Exemplo n.º 1
0
        public JsonWebToken Authenticate(LoginViewModel login)
        {
            User user = userRepository.GetUsers().FirstOrDefault(x => x.Email == login.Email && x.Password == login.Password);

            if (user == null)
            {
                return(null);
            }

            var jwt          = jwtService.Generate(user.Email);
            var refreshToken = passwordHasher.HashPassword(user, new Guid().ToString())
                               .Replace("+", string.Empty)
                               .Replace("=", string.Empty)
                               .Replace("/", string.Empty);

            jwt.RefreshToken = refreshToken;
            var token = jwtService.RefreshTokens.FirstOrDefault(x => x.Email == user.Email);

            if (token == null)
            {
                jwtService.RefreshTokens.Add(new RefreshToken {
                    Email = user.Email, Token = refreshToken
                });
            }
            else
            {
                token.Token = refreshToken;
            }

            return(jwt);
        }
Exemplo n.º 2
0
        public void Authenticate_WhenValidCredentialsGiven_ReturnsJsonWebToken()
        {
            IUserRepository userRepositoryMock = Substitute.For <IUserRepository>();

            userRepositoryMock.GetUsers().Returns(new List <User>()
            {
                new User()
                {
                    Email    = "Admin",
                    Password = "******"
                }
            });

            IPasswordHasher <User> passwordHasherMock = Substitute.For <IPasswordHasher <User> >();
            IJWTService            jwtServiceMock     = Substitute.For <IJWTService>();

            jwtServiceMock.Generate(Arg.Any <string>()).Returns(new JsonWebToken());
            jwtServiceMock.RefreshTokens.Returns(new List <RefreshToken>());

            AuthService    authService = new AuthService(userRepositoryMock, passwordHasherMock, jwtServiceMock);
            LoginViewModel model       = new LoginViewModel();

            model.Email    = "Admin";
            model.Password = "******";

            JsonWebToken result = authService.Authenticate(model);

            Assert.IsTrue(result != null);
        }
Exemplo n.º 3
0
        public async Task <DTO.Service.Token> Login(string identification, string password)
        {
            User user = await userManager.FindByNameAsync(identification);

            if (user is null)
            {
                throw new ApiException(HttpStatusCode.Forbidden, ApiError.NotFound);
            }

            if (!await userManager.IsEmailConfirmedAsync(user))
            {
                throw new ApiException(HttpStatusCode.Forbidden, ApiError.IsNotConfirmedUser);
            }

            if (!await userManager.CheckPasswordAsync(user, password))
            {
                throw new ApiException(HttpStatusCode.Forbidden, ApiError.EmailOrPasswordIncorrect);
            }

            string accessToken = jwt.Generate
                                 (
                user.Id,
                jwtSettings.Issuer,
                jwtSettings.Audience,
                jwtSettings.Bytes,
                jwtSettings.TokenExpireTime
                                 );

            string refreshToken = jwt.Generate
                                  (
                user.Id,
                jwtSettings.Issuer,
                jwtSettings.Audience,
                jwtSettings.Bytes,
                60 * 24 * 7
                                  );

            tokenDataProvider.Add(accessToken, refreshToken, user);
            unitOfWork.Commit();

            return(new DTO.Service.Token()
            {
                UserId = user.Id,
                AccessToken = accessToken,
                RefreshToken = refreshToken
            });
        }
Exemplo n.º 4
0
        public IActionResult RefreshToken([FromHeader] string refreshToken)
        {
            var token = jwtService.RefreshTokens.FirstOrDefault(x => x.Token == refreshToken);

            if (token == null)
            {
                return(Unauthorized());
            }

            var jwtToken = jwtService.Generate(token.Email);

            jwtToken.RefreshToken = refreshToken;
            return(Ok(jwtToken));
        }
Exemplo n.º 5
0
        public async Task <string> Token(string username, string password, CancellationToken cancellationToken)
        {
            var user = await userManager.FindByNameAsync(username);

            //var user = await userRepository.GetByUserAndPass(username, password, cancellationToken);
            if (user == null)
            {
                throw new BadRequestException("invalid credentilas");
            }
            if (!userManager.CheckPasswordAsync(user, password).Result)
            {
                throw new BadRequestException("invalid credentilas");
            }
            var jwt = await jwtService.Generate(user);

            return(jwt);
        }