public async Task <IActionResult> OnPostAsync(string returnUrl = null)
{
returnUrl = returnUrl ?? Url.Content("~/");
if (ModelState.IsValid)
{
// This doesn't count login failures towards account lockout
// To enable password failures to trigger account lockout, set lockoutOnFailure: true
var result = await _signInManager.PasswordSignInAsync(Input.Email, Input.Password, Input.RememberMe, lockoutOnFailure : true);
if (result.Succeeded)
{
_logger.LogInformation("User logged in.");
var tokenString = AuthTokenUtil.GetJwtTokenString(Input.Email, _config);
return(new ObjectResult(tokenString));
}
if (result.RequiresTwoFactor)
{
return(RedirectToPage("./LoginWith2fa", new { ReturnUrl = returnUrl, RememberMe = Input.RememberMe }));
}
if (result.IsLockedOut)
{
_logger.LogWarning("User account locked out.");
return(RedirectToPage("./Lockout"));
}
else
{
ModelState.AddModelError(string.Empty, "Invalid login attempt.");
return(Page());
}
}
// If we got this far, something failed, redisplay form
return(Page());
}
public async Task <ActionResult <TokenVM> > Login([FromBody] LoginVM loginVM)
{
var user = await userManager.FindByEmailAsync(loginVM.Username);
if (user != null && await userManager.CheckPasswordAsync(user, loginVM.Password) && await userManager.IsEmailConfirmedAsync(user))
{
return(Ok(AuthTokenUtil.GetJwtTokenString(user.UserName, userManager, config).Result));
}
return(Unauthorized());
}
public async Task <IActionResult> Login(LoginModel data)
{
// This doesn't count login failures towards account lockout
// To enable password failures to trigger account lockout, set lockoutOnFailure: true
var result = await _signInManager.PasswordSignInAsync(data.Username, data.Password, false, lockoutOnFailure : true);
if (result.Succeeded)
{
_logger.LogInformation("User logged in.");
var tokenString = AuthTokenUtil.GetJwtTokenString(data.Username, _config);
return(new ObjectResult(tokenString));
}
return(Unauthorized());
}
public async Task <ActionResult <TokenVM> > Facebook([FromBody] FacebookAuthViewModel model)
{
// 1.generate an app access token
var appAccessTokenResponse = await client.GetStringAsync($"https://graph.facebook.com/oauth/access_token?client_id={_fbAuthConfiguration.AppId}&client_secret={_fbAuthConfiguration.AppSecret}&grant_type=client_credentials");
var appAccessToken = JsonConvert.DeserializeObject <FacebookAppAccessToken>(appAccessTokenResponse);
// 2. validate the user access token
var userAccessTokenValidationResponse = await client.GetStringAsync($"https://graph.facebook.com/debug_token?input_token={model.AccessToken}&access_token={appAccessToken.AccessToken}");
var userAccessTokenValidation = JsonConvert.DeserializeObject <FacebookUserAccessTokenValidation>(userAccessTokenValidationResponse);
if (!userAccessTokenValidation.Data.IsValid)
{
return(BadRequest());
/*return BadRequest(Errors.AddErrorToModelState("login_failure", "Invalid facebook token.", ModelState));*/
}
// 3. we've got a valid token so we can request user data from fb
var userInfoResponse = await client.GetStringAsync($"https://graph.facebook.com/v2.8/me?fields=id,email,first_name,last_name,name,gender,locale,birthday&access_token={model.AccessToken}");
var userInfo = JsonConvert.DeserializeObject <FacebookUserData>(userInfoResponse);
// 4. ready to create the local user account (if necessary) and jwt
var user = await userManager.FindByEmailAsync(userInfo.Email);
if (user == null)
{
var appUser = new ApplicationUser
{
Email = userInfo.Email,
UserName = userInfo.Email,
FullName = userInfo.LastName + userInfo.FirstName
};
var password = "******";
var result = await userManager.CreateAsync(appUser, password);
if (!result.Succeeded)
{
return(BadRequest());
}
}
// generate the jwt for the local user...
var localUser = await userManager.FindByNameAsync(userInfo.Email);
await userManager.AddToRoleAsync(localUser, "User"); // Add to "user" role
return(Ok(AuthTokenUtil.GetJwtTokenString(localUser.UserName, userManager, config).Result));
}
public async Task <ObjectResult> Fblogin(string token)
{
var AppId = _config["ApplicationFacebook:AppId"].ToString();
var AppSecret = _config["ApplicationFacebook:AppSecret"].ToString();
var appAccessTokenResponse = await Client.GetStringAsync($"https://graph.facebook.com/oauth/access_token?client_id={AppId}&client_secret={AppSecret}&grant_type=client_credentials");
var appAccessToken = JsonConvert.DeserializeObject <FacebookAppAccessToken>(appAccessTokenResponse);
// 2. validate the user access token
var userAccessTokenValidationResponse = await Client.GetStringAsync($"https://graph.facebook.com/debug_token?input_token={token}&access_token={appAccessToken.AccessToken}");
var userAccessTokenValidation = JsonConvert.DeserializeObject <FacebookUserAccessTokenValidation>(userAccessTokenValidationResponse);
if (!userAccessTokenValidation.Data.IsValid)
{
return(BadRequest("false to login with FB"));
}
// 3. we've got a valid token so we can request user data from fb
var userInfoResponse = await Client.GetStringAsync($"https://graph.facebook.com/v2.8/me?fields=id,email,first_name,last_name,name,gender,locale,birthday,picture&access_token={token}");
var userInfo = JsonConvert.DeserializeObject <FacebookUserData>(userInfoResponse);
ExternalLoginInfo info = new ExternalLoginInfo(null, "Facebook", userInfo.Id, "Facebook");
var user = await _userManager.FindByEmailAsync(userInfo.Email);
if (user == null)
{
var appUser = new ApplicationUser
{
Email = userInfo.Email,
DisplayName = userInfo.Name,
UserName = userInfo.Email
};
var result = await _userManager.CreateAsync(appUser);
var resultLogin = await _userManager.AddLoginAsync(appUser, info);
}
else
{
var resultLogin = await _userManager.AddLoginAsync(user, info);
}
var refreshToken = AuthTokenUtil.GetJwtTokenString(userInfo.Email, _config);
return(new OkObjectResult(refreshToken));
}
public async Task <ObjectResult> LoginGoogle(string accessToken)
{
try
{
var payload = GoogleJsonWebSignature.ValidateAsync(accessToken, new GoogleJsonWebSignature.ValidationSettings()).Result;
ExternalLoginInfo info = new ExternalLoginInfo(null, "Google", payload.Subject, "Google");
var resultFindByMail = await _userManager.FindByEmailAsync(payload.Email);
var resultFindByLoginExternal = await _userManager.FindByLoginAsync("Google", payload.Subject);
var tokenString = AuthTokenUtil.GetJwtTokenString(payload.Email, _config);
var user = new ApplicationUser {
UserName = payload.Email, Email = payload.Email, DisplayName = payload.Name
};
if (resultFindByMail == null)
{
var resultCreate = await _userManager.CreateAsync(user);
if (resultCreate.Succeeded)
{
var resultLogin = await _userManager.AddLoginAsync(user, info);
return(new OkObjectResult(tokenString));
}
}
else
{
if (resultFindByLoginExternal == null)
{
var resultLogin = await _userManager.AddLoginAsync(resultFindByMail, info);
}
await _signInManager.SignInAsync(resultFindByMail, isPersistent : false);
}
return(new OkObjectResult(tokenString));
}
catch (Exception ex)
{
BadRequest(ex.Message);
}
return(BadRequest("Error !"));
}
public async Task <IActionResult> Login(LoginModel data)
{
var checkUser = await _userManager.FindByNameAsync(data.Username);
if (checkUser == null)
{
return(Unauthorized("Your username hasn't joined our system, please click Sign Up link to register"));
}
// This doesn't count login failures towards account lockout
// To enable password failures to trigger account lockout, set lockoutOnFailure: true
var result = await _signInManager.PasswordSignInAsync(data.Username, data.Password, false, lockoutOnFailure : true);
if (result.Succeeded)
{
_logger.LogInformation("User logged in.");
var tokenString = AuthTokenUtil.GetJwtTokenString(data.Username, _config);
return(new ObjectResult(tokenString));
}
return(Unauthorized("Password is incorrect"));
}
