
if (!StudioSmsNotificationSettings.IsVisibleSettings || !StudioSmsNotificationSettings.Enable)
{
try
{
var token = SecurityContext.AuthenticateMe(user.ID);
MessageService.Send(Request, viaEmail ? MessageAction.LoginSuccessViaApi : MessageAction.LoginSuccessViaApiSocialAccount);
var tenant = CoreContext.TenantManager.GetCurrentTenant().TenantId;
var expires = TenantCookieSettings.GetExpiresTime(tenant);
return(new AuthenticationTokenData
{
Token = token,
Expires = new ApiDateTime(expires)
});
}
catch
{
MessageService.Send(Request, user.DisplayUserName(false), viaEmail ? MessageAction.LoginFailViaApi : MessageAction.LoginFailViaApiSocialAccount);
throw new AuthenticationException("User authentication failed");
}
finally
{
SecurityContext.Logout();
}
}
if (string.IsNullOrEmpty(user.MobilePhone) || user.MobilePhoneActivationStatus == MobilePhoneActivationStatus.NotActivated)
{
return new AuthenticationTokenData
{
Sms = true
}
}
;
SmsManager.PutAuthCode(user, false);
return(new AuthenticationTokenData
{
Sms = true,
PhoneNoise = SmsSender.BuildPhoneNoise(user.MobilePhone),
Expires = new ApiDateTime(DateTime.UtcNow.Add(SmsKeyStorage.StoreInterval))
});
}
public AuthenticationTokenData AuthenticateMe([FromBody] AuthModel auth)
{
var tenant = CoreContext.TenantManager.GetCurrentTenant();
var user = GetUser(tenant.TenantId, auth.UserName, auth.Password);
try
{
var token = SecurityContext.AuthenticateMe(tenant.TenantId, user.ID);
var expires = TenantCookieSettings.GetExpiresTime(tenant.TenantId);
return(new AuthenticationTokenData
{
Token = token,
Expires = expires
});
}
catch
{
throw new Exception("User authentication failed");
}
}
[Create(@"{code}", false, false)] //NOTE: This method doesn't require auth!!! //NOTE: This method doesn't check payment!!!
public AuthenticationTokenData AuthenticateMe(string userName, string password, string provider, string accessToken, string code, string codeOAuth)
{
bool viaEmail;
var user = GetUser(userName, password, provider, accessToken, out viaEmail, codeOAuth);
var sms = false;
try
{
if (StudioSmsNotificationSettings.IsVisibleAndAvailableSettings && StudioSmsNotificationSettings.Enable)
{
sms = true;
SmsManager.ValidateSmsCode(user, code, true);
}
else if (TfaAppAuthSettings.IsVisibleSettings && TfaAppAuthSettings.Enable)
{
if (user.ValidateAuthCode(code, true, true))
{
MessageService.Send(Request, MessageAction.UserConnectedTfaApp, MessageTarget.Create(user.ID));
}
}
else
{
throw new SecurityException("Auth code is not available");
}
var token = CookiesManager.AuthenticateMeAndSetCookies(user.Tenant, user.ID, MessageAction.LoginSuccess);
var tenant = CoreContext.TenantManager.GetCurrentTenant().TenantId;
var expires = TenantCookieSettings.GetExpiresTime(tenant);
var result = new AuthenticationTokenData
{
Token = token,
Expires = new ApiDateTime(expires)
};
if (sms)
{
result.Sms = true;
result.PhoneNoise = SmsSender.BuildPhoneNoise(user.MobilePhone);
}
else
{
result.Tfa = true;
}
return(result);
}
catch
{
MessageService.Send(Request, user.DisplayUserName(false), sms
? MessageAction.LoginFailViaApiSms
: MessageAction.LoginFailViaApiTfa,
MessageTarget.Create(user.ID));
throw new AuthenticationException("User authentication failed");
}
finally
{
SecurityContext.Logout();
}
}