public IActionResult AuthenticateUser([FromBody] AuthBody authBody)
{
if (!ModelState.IsValid)
{
return(BadRequest(ModelState));
}
if (!_context.User.Any(u => authBody.mailAddress.Equals(u.mailAddress)))
{
return(NotFound());
}
var user = _context.User.First(u => u.mailAddress.Equals(authBody.mailAddress));
if (BCrypt.Net.BCrypt.Verify(authBody.password, user.password))
{
var response = new AuthResponseBody()
{
id = user.id,
mailAddress = user.mailAddress,
team = user.team,
username = user.username
};
return(Ok(response));
}
else
{
return(BadRequest(new BasicResponse {
message = "Wrong password"
}));
}
}
/*AuthenticationContext Context;
*
* protected async Task<string> GetToken()
* {
* // The AquireTokenAsync call will prompt with a UI if necessary
* // Or otherwise silently use a refresh token to return
* // a valid access token
* var authenticationResult = await Context.AcquireTokenAsync(Config.ActiveDirectoryBaseUrl,
* Config.MediaServicesClientId,
* new Uri("http://viime.com"),
* new PlatformParameters());
*
* return authenticationResult.AccessToken;
* }*/
/// <summary>
/// Gets the token.
/// </summary>
/// <returns>The token.</returns>
//protected async Task<string> GetToken()
protected async Task GetToken()
{
var url = string.Format("{0}{1}", Config.ActiveDirectoryBaseUrl, Config.ActiveDirectoryTenantId);
_activeDirectoryApi = RestService.For <IActiveDirectoryApi>(url, new RefitSettings
{
JsonSerializerSettings = new JsonSerializerSettings
{
ContractResolver = new CamelCasePropertyNamesContractResolver()
}
});
var auth = new AuthBody()
{
GrantType = "client_credentials",
ClientId = Config.MediaServicesClientId,
ClientSecret = Config.MediaServicesClientSecret,
Resource = Config.MediaServicesResourceUrl
};
var result = await _activeDirectoryApi.GetToken(auth);
var settings = new SettingsStorable()
{
BearerToken = result.AccessToken
};
await Storage.InsertObject(settings);
}
public async Task <IActionResult> Login([FromBody] AuthBody data)
{
//входим по логину и паролю БЕЗ блокировки пользователя при вводе неправильных данных
var auth = await _signInManager.PasswordSignInAsync(data.Login, data.Password,
true, false);
// а если не ок, то досвиданья
if (!auth.Succeeded)
{
return(BadRequest("Неправильный логин или пароль"));
}
// если всё ок
// ищем сущность этого пользователя
var user = await _userManager.FindByNameAsync(data.Login);
var token = AuthService.GenerateToken(user); // создаём токен
var role = await _userManager.GetRolesAsync(user); // узнаем роль пользователя
// возвращаем инфу
var response = new AuthResponse
{
AccessToken = token,
UserName = data.Login,
Email = user.Email,
UserId = user.Id,
Role = role.First()
};
return(Ok(response));
}
/// <summary>
/// Method for authorization in to the system
/// </summary>
/// <param name="login">Ecampus User name </param>
/// <param name="password">Ecampus passsword</param>
/// <returns></returns>
public async Task <Login> LoginAsync(string login, string password)
{
if (authUser == null && string.IsNullOrWhiteSpace(login) && string.IsNullOrWhiteSpace(password))
{
throw new ArgumentException();
}
var loginPage = await client.GetAsync(Links.BaseLink + Links.LoginLink);
if (!loginPage.IsSuccessStatusCode)
{
throw new Exception("Server Error");
}
// html code for auth
var loginContent = await loginPage.Content.ReadAsStringAsync();
var token = GetVerificationToken(loginContent);
var authRequest = new AuthBody()
{
Login = login,
Password = password,
Token = token,
RememberMe = true
};
var requestBody = new StringContent($"__RequestVerificationToken={authRequest.Token}" +
$"&Login={authRequest.Login}&Password={authRequest.Password}&RememberMe={authRequest.RememberMe}", Encoding.UTF8, "application/x-www-form-urlencoded");
var loginResponse = await client.PostAsync(string.Concat(Links.BaseLink, Links.LoginLink), requestBody);
if (!loginResponse.IsSuccessStatusCode)
{
return(new Login {
IsSuccess = false, ReasonFail = Reason.ErrorServer
});
}
var resultContent = await loginResponse.Content.ReadAsStringAsync();
var success = resultContent.Contains("<span class=\"username\">");
if (success == false)
{
var checkOnPassLogin = resultContent.Contains("validation-summary-errors alert alert-danger alert-block");
if (checkOnPassLogin)
{
return(new Login {
IsSuccess = false, ReasonFail = Reason.Pasword
});
}
else
{
return(new Login {
IsSuccess = false, ReasonFail = Reason.OtherProblem
});
}
}
return(new Login {
IsSuccess = true, ReasonFail = Reason.None
});
}
private async void Button_Clicked(object sender, EventArgs e)
{
// если нет подключение к интернету
if (!CrossConnectivity.Current.IsConnected)
{
return;
}
var login = loginEntry.Text;
var password = passwordEntry.Text;
var body = new AuthBody
{
Login = loginEntry.Text,
Password = passwordEntry.Text
};
if (string.IsNullOrWhiteSpace(login) || string.IsNullOrWhiteSpace(password))
{
await DisplayAlert("Внимание", "Заполнены не все поля", "ОК");
return;
}
var response = await RequestBuilder.Create()
.AppendPathSegments("api", "account", "login") // добавляет к ендпоинт
.PostJsonAsync(body); // https://localhost:5001/api/account/login?login=1&password=1234567
var result = await response.Content.ReadAsStringAsync();
if (!response.IsSuccessStatusCode)
{
await DisplayAlert("ошибка", result, "cancel");
return;
}
var data = JsonConvert.DeserializeObject <AuthResponse>(result);
MySettings.Token = data.AccessToken;
MySettings.UserName = data.UserName;
MySettings.Email = data.Email;
MySettings.UserId = data.UserId;
MySettings.Role = data.Role;
if (MySettings.Role == RoleNames.User)
{
await Navigation.PushAsync(new MasterDetailPage1());
}
else if (MySettings.Role == RoleNames.Worker)
{
await Navigation.PushAsync(new MasterDetailPage1());
}
else if (MySettings.Role == RoleNames.Director)
{
await Navigation.PushAsync(new MasterDetailPage1());
}
}
public async Task <ActionResult <UserViewModel> > Authenticate([FromBody] AuthBody authBody)
{
try
{
var result = await AuthService.Authenticate(authBody.Id);
return(Ok(result));
}
catch (Exception e)
{
Logger.LogInformation("Authenticate error {Exception}", e);
return(Unauthorized(e.Message));
}
}
