public async Task <IActionResult> Post([FromBody] UserCredentials model)
{
var result = await _signInManager.PasswordSignInAsync(model.Username, model.Password, true, true);
if (result.IsLockedOut || !result.Succeeded)
{
return(Unauthorized());
}
var user = await _userManager.FindByNameAsync(model.Username);
if (user == null)
{
return(Unauthorized());
}
var userRoles = await _userManager.GetRolesAsync(user);
var tokenResult = _jwtTokenGenerator.Generate(user, userRoles);
HttpContext.Response.Cookies.Append(
".AspNetCore.Application.Id",
tokenResult.AccessToken,
new CookieOptions {
MaxAge = TimeSpan.FromMinutes(60)
});
return(Ok(tokenResult.Expires));
}
public async Task <IActionResult> Session([FromBody] UserCredentials credentials)
{
var user = await Mediator.Send(new GetUserQuery { Email = credentials.Email, Password = credentials.Password });
var tokenResult = _jwtTokenGenerator.Generate(user);
HttpContext.Response.Cookies.Append(
".AspNetCore.Application.Id",
tokenResult.AccessToken,
new CookieOptions {
MaxAge = TimeSpan.FromMinutes(10080)
});
return(Ok(user));
}
public async Task <IActionResult> CreateAndLoginUser(LoginViewModel loginViewModel)
{
var appUser = new AppUser
{
UserName = "******",
Email = loginViewModel.Email
};
await _userManager.AddToRolesAsync(appUser, new List <string>
{
AppRoleEnum.Administrator.ToString(),
AppRoleEnum.SuperAdministrator.ToString()
}
);
return(Ok(_tokenGenerator.Generate(appUser)));
}
public async Task <IActionResult> SignIn([FromBody] LoginViewModel loginViewModel)
{
var user = await _userManager.FindByEmailAsync(loginViewModel.Email);
if (user == null)
{
return(new NotFoundResult());
}
var result = await _signInManager.CheckPasswordSignInAsync(user, loginViewModel.Password, false);
if (result.Succeeded)
{
var token = new JwtTokenViewModel
{
AccessToken = _jwtTokenGenerator.Generate(user),
RefreshToken = _refreshTokenGenerator.Generate()
};
try
{
await _tokenProvider.RegisterRefreshToken(token.RefreshToken, user.Id);
await _tokenProvider.RegisterAccessToken(
_jwtTokenHelper.GetSignature(token.AccessToken),
_jwtTokenHelper.GetExpirationDate(token.AccessToken),
user.Id);
}
catch (Exception)
{
return(new StatusCodeResult((int)HttpStatusCode.InternalServerError));
}
return(new OkObjectResult(token));
}
if (result.IsLockedOut || result.IsNotAllowed)
{
return(new ForbidResult());
}
return(new ForbidResult());
}
public async Task <IActionResult> RefreshAccessToken(Guid refreshToken)
{
var refreshTokenObject = await _tokenProvider.GetRefreshToken(refreshToken);
if (refreshTokenObject == null)
{
return(BadRequest());
}
var user = await _userManager.FindByIdAsync(refreshTokenObject.UserId.ToString());
if (user == null)
{
return(BadRequest());
}
var token = new JwtTokenViewModel
{
AccessToken = _tokenGenerator.Generate(user),
RefreshToken = refreshToken.ToString()
};
try
{
await _tokenProvider.UpdateRefreshToken(refreshToken);
await _tokenProvider.RegisterAccessToken(
_jwtTokenHelper.GetSignature(token.AccessToken),
_jwtTokenHelper.GetExpirationDate(token.AccessToken),
user.Id);
}
catch (Exception)
{
return(new StatusCodeResult((int)HttpStatusCode.InternalServerError));
}
return(new OkObjectResult(token));
}
