internal static KeyValuePair <JwtTokenValidationStatus, LoginResponseModel> Validate(string token) { if (!token.HasValue()) { return(new KeyValuePair <JwtTokenValidationStatus, LoginResponseModel>(JwtTokenValidationStatus.NoToken, null)); } try { string preSharedKey = Utilities.Utility.GetConfigValue("jwtTokenKey"); using (HMACSHA256 hmac = new HMACSHA256(Encoding.ASCII.GetBytes(preSharedKey))) { JwtSecurityTokenHandler tokenHandler = new JwtSecurityTokenHandler(); SecurityToken validatedToken = new JwtSecurityToken(); JwtSecurityToken jwtToken = tokenHandler.ReadJwtToken(token); TokenValidationParameters validationParameters = new TokenValidationParameters { IssuerSigningKey = new SymmetricSecurityKey(hmac.Key), ValidateAudience = false, ValidateIssuer = false }; ClaimsPrincipal claimsPrincipal = tokenHandler.ValidateToken(token, validationParameters, out validatedToken); if (jwtToken.ValidFrom < DateTime.UtcNow && jwtToken.ValidTo > DateTime.UtcNow) { string userId = GetClaim(claimsPrincipal, Constants.CLAIM_USER_ID); string sessionId = GetClaim(claimsPrincipal, Constants.CLAIM_SESSION_ID); if (string.IsNullOrWhiteSpace(userId) || string.IsNullOrWhiteSpace(sessionId)) { return(new KeyValuePair <JwtTokenValidationStatus, LoginResponseModel>(JwtTokenValidationStatus.Invalid, null)); } LoginResponseModel loginModel = new LoginResponseModel { UserId = userId, SessionId = sessionId }; return(new KeyValuePair <JwtTokenValidationStatus, LoginResponseModel>(JwtTokenValidationStatus.Valid, loginModel)); } else { return(new KeyValuePair <JwtTokenValidationStatus, LoginResponseModel>(JwtTokenValidationStatus.Expired, null)); } } } catch (Exception ex) { LoggerService.LogException("", "JwtValidate", "ValidateJwtToken", ex); return(new KeyValuePair <JwtTokenValidationStatus, LoginResponseModel>(JwtTokenValidationStatus.Invalid, null)); } }
private User ValidateSession(AuthorizationFilterContext context, LoginResponseModel loginResponseModel) { User user = null; string sessionIdFromCache = CacheService.GetSessionId(context.HttpContext, loginResponseModel.SessionId); // TODO: Handle sessions between server restarts and app-updates if (!string.IsNullOrWhiteSpace(sessionIdFromCache)) { user = CacheService.GetUserAsync(context.HttpContext, loginResponseModel.UserId).Result; } if (user == null) { using (TeamDbContext dbContext = new TeamDbContext()) { UserSession userSession = dbContext.UserSessions.FirstOrDefault(e => e.SessionId == loginResponseModel.SessionId && e.Active); if (userSession == null) { context.Result = new UnauthorizedResult(); return(null); } user = dbContext.Users.FirstOrDefault(e => e.UserId == loginResponseModel.UserId.ToUpper(CultureInfo.InvariantCulture)); if (user == null) { context.Result = new UnauthorizedResult(); return(null); } //AuthService.PopulateUserClientsAsync(dbContext, user); // save user to session CacheService.StoreUserAsync(context.HttpContext, user); } } return(user); }
public static async Task <ResponseBase <LoginResponseModel> > LoginAsync(TeamHttpContext teamHttpContext, LoginModel loginModel) { if (teamHttpContext == null) { throw new ArgumentNullException(nameof(teamHttpContext)); } if (loginModel == null) { throw new ArgumentNullException(nameof(loginModel)); } LoginResponseModel loginResponse = new LoginResponseModel { Status = LoginStatus.InValid }; User user = new User(); user = await ValidatePassword(teamHttpContext, loginModel).ConfigureAwait(false); if (user != null) { using (TeamDbContext dbContext = new TeamDbContext()) { if (user.UserId != null) { teamHttpContext.SetValue(Constants.CONTEXT_USER_ID, user.UserId); loginResponse.Status = LoginStatus.LoggedIn; } else { loginResponse.Status = LoginStatus.NoAccess; } if (loginResponse.Status == LoginStatus.LoggedIn) { user.LastLoggedIn = DateTime.Now; await dbContext.SaveChangesAsync().ConfigureAwait(false); } } } if (loginResponse.Status == LoginStatus.LoggedIn) { string sessionId = Guid.NewGuid().ToString(); await CreateSessionAsync(user.UserId, sessionId).ConfigureAwait(false); await CacheService.StoreSessionAsync(teamHttpContext, sessionId).ConfigureAwait(false); await CacheService.StoreUserAsync(teamHttpContext, user).ConfigureAwait(false); int validity = Utility.IsProduction ? 1 : 7; long validUntil = DateTime.UtcNow.AddDays(validity).GetUnixTimeStamp(); loginResponse.Token = Jwt.CreateToken(user, sessionId, validUntil); loginResponse.Email = user.Email; loginResponse.UserId = user.UserId; loginResponse.Type = user.UserType; loginResponse.SessionId = sessionId; loginResponse.ExpiryTimestamp = validUntil; loginResponse.IsAddRights = user.IsAdd; loginResponse.IsEditRights = user.IsEdit; loginResponse.IsDeleteRights = user.IsDelete; return(GetTypedResponse <LoginResponseModel>(teamHttpContext, loginResponse)); } else { return(GetUnauthorizedResponse <LoginResponseModel>(teamHttpContext, loginResponse)); } }