Exemplo n.º 1
0
        public async Task <BaseResponse <AccessToken> > CreateTokenByRefreshToken(RefreshTokenViewModelResource refreshTokenViewModel)
        {
            var userClaim = await userService.GetUserByRefreshToken(refreshTokenViewModel.RefreshToken);

            if (userClaim.Item1 != null)
            {
                AccessToken accessToken       = tokenHandler.CreateAccessToken(userClaim.Item1);
                Claim       refreshTokenClaim = new Claim("refreshToken", accessToken.RefreshToken);

                Claim refreshTokenEndDateClaim = new Claim("refreshTokenEndDate", DateTime.Now.AddMinutes(tokenOptions.RefreshTokenexpiration).ToString());
                //userClaim.Item2[0] refrestoken karsilik gelir
                //userClaim.Item2[1] refrestokenEndDateCliam karsilik geliyor
                //userClaim.Item1 applicationUser barindiriyor, userClaim.Item2[0] refresToken demektir
                await userManager.ReplaceClaimAsync(userClaim.Item1, userClaim.Item2[0], refreshTokenClaim);

                await userManager.ReplaceClaimAsync(userClaim.Item1, userClaim.Item2[1], refreshTokenEndDateClaim);

                return(new BaseResponse <AccessToken>(accessToken));
            }
            else
            {
                //kullanici Cikis İslemi gerceklestirmis olabilir
                return(new BaseResponse <AccessToken>("Böyle bir refreshtoken sahip kullanıcı yok"));
            }
        }
Exemplo n.º 2
0
        public async Task <TokenResponse> CreateAccessTokenAsync(string email, string password)
        {
            //var user = await _userManager.FindByEmailAsync(email);
            var user = await _userManager.Users
                       .Include(x => x.Company)
                       .SingleAsync(x => x.NormalizedEmail == email);

            if (user == null)
            {
                return(new TokenResponse(false, "Invalid credentials.", null));
            }
            var roles = await _userManager.GetRolesAsync(user);

            if (roles.Count > 0)
            {
                user.UserRoles = new List <AppRole>();
                foreach (var item in roles)
                {
                    user.UserRoles.Add(new AppRole(item));
                }
            }
            var result = await _signInManager.PasswordSignInAsync(email, password, false, lockoutOnFailure : false);

            if (result.Succeeded == false)
            {
                return(new TokenResponse(false, "Invalid credentials.", null));
            }

            var token = _tokenHandler.CreateAccessToken(user);

            return(new TokenResponse(true, null, token));
        }
Exemplo n.º 3
0
        public async Task <BaseResponse <AccessToken> > CreateAccessTokenWithRefreshToken(RefreshTokenResourceModel model)
        {
            var user = await userService.GetUserByRefreshToken(model.RefreshToken);

            if (!user.Success)
            {
                return(new BaseResponse <AccessToken>(user.Message));
            }

            var token = tokenHandler.CreateAccessToken(user.Result.Item1);

            //yeni token ile refreshtoken claimleri güncellenecek
            Claim refreshTokenClaim   = new Claim("refreshToken", token.RefreshToken);
            Claim refreshTokenEndDate = new Claim("refreshTokenEndDate", DateTime.Now.AddMinutes(tokenOptions.RefreshTokenExpiration).ToString());

            var refReplace = await userManager.ReplaceClaimAsync(user.Result.Item1, user.Result.Item2.FirstOrDefault(c => c.Type == "refreshToken"), refreshTokenClaim);

            if (!refReplace.Succeeded)
            {
                return(new BaseResponse <AccessToken>("refreshtoken güncellenemedi"));
            }
            var refDateReplace = await userManager.ReplaceClaimAsync(user.Result.Item1, user.Result.Item2.FirstOrDefault(c => c.Type == "refreshTokenEndDate"), refreshTokenEndDate);

            if (!refDateReplace.Succeeded)
            {
                return(new BaseResponse <AccessToken>("refreshtokenDate güncellenemedi"));
            }

            return(new BaseResponse <AccessToken>(token));
        }
Exemplo n.º 4
0
        public void Should_Create_Access_Token()
        {
            var accessToken = _tokenHandler.CreateAccessToken(_user);

            Assert.NotNull(accessToken);
            Assert.NotNull(accessToken.RefreshToken);
            Assert.NotEmpty(accessToken.Token);
            Assert.NotEmpty(accessToken.RefreshToken.Token);
            Assert.True(accessToken.Expiration > DateTime.UtcNow.Ticks);
            Assert.True(accessToken.RefreshToken.Expiration > DateTime.UtcNow.Ticks);
            Assert.True(accessToken.RefreshToken.Expiration > accessToken.Expiration);
        }
Exemplo n.º 5
0
        public async Task <GenericResponse <AccessToken> > CreateAccessTokenAsync(string email, string password)
        {
            var user = await _userService.FindByEmailAsync(email);

            if (user == null || !_passwordHasher.PasswordMatches(password, user.Password))
            {
                return(new GenericResponse <AccessToken>("Invalid credentials."));
            }

            var token = _tokenHandler.CreateAccessToken(user);

            return(new GenericResponse <AccessToken>(token));
        }
Exemplo n.º 6
0
        public async Task <TokenResponse> CreateAccessTokenAsync(string email, string password)
        {
            var user = await _userService.FindByEmailAsync(email);

            if (user == null || !_passwordHasher.PasswordMatches(password, user.Password))
            {
                return(new TokenResponse(false, "Invalid credentials.", null));
            }

            var token = _tokenHandler.CreateAccessToken(user);

            return(new TokenResponse(true, null, token));
        }
        public async Task <BaseResponse <AccessToken> > CreateAccessToken(string username, string password)
        {
            var user = await _userService.FindFirstOrDefault(u => u.Username.Equals(username));

            if (user == null || !_passwordHasher.PasswordMatches(password, user.Password))
            {
                return(new BaseResponse <AccessToken>("Invalid credentials"));
            }

            var token = _tokenHandler.CreateAccessToken(user);

            return(new BaseResponse <AccessToken>(token));
        }
        public TokenResponse CreateAccessTokenAsync(string email, string password)
        {
            var user = _userRepository.GetUserForLogin(email);


            if (user == null || !Helpers.PasswordHelper.ValidatePassword(password, user.Hash))
            {
                return(new TokenResponse(false, "Invalid credentials.", null));
            }

            var token = _tokenHandler.CreateAccessToken(user);

            return(new TokenResponse(true, null, token));
        }
        public BaseResponse <AccessToken> CreateAccessToken(string email, string password)
        {
            BaseResponse <User> userResponse = userService.FindByEmailandPassword(email, password);

            if (userResponse.Success)
            {
                AccessToken accessToken = tokenHandler.CreateAccessToken(userResponse.Extra);
                return(new BaseResponse <AccessToken>(accessToken));
            }
            else
            {
                return(new BaseResponse <AccessToken>(userResponse.ErrorMessage));
            }
        }
Exemplo n.º 10
0
        public async Task <TokenResponse> CreateAccessTokenAsync(string email, string password)
        {
            var customer = await _dbContext
                           .Customer
                           .FirstAsync(c => c.Email == email);

            if (customer == null || !_passwordHasher.PasswordMatches(password, customer.Password))
            {
                return(new TokenResponse(false, "Invalid credentials.", null));
            }

            var token = _tokenHandler.CreateAccessToken(customer);

            return(new TokenResponse(true, null, token));
        }
        /// <summary>
        /// Creates an access token
        /// </summary>
        /// <param name="name"></param>
        /// <param name="password"></param>
        /// <returns>
        /// Unsuccessful TokenResponse if the credentials are invalid;
        /// Successful TokenRepsonse with the access token
        /// </returns>
        public async Task <TokenResponse> CreateAccessTokenAsync(string name, string password)
        {
            // check if the user exists and the password hash matches the password hash in the db
            var user = await _userService.GetUserByNameAsync(name);

            if (!user.Success || !_passwordHasher.PasswordMatches(password, user.User.Password))
            {
                return(new TokenResponse("Invalid credentials"));
            }

            // create the access token
            var token = _tokenHandler.CreateAccessToken(user.User);

            return(new TokenResponse(token));
        }
Exemplo n.º 12
0
        public AccessTokenResponse CreateAccesToken(string email, string password)
        {
            UserResponse userResponse = userService.FindEmailAndPassword(email, password);

            if (userResponse.Success)
            {
                AccessToken accessToken = tokenHandler.CreateAccessToken(userResponse.user);
                userService.SaveRefreshToken(userResponse.user.KullaniciId, userResponse.user.RefreshToken);
                return(new AccessTokenResponse(accessToken));
            }
            else
            {
                return(new AccessTokenResponse(userResponse.Message));
            }
        }
Exemplo n.º 13
0
        public async Task <TokenResponse> RefreshTokenAsync(string refreshToken, string userEmail)
        {
            var token = tokenHandler.TakeRefreshToken(refreshToken);

            if (token == null)
            {
                return(new TokenResponse(null, "", "", false, 498, "Invalid refresh token."));
            }

            if (token.IsExpired())
            {
                return(new TokenResponse(null, "", "", false, 498, "Expired refresh token."));
            }

            var user = await identityService.GetByUserNameAsync(userEmail);

            // var roles = await identityService.roles(user);

            if (user == null)
            {
                return(new TokenResponse(null, "", "", false, 498, "Invalid refresh token.", null));
            }

            var accessToken = tokenHandler.CreateAccessToken(user, null);

            return(new TokenResponse(accessToken, hasher.Encrypt(user.Id), hasher.Encrypt(user.PhoneNumber), true, 200, "Token refreshed successfully"));
        }
        public TokenResponse CreateAccessToken(string email, string Password)
        {
            //kullanıcının olup olmadigini kontorl etmek icin userservices kullanıyoruz.
            UserResponse userResponse = userServices.FindByEmailAndPassword(email, Password);

            if (userResponse.Status)
            {
                AccessToken accessToken = tokenHandler.CreateAccessToken(userResponse.user);

                userServices.SaveRefreshToken(userResponse.user.Id, accessToken.RefreshToken);
                return(new TokenResponse(accessToken));
            }
            else
            {
                return(new TokenResponse(userResponse.Message));
            }
        }
Exemplo n.º 15
0
        public Response <AccessToken> CreateAccessToken(string email, string password)
        {
            Response <TUser> userResponse = userService.FindByEMailAndPassword(email, password);

            if (userResponse.Success)
            {
                AccessToken accessToken = tokenHandler.CreateAccessToken(userResponse.Result);

                userService.SaveRefreshToken(userResponse.Result.Id, accessToken.RefreshToken);

                return(new Response <AccessToken>(accessToken));
            }
            else
            {
                return(new Response <AccessToken>(userResponse.Message));
            }
        }
Exemplo n.º 16
0
        public GenericResponse <AccessToken> CreateAccessToken(string userName, string password)
        {
            GenericResponse <TUser> userResponse = userService.GetUserByUserNameAndPassword(userName, password);

            if (userResponse.Success)
            {
                AccessToken accessToken = tokenHandler.CreateAccessToken(userResponse.Object);

                userService.SaveRefreshToken(userResponse.Object.TUserId, accessToken.RefreshToken);

                return(new GenericResponse <AccessToken>(accessToken));
            }
            else
            {
                return(new GenericResponse <AccessToken>(userResponse.Message));
            }
        }
Exemplo n.º 17
0
        public IActionResult Login([FromForm] UserLogin userLogin)
        {
            var userFromDb = _db.Users.FirstOrDefault(x => x.Email == userLogin.Email && x.Password == userLogin.Password);

            if (userFromDb != null)
            {
                Token token = _tokenHandler.CreateAccessToken();

                userFromDb.RefreshToken        = token.RefreshToken;
                userFromDb.RefreshTokenEndDate = token.Expiration.AddMinutes(5);

                _db.SaveChanges();

                return(Ok(token));
            }

            return(Unauthorized(new { message = "Username or password is incorrect" }));
        }
 public AccessTokenResponse CreateAccessToken(string email, string password)
 {
     try
     {
         var userResponse = _userService.FindEmailAndPassword(email, password);
         if (!userResponse.Success)
         {
             return(new AccessTokenResponse(userResponse.Message));
         }
         var accessToken = _tokenHandler.CreateAccessToken(userResponse.User);
         _userService.SaveRefreshToken(userResponse.User.Id, accessToken.RefreshToken);
         return(new AccessTokenResponse(accessToken));
     }
     catch (Exception ex)
     {
         return(new AccessTokenResponse($"İşlem sırasında bir hata oluştu :{ex.Message}"));
     }
 }
        public async Task <AccessToken> LogInAsync(string email, string password)
        {
            User user = await _userService.FindByEmailAsync(email);

            if (user == null)
            {
                throw new ApiException((int)ErrorEnum.InvalidCredentials, nameof(ErrorEnum.InvalidCredentials));
            }

            bool isPawordValid = await _userService.CheckPasswordAsync(user, password);

            if (!isPawordValid)
            {
                throw new ApiException((int)ErrorEnum.InvalidCredentials, nameof(ErrorEnum.InvalidCredentials));
            }
            AccessToken accessToken = _tokenHandler.CreateAccessToken(user);

            return(accessToken);
        }
Exemplo n.º 20
0
        public async Task <BaseResponse <AccessToken> > CreateAccessTokenByRefreshToken(RefleshTokenViewModelResource refleshTokenViewModel)
        {
            var userClaim = await _userService.GetUserByrefreshToken(refleshTokenViewModel.RefreshToken);

            if (userClaim.Item1 != null)
            {
                AccessToken acessToken               = _tokenHandle.CreateAccessToken(userClaim.Item1);
                Claim       refreshTokenClaim        = new Claim("refreshToken", acessToken.RefreshToken);
                Claim       refreshTokenEndDateClaim = new Claim("refreshTokenEndDate", DateTime.Now.AddMinutes(_tokenOptions.RefreshTokenExpiration).ToString());
                await userManager.ReplaceClaimAsync(userClaim.Item1, userClaim.Item2[0], refreshTokenClaim);

                await userManager.ReplaceClaimAsync(userClaim.Item1, userClaim.Item2[1], refreshTokenEndDateClaim);

                return(new BaseResponse <AccessToken>(acessToken));
            }
            else
            {
                return(new BaseResponse <AccessToken>("Bele bir istifadeci yoxdur"));
            }
        }
        public async Task <Response <AccessToken> > CreateAccessToken(string email, string password)
        {
            var user = await userService.GetUserByEmailAndPasswordAsync(email, password);

            if (!user.Success)
            {
                return(new Response <AccessToken>(user.Message));
            }

            var accessToken = tokenHandler.CreateAccessToken(user.Result);

            if (accessToken == null)
            {
                return(new Response <AccessToken>("Token couldnt created"));
            }

            var refResult = await userService.SaveRefreshTokenAsync(user.Result.Id, accessToken.RefreshToken);

            return(new Response <AccessToken>(accessToken));
        }
Exemplo n.º 22
0
        public async Task <BaseResponse> CreateAccessTokenAsync(string mail, string password)
        {
            try{
                string hashedPassword = _passwordHasher.GetHashedPassword(password);
                User   user           = await _userRepository.GetUserByCredential(mail, hashedPassword);

                if (user == null)
                {
                    return(GetErrorResponse("Invalid credentials"));
                }

                var token = _tokenHandler.CreateAccessToken(user);

                return(new BaseResponse(true, null, token));
            }
            catch (Exception ex)
            {
                return(GetErrorResponse(ex.Message));
            }
        }
        public async Task <BaseResponse <AccessToken> > CreateAccessTokenByRefreshToken(RefreshTokenViewModelResource refreshTokenViewModel)
        {
            var userClaim = await userService.GetUserByRefreshToken(refreshTokenViewModel.RefreshToken);

            if (userClaim.Item1 != null)
            {
                AccessToken accessToken              = tokenHandler.CreateAccessToken(userClaim.Item1);
                Claim       refreshTokenClaim        = new Claim("refreshToken", accessToken.RefreshToken);
                Claim       refreshTokenEndDateClaim = new Claim("refreshTokenEndDate", DateTime.Now.AddMinutes(tokenOptions.RefreshTokenExpiration).ToString());

                await userManager.ReplaceClaimAsync(userClaim.Item1, userClaim.Item2[0], refreshTokenClaim);

                await userManager.ReplaceClaimAsync(userClaim.Item1, userClaim.Item2[1], refreshTokenEndDateClaim);

                return(new BaseResponse <AccessToken>(accessToken));
            }

            else
            {
                return(new BaseResponse <AccessToken>("Böyle bir refreshToken'a sahip bir kullanıcı bulunamadı."));
            }
        }
Exemplo n.º 24
0
        public AccessTokenResponse CreareAccessTokenWithRefreshToken(string refreshToken)
        {
            UserResponse userResponse = userService.GetUserwithRefreshToken(refreshToken);

            if (userResponse.Success)
            {
                if (userResponse.user.RefreshTokenEndDate > DateTime.Now)
                {
                    AccessToken accessToken = tokenHandler.CreateAccessToken(userResponse.user);
                    userService.SaveRefreshToken(userResponse.user.Id, accessToken.RefreshToken);
                    return(new AccessTokenResponse(accessToken));
                }
                else
                {
                    return(new AccessTokenResponse($"AccessToken'ın Süresi Dolmuştur."));
                }
            }
            else
            {
                return(new AccessTokenResponse("RefreshToken Bulunamadı."));
            }
        }
Exemplo n.º 25
0
        public AccessTokenResponse CerateAccessTokenByRefreshToken(string refreshToken)
        {
            UserResponse userResponse = userService.GetUserWithRefreshToken(refreshToken);

            if (userResponse.Success)
            {
                if (userResponse.user.RefreshTokenEndDate > DateTime.Now)
                {
                    AccessToken accessToken = tokenHandler.CreateAccessToken(userResponse.user);
                    userService.SaveRefreshToken(userResponse.user.Id, accessToken.RefreshToken);
                    return(new AccessTokenResponse(accessToken));
                }
                else
                {
                    return(new AccessTokenResponse("refreshtoken suresi dolmus"));
                }
            }
            else
            {
                return(new AccessTokenResponse("refreshtoken bulunamadı"));
            }
        }
Exemplo n.º 26
0
        public AccessTokenResponse CreateAccessToken(string username, string password)
        {
            UserResponse userResponse = userService.FindUsernameAndPassword(username, password);

            if (userResponse.Success)
            {
                AccessToken accessToken = tokenHandler.CreateAccessToken(userResponse.user);
                return(new AccessTokenResponse(accessToken));
            }
            else
            {
                return(new AccessTokenResponse(userResponse.Message));
            }
        }
Exemplo n.º 27
0
        private async Task <AccessToken> CreateAccessToken(User user)
        {
            var accessToken = tokenHandler.CreateAccessToken(user);

            var usertkn = uow.UserToken.GetUserTokenByUserId(user.Id);

            if (usertkn != null)
            {
                uow.UserToken.DeleteUserToken(usertkn);
            }

            UserToken userToken = new UserToken(user.Id, accessToken.RefreshToken, accessToken.Expiration.AddMinutes(tokenOpt.RefreshTokenExpiration));
            await uow.UserToken.InsertAsync(userToken);

            uow.Complete();

            return(accessToken);
        }
Exemplo n.º 28
0
 public AccessToken CreateAccessToken(string emailAddress)
 {
     return(_tokenHandler.CreateAccessToken(emailAddress));
 }
Exemplo n.º 29
0
        public async Task <TokenResponse> AuthenticateAsync(LoginRequestDto request)
        {
            var user = await this.GetByUserNameAsync(request.UserName);

            // user.UserRoles = roles.Select(a => new ApplicationUserRole{ UserId= user.Id, Role = new ApplicationRole{)


            ////      user.UserRoles  = (ICollection<ApplicationUserRole>)roles;

            if (user != null)
            {
                // validate the password.
                if (!await userManager.CheckPasswordAsync(user, request.Password))
                {
                    return(new TokenResponse(null, "", "", false, 401, localizer["LoginResponseInvalidEmailPasswordErrMsg"]));
                }

                // Check user activation.
                if (!user.IsActive)
                {
                    return(new TokenResponse(null, "", "", false, 401, localizer["LoginResponseDisabledAccountErrMsg"]));
                }
                //  logger.LogInformation("User in role admin");
                // Add Login History
                if (!environment.IsDevelopment())
                {
                    var ip = userDetectionService.GetUserIpAddress();
                    var userGeoLocation = await userDetectionService.GetUserGeoLocation(ip);

                    if (userGeoLocation.IsSuccess)
                    {
                        ApplicationUserLoginHistory loginHistory = mapper.Map <UserGeoLocationResponse, ApplicationUserLoginHistory>(userGeoLocation);
                        loginHistory.ApplicationUserId = user.Id;
                        loginHistory.CreatedBy         = user.Id;
                        loginHistory.Browser           = userDetectionService.GetUserBrowser();
                        await unitOfWork.ApplicationUserLoginHistory.AddAsync(loginHistory);

                        await unitOfWork.Commit();
                    }
                }
                #region add claims to user
                var userClaims = await userManager.GetClaimsAsync(user);

                var UserRoles = await userManager.GetRolesAsync(user);

                var claims = new List <Claim> {
                    new Claim(JwtRegisteredClaimNames.Jti, user.Id),
                    new Claim(JwtRegisteredClaimNames.Sub, user.Email),
                    new Claim("tel", user.PhoneNumber),
                    new Claim("lng", string.IsNullOrEmpty(user.DefaultLang)? "ar" : user.DefaultLang)
                };
                // Add role claim
                //foreach (Claim userClaim in userClaims)
                //{
                //    claims.Add(userClaim);
                //}
                foreach (string item in UserRoles)
                {
                    claims.Add(new Claim(ClaimTypes.Role, item));
                }
                var token = tokenHandler.CreateAccessToken(user, claims);
                #endregion
                return(new TokenResponse(token, hasher.Encrypt(user.Id), hasher.Encrypt(user.PhoneNumber), true, 200, localizer["LoginResponseSuccessMsg"]));
            }
            else
            {
                return(new TokenResponse(null, "", "", false, 401, localizer["LoginResponseInvalidEmailPasswordErrMsg"]));
            }
        }