public async Task <ActionResult> Login(UserLoginRequestModel loginRequest, string returnUrl = null)
{
returnUrl ??= Url.Content("~/");
if (!ModelState.IsValid)
{
return(View());
}
var user = await _userService.ValidateUser(loginRequest.Email, loginRequest.Password);
if (user == null)
{
ModelState.AddModelError(string.Empty, "Invalid login attempt.");
return(View());
}
var claims = new List <Claim>
{
new Claim(ClaimTypes.Name, user.Email),
new Claim(ClaimTypes.GivenName, user.FirstName),
new Claim(ClaimTypes.Surname, user.LastName),
new Claim(ClaimTypes.NameIdentifier, user.Id.ToString())
};
//if (user.Roles != null) claims.AddRange(user.Roles.Select(role => new Claim(ClaimTypes.Role, role.Name)));
var claimsIdentity = new ClaimsIdentity(claims, CookieAuthenticationDefaults.AuthenticationScheme);
await HttpContext.SignInAsync(CookieAuthenticationDefaults.AuthenticationScheme,
new ClaimsPrincipal(claimsIdentity));
return(LocalRedirect(returnUrl));
}
public async Task <IActionResult> Login(UserLoginRequestModel userModel)
{
if (!ModelState.IsValid)
{
return(Unauthorized("Invalid or missing params"));
}
try
{
var user = await _userService.ValidateUser(userModel.Email, userModel.Password);
if (user == null)
{
return(Unauthorized("Invalid email or password"));
}
var token = _jwtService.GenerateJwtToken(user);
return(Ok(new { token }));
}
catch (Exception e)
{
Console.WriteLine(e);
return(StatusCode(500, e.Message));
}
}
public async Task <ApiResponse <UserLoginResponseModel> > UserLogin(UserLoginRequestModel request)
{
try
{
var response = await this.httpClient.PostAsync(
"api/account/login",
new FormUrlEncodedContent(
new List <KeyValuePair <string, string> >
{
new KeyValuePair <string, string>("email", request.Email),
new KeyValuePair <string, string>("password", request.Password),
}));
var responseString = await response.Content.ReadAsStringAsync();
if (!response.IsSuccessStatusCode)
{
return(new ApiResponse <UserLoginResponseModel>(new ApiError("Server error " + (int)response.StatusCode, responseString)));
}
var responseObject = JsonSerializer.Deserialize <UserLoginResponseModel>(responseString);
return(new ApiResponse <UserLoginResponseModel>(responseObject));
}
catch (Exception ex)
{
return(new ApiResponse <UserLoginResponseModel>(new ApiError("HTTP Client", ex.Message)));
}
}
public async Task <IActionResult> Login(UserLoginRequestModel userLoginRequestModel)
{
var user = await _userService.ValidateUser(userLoginRequestModel.Email, userLoginRequestModel.Password);
if (user == null)
{
// Invalid User Name/Password
return(View());
}
//if valid
//cookie based authentication
//claims, fName, lName, DOB
var claims = new List <Claim>()
{
new Claim(ClaimTypes.Email, user.Email),
new Claim(ClaimTypes.Surname, user.LastName),
new Claim(ClaimTypes.NameIdentifier, user.Id.ToString()),
new Claim(ClaimTypes.GivenName, user.FirstName)
};
// Identity
var claimsIdentity = new ClaimsIdentity(claims, CookieAuthenticationDefaults.AuthenticationScheme);
// create cookie
await HttpContext.SignInAsync(CookieAuthenticationDefaults.AuthenticationScheme,
new ClaimsPrincipal(claimsIdentity));
return(RedirectToAction("Index", "Home"));
}
public UserLoginResponseModel Login([FromBody] UserLoginRequestModel userModel)
{
var responseMessage = this.TryExecuteOperation(() =>
{
var user = this.unitOfWork.userRepository.All()
.SingleOrDefault(
x => x.Username == userModel.Username &&
x.AuthCode == userModel.AuthCode);
if (user == null)
{
//throw new ArgumentException("User is not registered!");
return(new UserLoginResponseModel()
{
DisplayName = "",
AccessToken = ""
});
}
if (user.AccessToken == null)
{
user.AccessToken = SessionGenerator.GenerateSessionKey(user.Id);
this.unitOfWork.userRepository.Update(user.Id, user);
}
return(UserLoginResponseModel.FromEntity(user));
});
return(responseMessage);
}
public ApiResponse UserLogin(UserLoginRequestModel request)
{
try
{
string stringSlq = "select * from AccountUser Where TenDangNhap = '" + request.UserName + "' and MatKhau = '" + request.Password + "' ";
int count = db.TongBanGhi(stringSlq);
if (count > 0)
{
try
{
UserInformation = db.get_DaTaTable(stringSlq);
return(ApiResponse.Success(UserInformation)); // thành công
}
catch (Exception) {
return(ApiResponse.Error(-1)); // thất bại
}
}
else
{
return(ApiResponse.Error(-1)); // thất bại
}
}
catch (Exception)
{
return(ApiResponse.Error(-1)); // có lỗi
throw;
}
}
public ActionResult <ItemResponse <UserModel> > Login(UserLoginRequestModel req)
{
ActionResult result = null;
try
{
UserModel currentUser = _userService.Login(req);
if (currentUser.Id > 0)
{
ItemResponse <UserModel> response = new ItemResponse <UserModel>();
response.Item = currentUser;
result = Ok200(response);
}
else
{
result = NotFound404(new ErrorResponse("User information did not match."));
}
}
catch (Exception ex)
{
Logger.LogError(ex.ToString());
result = StatusCode(500, new ErrorResponse(ex.Message.ToString()));
}
return(result);
}
public void Login()
{
HttpClientWrapper httpClientWrapper = new HttpClientWrapper(_baseUrl);
UserLoginRequestModel userLoginRequestModel = new UserLoginRequestModel();
var resp = httpClientWrapper.PostAsync<UserLoginRequestModel>("/api/v1/user/login", userLoginRequestModel);
}
public async Task <ResultModel <UserLoginResultModel> > Login(UserLoginRequestModel requestModel)
{
var discoveryDocumentRequest = new DiscoveryDocumentRequest
{
Address = ApplicationConfig.IdentityServer.Url,
Policy = new DiscoveryPolicy
{
RequireHttps = false
}
};
var client = new HttpClient();
DiscoveryResponse discoveryResponse = await client.GetDiscoveryDocumentAsync(discoveryDocumentRequest);
if (discoveryResponse.IsError)
{
return(ResultModel <UserLoginResultModel> .Fail("连接认证服务器失败"));
}
TokenResponse tokenResponse = await client.RequestPasswordTokenAsync(new PasswordTokenRequest
{
Address = discoveryResponse.TokenEndpoint,
ClientId = ClientType.Web.ToString(),
ClientSecret = ApplicationConfig.IdentityServer.Secret,
UserName = requestModel.Account,
Password = requestModel.Password,
Scope = ApplicationConfig.IdentityServer.Scope
});
if (tokenResponse.IsError)
{
return(ResultModel <UserLoginResultModel> .Fail(tokenResponse.ErrorDescription));
}
var result = new UserLoginResultModel(tokenResponse.Raw.JsonToObject <TokenResultModel>());
return(ResultModel <UserLoginResultModel> .Success(result, "登录成功"));
}
public async Task <IActionResult> Login(UserLoginRequestModel loginRequest, string returnUrl = null)
{
returnUrl ??= Url.Content("~/");
if (!ModelState.IsValid)
{
return(View());
}
var user = await _userService.ValidateUser(loginRequest.Email, loginRequest.Password);
//user not exist or wrong password
if (user == null)
{
ModelState.AddModelError(string.Empty, "Invalid login attempt.");
return(View());
}
//if user is validated
var claims = new List <Claim>
{
new Claim(ClaimTypes.Name, user.Email),
new Claim(ClaimTypes.GivenName, user.FirstName),
new Claim(ClaimTypes.Surname, user.LastName),
new Claim(ClaimTypes.NameIdentifier, user.Id.ToString())
};
var claimsIdentity = new ClaimsIdentity(claims, CookieAuthenticationDefaults.AuthenticationScheme);
//AuthenticationScheme will look in startup and check the default auth
await HttpContext.SignInAsync(CookieAuthenticationDefaults.AuthenticationScheme,
new ClaimsPrincipal(claimsIdentity));
return(LocalRedirect(returnUrl));
}
public string GenerateJSONWebToken(UserLoginRequestModel userInfo)
{
UserModel user = userDataService.getFullUserByName(userInfo.Username).Result;
if (user == null)
{
throw new NotFoundException("User does not exist");
}
bool isProvidedPasswordCorrect = userDataService.isUserPasswordCorrect(user.Password, userInfo.Password);
if (!isProvidedPasswordCorrect)
{
throw new BadRequestException("Entered password does not match the existing one!");
}
var securityKey = new SymmetricSecurityKey(Encoding.UTF8.GetBytes(_config["Jwt:Key"]));
var credentials = new SigningCredentials(securityKey, SecurityAlgorithms.HmacSha256);
var claims = new[] {
new Claim(JwtRegisteredClaimNames.Sub, userInfo.Username),
new Claim(JwtRegisteredClaimNames.Email, user.Email),
new Claim(JwtRegisteredClaimNames.Jti, Guid.NewGuid().ToString())
};
var token = new JwtSecurityToken(_config["Jwt:Issuer"],
_config["Jwt:Issuer"],
claims,
expires: DateTime.Now.AddMinutes(120),
signingCredentials: credentials);
return(new JwtSecurityTokenHandler().WriteToken(token));
}
public async Task <IActionResult> Login(UserLoginRequestModel userLoginRequestModel)
{
var user = await _userService.ValidateUser(userLoginRequestModel.Email, userLoginRequestModel.Password);
if (user == null)
{
return(View());
}
//if user entered correct un/pw
//Cookie based Auth
//Claims firstlastname.dob.can be encrypted
var claims = new List <Claim>()
{
new Claim(ClaimTypes.Email, user.Email),
new Claim(ClaimTypes.Surname, user.LastName),
new Claim(ClaimTypes.NameIdentifier, user.Id.ToString()),
new Claim(ClaimTypes.GivenName, user.FirstName)
};
var claimsIdentity = new ClaimsIdentity(claims, CookieAuthenticationDefaults.AuthenticationScheme);
// create cookie
await HttpContext.SignInAsync(CookieAuthenticationDefaults.AuthenticationScheme,
new ClaimsPrincipal(claimsIdentity));
return(RedirectToAction("Index", "Home"));
}
public async Task <IActionResult> Login([FromForm] UserLoginRequestModel input)
{
var user = await this.userManager.FindByEmailAsync(input.Email);
if (user == null || user.IsDeleted)
{
return(this.BadRequest(new ErrorResponseModel
{
Description = "No such user",
}));
}
var validCredentials = await this.userManager.CheckPasswordAsync(user, input.Password);
if (!validCredentials)
{
return(this.BadRequest(new ErrorResponseModel
{
Description = "Email or password is incorrect",
}));
}
// sample code to run if user's credentials is valid and before login
// if (!await this.userManager.IsInRoleAsync(user, GlobalConstants.AdministratorRoleName))
// {
// return this.BadRequest(new { Message = "You need higher permission to access this functionality" });
// }
// var result = await this.signInManager
// .PasswordSignInAsync(input.Email, input.Password, isPersistent: false, lockoutOnFailure: false);
// FOR JWT not use PasswordSignInAsync but CheckPasswordSignInAsync - the second DO NOT SEND Cookie from
// the Identiry server!
var result = await this.signInManager
.CheckPasswordSignInAsync(user, input.Password, lockoutOnFailure : false);
if (!result.Succeeded)
{
return(this.BadRequest(new ErrorResponseModel
{
Description = "Invalid login attempt",
}));
}
var response = await this.accountsService.Authenticate(user);
//// the name of the cookie is given by the Framework, can be changed by the Identity Server post configuration
// this.Response.Cookies.Append(GlobalConstants.JwtCookieName, response.AccessToken, new CookieOptions
// {
// HttpOnly = true,
// Secure = true,
// // MaxAge = TimeSpan.FromTicks(response.ExpiresIn),
// // MaxAge = TimeSpan.FromTicks(60),
// // Expires = DateTimeOffset.UtcNow.AddMinutes(1),
// // SameSite = SameSiteMode.None,
// });
// return this.Ok(this.User.Identity.IsAuthenticated);
return(this.Ok(response));
}
public IResponse <UserLoginResponseModel> Login(UserLoginRequestModel model)
{
try
{
var loginUser = UserRepository.GetUser(model.UserName, Encryption.CreateMD5(model.Password));
if (loginUser == null)
{
return(Fail <UserLoginResponseModel>("User Not Found"));
}
else
{
var UserRoles = UserRepository.GetUserRoles(loginUser.ID);
var returnRolesName = new List <string>();
foreach (var role in UserRoles)
{
returnRolesName.Add(role.RoleName);
}
//token generation
//security key
string securityKey = _configuration.GetSection("AppSettings").GetSection("JWTKey").Value;
//symetric security key
var symetricSecurityKey = new SymmetricSecurityKey(Encoding.UTF8.GetBytes(securityKey));
//signIn Credentials
var signInCredentials = new SigningCredentials(symetricSecurityKey, SecurityAlgorithms.HmacSha256Signature);
var claims = new List <Claim>();
claims.Add(new Claim(ClaimTypes.NameIdentifier, loginUser.UserName));
foreach (var role in UserRoles)
{
claims.Add(new Claim(ClaimTypes.Role, role.Description));
}
//token
var token = new JwtSecurityToken(
issuer: "api1",
audience: "api1",
expires: DateTime.Now.AddHours(1),
signingCredentials: signInCredentials,
claims: claims
);
return(Ok <UserLoginResponseModel>(new UserLoginResponseModel()
{
ID = loginUser.ID,
UserName = loginUser.UserName,
UserFullName = loginUser.FirstName + " " + loginUser.LastName,
Token = new JwtSecurityTokenHandler().WriteToken(token)
}));
}
}
catch (Exception ex)
{
throw new Exception(ex.Message);
}
}
public async Task <IActionResult> Login([FromBody] UserLoginRequestModel model)
{
if (ModelState.IsValid)
{
var user = await _userService.Login(model.Email, model.Password);
return(Ok(user));
}
return(BadRequest("Please check the data you entered"));
}
public async Task <ActionResult> Login(UserLoginRequestModel loginRequest)
{
//Http is stateless means each and every request is indepent of each other
// 10:00 AM u1 -> http: localhost / movies / index
// 10:00 AM u2 -> http:localhost/movies/index
// 10:00 AM u3 -> http:localhost/movies/index
// 10:01 AM u1 -> http:localhost/account/login, we can create an autheticate cookie
//cookie is one way of storing information on browser,
//localstorage and sessionstorage, cookies,
//if there are any cookies present then those cookies will be automatically sent to the server.
// 10:02 AM u1 -> http:localhost/user/purchases --->we are expecting a page that shows movies bought by user1
//we need to check if the cookie is expired or not and valid or not
//Cookies is one way of state mangement, client-side
// 10:01 AM u2 -> http:localhost/account/login
if (ModelState.IsValid)
{
//call service layer to validate user
var user = await _userService.ValidatUser(loginRequest.Email, loginRequest.Password); //duandian
if (user == null)
{
ModelState.AddModelError(string.Empty, "Invalid Login");
}
//We want to show First Name, Last Name on header (Navigation bar)
//Step1:Use Claims, create a claims based on your application needs
var claims = new List <Claim>
{
new Claim(ClaimTypes.GivenName, user.FirstName),
new Claim(ClaimTypes.Surname, user.LastName),
new Claim(ClaimTypes.NameIdentifier, user.Id.ToString()),
new Claim(ClaimTypes.Name, user.Email),
};
//Step2: we need to create an indentity object to hold those claims
var claimIdentity = new ClaimsIdentity(claims, CookieAuthenticationDefaults.AuthenticationScheme);
//Step3: Finally, we are going to create a cookie that will be attached to the HTTP response
//HttpContext is probably the most improtant class in ASP.NET that holds all the information regarding that Http Request/Response
await HttpContext.SignInAsync(CookieAuthenticationDefaults.AuthenticationScheme, new ClaimsPrincipal(claimIdentity));
//manually creating cookie
//HttpContext.Response.Cookies.Append("NewCookieName", "English"); //para1: Cookie Name, para2: Content
//Once ASP.Net Creates Authentication Cookies, it will check for that cookie in the HttpRequest and see if the cookie is not expired
//and it will decrypt the information present in the Cookie and check whether User is Authenticated and will also get claims from the cookies
return(LocalRedirect("~/")); //return to one level up which is the home page
}
return(View());
}
public HttpResponseMessage login(UserLoginRequestModel userLoginRequestModel)
{
AuthProvider authProvider = new AuthProvider();
ErrorModel errorModel = new ErrorModel();
APIResponseModel responseModel = new APIResponseModel();
responseModel.Response = authProvider.login(userLoginRequestModel, out errorModel);
responseModel.Error = errorModel;
return(Request.CreateResponse(HttpStatusCode.OK, responseModel));
}
public IActionResult Authenticate([FromBody] UserLoginRequestModel userParam)
{
var user = _userService.Authenticate(userParam);
if (user == null)
{
return(BadRequest(new { message = "Kullanici veya şifre hatalı!" }));
}
return(Ok(user));
}
public async Task <ActionResult> LoginAsync(UserLoginRequestModel loginRequest)
{
var user = await _userService.ValidateUser(loginRequest.Email, loginRequest.Password);
if (user == null)
{
return(Unauthorized());
}
return(Ok());
}
public async Task <IActionResult> Login([FromBody] UserLoginRequestModel model)
{
UserLoginResponseModel response = await this._authorizationService.Login(model);
if (!response.Succeeded)
{
this.ModelState.AddModelError("", "Invalid username or password");
return(this.BadRequest(this.ModelState));
}
return(this.Ok(response));
}
public UserModel Login(UserLoginRequestModel req)
{
UserModel currentUser = new UserModel();
{
UserLoginModel userInfo = Get(req.Email);
bool validPassword = BCrypt.Net.BCrypt.Verify(req.Password, userInfo.Password);
if (validPassword)
{
currentUser = userInfo;
}
}
return(currentUser);
}
public async Task <IActionResult> LoginASync(UserLoginRequestModel userLoginRequestModel)
{
var user = await _userService.ValidateUser(userLoginRequestModel.Email, userLoginRequestModel.Password);
if (user == null)
{
return(Unauthorized());
}
var JwtToken = GenreateJWT(user);
// if user entered valid user/pw
// create JWT Token
return(Ok(new { token = JwtToken }));
}
public async Task <IActionResult> Post([FromBody] UserLoginRequestModel request)
{
var authResponse = await _identityService.LoginAsync(request.Email, request.Password);
if (!authResponse.Success)
{
return(Unauthorized(new ErrorResponseModel(authResponse.Errors)));
}
return(Ok(new AuthSuccessResponseModel
{
authToken = authResponse.AuthToken,
refreshToken = authResponse.RefreshToken
}));
}
/// <summary>
/// Login
/// </summary>
/// <param name="request"></param>
/// <returns></returns>
public async Task <bool> Login(UserLoginRequestModel request)
{
IReliableDictionary <string, UserState> myDictionary = await this.StateManager.GetOrAddAsync <IReliableDictionary <string, UserState> >("Users");
using (ITransaction tx = this.StateManager.CreateTransaction())
{
ConditionalValue <UserState> result = await myDictionary.TryGetValueAsync(tx, request.CellPhone);
if (result.HasValue)
{
return(result.Value.PassWord.Equals(request.PassWord, StringComparison.OrdinalIgnoreCase));
}
}
return(false);
}
public UserLoginResponseModel login(UserLoginRequestModel userLoginRequestModel, out ErrorModel errorModel)
{
errorModel = null;
try
{
Auth authHelper = new Auth();
UserLoginResponseModel loginResponseModel = authHelper.login(userLoginRequestModel, out errorModel);
return(loginResponseModel);
}
catch (Exception)
{
return(null);
}
}
public async Task <IActionResult> LoginUser(UserLoginRequestModel req)
{
if (ModelState.IsValid)
{
var loginResult = await _userService.ValidateUser(req.Email, req.Password);
if (loginResult == null)
{
return(Unauthorized(new { message = "Please check your credentials" }));
}
//success, generate JWT here
var token = GenerateJWT(loginResult);
return(Ok(new { token }));
}
return(BadRequest(new { message = "Please check the info you entered" }));
}
public async Task <IActionResult> Login(UserLoginRequestModel model)
{
// check un/pw is correct
var user = await _userService.Login(model.Email, model.Password);
if (user == null)
{
return(Unauthorized());
}
var jwt = CreateJWT(user);
// user entered correct password
// we create a token JWT which includes the user information and send it to Angular application
return(Ok(new { token = jwt }));
}
public async Task <IActionResult> Login(UserLoginRequestModel model)
{
var user = await _userService.Login(model.Email, model.Password);
if (user == null)
{
return(View());
}
// user entered his correct un/pw
// we will create a cookie, movieshopauthcookie =>FirstName, LastName, id, Email, expiration time , claims
// Cookie based Authentication.
// 2 hours
//
// create claims object and store required information
var claims = new List <Claim>
{
new Claim(ClaimTypes.GivenName, user.FirstName),
new Claim(ClaimTypes.Surname, user.LastName),
new Claim(ClaimTypes.NameIdentifier, user.Id.ToString()),
new Claim(ClaimTypes.Email, user.Email),
};
if (user.Roles != null)
{
claims.AddRange(user.Roles.Select(role => new Claim(ClaimTypes.Role, role)));
}
// HttpContext =>
// method type => get/post
// Url
// browsers
// headers
// form
// cookies
// create an identity object
var claimsIdentity = new ClaimsIdentity(claims, CookieAuthenticationDefaults.AuthenticationScheme);
// create a cookie that stores the identity information
await HttpContext.SignInAsync(CookieAuthenticationDefaults.AuthenticationScheme,
new ClaimsPrincipal(claimsIdentity));
return(LocalRedirect("~/"));
}
public async Task <IActionResult> PutUserLogin(
[FromRoute] string userId,
[FromRoute] string providerType,
[FromRoute] string providerId,
[FromBody] UserLoginRequestModel userLoginModel)
{
// Currently only support "password" provider
providerType = providerType.ToLowerInvariant();
if (providerType != LoginProvider.UserNamePassword)
{
_logger.LogInformation("PutUserLogin: Unsupported ProviderType '{0}'", providerType);
return(this.ValidationFailed(new ErrorDetail("providerType", "Unsupported provider type")));
}
// TODO Add password complexity options!
var user = await _userStore.GetUserByIdAsync(userId);
if (user == null)
{
return(NotFound());
}
user.Logins = user.Logins ?? new List <Login>();
var login = user.Logins?.FirstOrDefault(l => l.ProviderType == providerType && l.ProviderId == providerId);
if (login == null)
{
login = new Login
{
ProviderType = providerType,
ProviderId = providerId,
};
user.Logins.Add(login);
}
// Set Password
login.ProviderData = _passwordHasher.HashPassword(userLoginModel.Password);
await _userStore.SaveUserAsync(user);
return(CreatedAtRoute(nameof(DeleteUserLogin), new { userId, providerType, providerId }, null));
}
public IActionResult Login([FromBody] UserLoginRequestModel login)
{
try
{
if (login.Username.Length < 4 || login.Username.Length > 40)
{
throw new BadRequestException("Incorrect Data! Username must between " + 4 + " and " + 40 + " symbols!");
}
if (login.Password.Length < 6 || login.Password.Length > 40)
{
throw new BadRequestException("Incorrect Data! Password must between " + 6 + " and " + 40 + " symbols!");
}
string jwt = _jWTService.GenerateJSONWebToken(login);
CookieOptions cookieOptions = new CookieOptions();
cookieOptions.Expires = DateTime.Now.AddMinutes(120);
Response.Cookies.Append("Auth-Tst", jwt);
IActionResult response = Ok();
return(response);
} catch (Exception e)
{
if (e.GetType().Name.Equals("BadRequestException"))
{
Response.StatusCode = 400;
return(Content(e.Message));
}
else if (e.GetType().Name.Equals("NotFoundException"))
{
Response.StatusCode = 404;
return(Content(e.Message));
}
else
{
Response.StatusCode = 500;
return(Content(e.Message));
}
}
}
