public void Login_ShouldNotReturnToken(string userName, string password)
{
// arrange
var dto = new LoginDto
{
UserName = userName,
Password = password
};
var baseRepositoryMock = new Mock <IBaseRepository>();
baseRepositoryMock
.Setup(m => m.Get <User>(x => x.UserName == dto.UserName))
.Returns(() => new User
{
UserName = userName,
Password = PasswordHelper.EncodePassword(password).PasswordHash,
PasswordSalt = PasswordHelper.EncodePassword(password).PasswordSalt
});
var jwtService = new JwtService();
var userService = new UserService(null, null, null, null);
var userProfileService = new UserProfileService(baseRepositoryMock.Object, null, userService);
var service = new AuthService(baseRepositoryMock.Object, jwtService, userProfileService);
// act
// assert
Assert.That(Assert.Throws <UnauthorizedAccessException>(() => service.Login(dto))?.Message == AuthExceptionMessages.INVALID_USERNAME_OR_PASSWORD);
}
public async Task <IActionResult> CheckCustomerToken()
{
var customer = await _workContext.GetCurrentCustomerAsync();
if (customer == null)
{
return(Ok(new { success = false, message = await _localizationService.GetResourceAsync("Customer.Not.Found") }));
}
var jwt = new JwtService(_config);
var token = jwt.GenerateSecurityToken(customer.Email, customer.Id);
var shippingAddress = customer.ShippingAddressId.HasValue ? await _addressService.GetAddressByIdAsync(customer.ShippingAddressId.Value) : null;
var firstName = await _genericAttributeService.GetAttributeAsync <string>(customer, NopCustomerDefaults.FirstNameAttribute);
var lastName = await _genericAttributeService.GetAttributeAsync <string>(customer, NopCustomerDefaults.LastNameAttribute);
return(Ok(new
{
success = true,
token,
pushToken = customer.PushToken,
shippingAddress,
firstName,
lastName,
RemindMeNotification = customer.RemindMeNotification,
RateReminderNotification = customer.RateReminderNotification,
OrderStatusNotification = customer.OrderStatusNotification,
avatar = await _pictureService.GetPictureUrlAsync(await _genericAttributeService.GetAttributeAsync <int>(customer, NopCustomerDefaults.AvatarPictureIdAttribute), _mediaSettings.AvatarPictureSize, true)
}));
}
public ProjectTaskController(IConfiguration config, UserManager <ApplicationUser> userManager, DataContext dataContext)
{
this._config = config;
this._userManager = userManager;
this._context = dataContext;
_jwtService = new JwtService(_config);
}
public async Task <IActionResult> GetToken([FromBody] AuthenticateModel data)
{
var result = new ResponseBase <AuthenticateResponse>();
var userAuth = new ResponseBase <AuthenticateResponse>();
userAuth = await new AuthenticateService(config["oracleConnection"]).Authenticate(data);
if (userAuth.Code == Status.Ok && userAuth.Data.Id != 0)
{
var jwtImpl = new JwtService();
var jwtToken = jwtImpl.SetJWT(data.UserName, new JwtModel()
{
Issuer = config["token:issuer"],
Audience = config["token:audience"],
Expire = config["token:expire"],
SigningKey = config["token:signingkey"]
});
userAuth.Data.Token = jwtToken.Token;
result.Code = jwtToken.Status ? Status.Ok : Status.InternalError;
result.Data = jwtToken.Status ? userAuth.Data : null;
result.Message = userAuth.Message;
return(Ok(result));
}
else
{
result.Code = Status.Unauthorized;
result.Message = userAuth.Message;
result.Data = userAuth.Data;
return(StatusCode(result.Code, result));
}
}
public ActionResult Login(MembersLoginViewModel LoginMember)
{
string ValidateStr = membersService.LoginCheck(LoginMember.Account, LoginMember.Password);
if (String.IsNullOrEmpty(ValidateStr))
{
//無錯誤訊息,則登入
//先藉由Service取得登入者角色資料
string RoleData = membersService.GetRole(LoginMember.Account);
//設定JWT
JwtService jwtService = new JwtService();
//從Web.Config撈出資料
//Coolie名稱
string cookieName = WebConfigurationManager.AppSettings["CookieName"].ToString();
string Token = jwtService.GenerateToken(LoginMember.Account, RoleData);
//產生一個Cookie
HttpCookie cookie = new HttpCookie(cookieName);
//設定單值
cookie.Value = Server.UrlEncode(Token);
//寫到用戶端
Response.Cookies.Add(cookie);
//設定cookie期限
Response.Cookies[cookieName].Expires = DateTime.Now.AddMinutes(Convert.ToInt32(WebConfigurationManager.AppSettings["ExpireMinutes"]));
return(RedirectToAction("Index", "Home"));
}
else
{
//有驗證錯誤信息,加入頁面模型中
ModelState.AddModelError("", ValidateStr);
return(View(LoginMember));
}
}
public string GetRandomToken()
{
var jwt = new JwtService(_config);
var token = jwt.GenerateSecurityToken("*****@*****.**");
return(token);
}
public string GetRandomToken()
{
var jwt = new JwtService(_config);
var token = jwt.GenerateSecurityToken("*****@*****.**");
return(token);
}
public IActionResult GetRandomToken()
{
var jwt = new JwtService(_config);
var token = jwt.GenerateSecurityToken("*****@*****.**");
return(Ok(new { Token = token }));
}
[HttpGet(nameof(FetchToken))] // Get TOKEN - MARK VANZ
public async Task <IActionResult> FetchToken(string email)
{
var jwt = new JwtService(_config);
var token = jwt.GenerateSecurityToken(email);
return(Ok(token)); // Return Token
}
internal static void AuthenticationConfigure(this IServiceCollection services, string token)
{
services.AddAuthentication(JwtBearerDefaults.AuthenticationScheme).AddJwtBearer(options =>
{
options.TokenValidationParameters = JwtService.GetTokenValidationParameters(token);
});
}
public CardDetail GetCardDetail(int expectedEmployerId, string token)
{
var cardToken = JsonConvert.DeserializeObject <CardToken>(JwtService.DecryptPayload(token));
if (cardToken.Expires < DateTime.UtcNow)
{
LogUtil.Log(string.Format("Expired session token {0}", token), LogLevel.Info);
return(new CardDetail()
{
Expired = true
});
}
if (!cardToken.EmployerId.Equals(expectedEmployerId))
{
LogUtil.Log(string.Format("Expected employer {0} and got employer {1} from token {2}.",
expectedEmployerId, cardToken.EmployerId, token), LogLevel.Warn);
return(new CardDetail()
{
Invalid = true
});
}
LogUtil.Trace(string.Format("Resolved token {0} for employer {1}.",
token, cardToken.EmployerId));
return(cardToken.CardDetail);
}
public IActionResult ResetPassword([FromBody] dynamic userRequest)
{
var id = JwtService.GetUserId(HttpContext);
var user = _dbContext.Users.FirstOrDefault(u => u.Id == id);
if (user == null)
{
return(NotFound("用户不存在"));
}
string oldPassword = userRequest.old_password;
user.Password = userRequest.new_password;
if (_dbContext.Users.Count(u => u.Password == oldPassword && u.Id == user.Id) != 1)
{
return(BadRequest("原密码错误"));
}
try
{
_dbContext.Update(user);
_dbContext.SaveChanges();
return(Success("用户密码更新成功"));
}
catch (Exception e)
{
Console.WriteLine(e);
return(Error("用户密码更新失败"));
}
}
public string GetRandomToken(string userName)
{
var jwt = new JwtService(_config);
var token = jwt.GenerateSecurityToken(userName);
return(token);
}
public IActionResult Login(LoginVM loginVM)
{
Account account = myContext.Accounts.Where(acc => acc.Employee.Email == loginVM.Email).FirstOrDefault();
try
{
bool isValidPassword = BCrypt.Net.BCrypt.Verify(loginVM.Password, account.Password);
if (isValidPassword)
{
var result = accountRepository.Login(loginVM);
if (result == null)
{
return(NotFound(new { status = HttpStatusCode.NotFound, result, message = "Login Unsuccessful", Token = "" }));
}
var jwt = new JwtService(configuration);
var token = jwt.GenerateSecurityToken(result);
return(Ok(new { status = HttpStatusCode.OK, message = "Login Success", result, Token = token }));
}
return(BadRequest(new { status = HttpStatusCode.BadRequest, result = "", message = "Login Unsuccessful" }));
}
catch (Exception)
{
return(BadRequest(new { status = HttpStatusCode.BadRequest, result = "", message = "Login Unsuccessful" }));
}
}
public void GenerateJwtRefreshTokenReturnsStringLength44()
{
JwtService jwtService = new JwtService(mockRefreshRepository.Object, mockUserService.Object, mockConfiguration.Object);
var refreshToken = jwtService.GenerateJwtRefreshToken();
Assert.Equal(44, refreshToken.Length);
}
public async Task <IActionResult> Login(LoginModel loginModel)
{
var user = _userManager.Users.SingleOrDefault(user => user.UserName == loginModel.Email);
if (user == null)
{
return(BadRequest());
}
if (ModelState.IsValid)
{
var correctPassword = await _userManager.CheckPasswordAsync(user, loginModel.Password);
if (correctPassword)
{
var loginResponse = new LoginResponse
{
UserId = user.Id,
JwtToken = JwtService.GenerateJwtToken(user, _jwtSettings)
};
//return Ok(JwtService.GenerateJwtToken(user, _jwtSettings));
return(Ok(loginResponse));
}
}
return(BadRequest());
}
public async Task <UserLoginResultDto> UserLogin(UserLoginDto userLoginDto)
{
// 判断是否为空
userLoginDto.ISNullOrEmpty();
// 检查安全码
userLoginDto.CheckSecurityCode();
var result = await _context
.GetFirstOrDefault(a =>
a.UserName.Equals(userLoginDto.UserName) &&
a.UserPwd.Equals(userLoginDto.UserPwd));
if (result != null)
{
return new UserLoginResultDto()
{
UserId = result.Id, ResultInfo = "Bearer " + JwtService.GetToken(userLoginDto.UserName)
}
}
;
else
{
// 账号或密码错误
throw new Exception("Incorrect username or password.");
}
}
public ActionResult Login(MembersLoginViewModel LoginMember)
{
//Service
string ValidateStr = membersService.LoginCheck(LoginMember.Account, LoginMember.Password);
//判斷驗證後結果是否錯誤訊息
if (String.IsNullOrEmpty(ValidateStr))
{
string RoleData = membersService.GetRole(LoginMember.Account);
JwtService jwtService = new JwtService();
//設定JWT
//從web.Config
string cookieName = WebConfigurationManager.AppSettings["CookieName"].ToString();
string Token = jwtService.GenerateToke(LoginMember.Account, RoleData);
//產生一個cookie
HttpCookie cookie = new HttpCookie(cookieName);
//設應單值
cookie.Value = Server.UrlEncode(Token);
//寫到用戶端
Response.Cookies.Add(cookie);
//設定cookie權限
Response.Cookies[cookieName].Expires = DateTime.Now.AddMinutes(Convert.ToInt32(WebConfigurationManager.AppSettings["ExpireMinutes"]));
return(RedirectToAction("Index", "Guestbooks"));
}
else
{
ModelState.AddModelError("", ValidateStr);
return(View(LoginMember));
}
}
public UsuarioController(minubeDBContext context, JwtService jwtService)
{
_context = context;
_jwtService = jwtService;
personaRepository = new PersonaRepository(context);
usuarioRepository = new UsuarioRepository(context);
}
public string GetRandomToken()
{
var jwt = new JwtService(_config);
var token = jwt.GenerateSecurityToken("*****@*****.**");
return(token);
}
public static string GetToken(IConfiguration config, string email)
{
var jwt = new JwtService(config);
var token = jwt.GenerateSecurityToken(email);
return(token);
}
public async Task <ActionResult> GetRandomToken(string username, string password)
{
var person = await _personRepository.GetPersonAsync(username);
if (person == null || string.IsNullOrEmpty(person.HashedPassword))
{
return(Ok());
}
if (person.EmailConfirmed.ToLower() == "false")
{
return(Ok("Confirm Email Address"));
}
if (person.ChangePassword.ToLower() == "true")
{
// 60 min time limit from when the email was sent
return(Ok("User must change password"));
}
if (person.HashedPassword.Equals(password))
{
var jwt = new JwtService(_config);
var token = jwt.GenerateSecurityToken(username);
return(Ok(token));
}
return(Ok());
}
public async Task <ActionResult <string> > Login()
{
var jwt = new JwtService(_config);
var token = jwt.GenerateSecurityToken("*****@*****.**");
return(token);
}
public JsonResult RefresToken(string token)
{
IJwtService service = new JwtService(_cache, _httpContextAccessor);
var result = new ResponseModel();
try
{
if (service != null)
{
service.RefreshTokenAsync(token);
result.returnCode = CodeEnum.success;
result.returnMsg = "执行成功";
}
else
{
result.returnCode = CodeEnum.failed;
result.returnMsg = "IJwtService 接口初始化失败!";
}
}
catch (Exception ex)
{
result.returnCode = CodeEnum.failed;
result.returnMsg = "执行失败,异常信息:" + ex;
}
return(Json(result));
}
// This method gets called by the runtime. Use this method to add services to the container.
public void ConfigureServices(IServiceCollection services)
{
JwtService jwtService;
services.AddSingleton <IConfiguration>(Configuration);
jwtService = new JwtService(Configuration);
services.Add(new ServiceDescriptor(typeof(IJwtService), jwtService));
services.AddAuthentication(JwtBearerDefaults.AuthenticationScheme)
.AddJwtBearer(options => jwtService.RulesTokenValidation(options));
services.AddDbContext <UserContext>(opt => opt.UseInMemoryDatabase("WebapiTest"));
services.AddAuthorization(options =>
{
options.AddPolicy("AdminTest", policy => policy.RequireClaim("SuperTester", "true"));
});
services.AddMvc()
.AddJsonOptions(opt =>
{
var resolver = opt.SerializerSettings.ContractResolver;
if (resolver != null)
{
var res = resolver as DefaultContractResolver;
res.NamingStrategy = new SnakeCaseNamingStrategy();
}
});;
}
public AuthenticationCommandController(HTTPQueuedCommandMediator mediator, ImmediateCommandMediator immediateCommandMediator, JwtService jwtService, IMapper mapper)
{
_mediator = mediator;
_immediateCommandMediator = immediateCommandMediator;
_jwtService = jwtService;
_mapper = mapper;
}
public LoginController(LogisticaSinuContext context, IOptions <AppSetting> appSettings)
{
_context = context;
var admin = _context.Users.Find("admin");
if (admin == null)
{
_context.Users.Add(new Entity.User()
{
Usuario = "admin",
Identificacion = "123",
Password = "******",
Estado = "Activo",
PrimerNombre = "Adminitrador",
PrimerApellido = "Administrador",
Telefono = "31800000000",
Tipo = "admin",
Correo = "*****@*****.**"
});
var i = _context.SaveChanges();
}
_jwtService = new JwtService(appSettings);
_userService = new UserService(context);
}
public async Task <IActionResult> PostUser([Required][FromBody] Users body)
{
try
{
if (body.Password.Length < 8)
{
return(new BadRequestObjectResult("Password is too short"));
}
if (_context.Users.FirstOrDefault(x => x.Email == body.Email) != null)
{
return(new BadRequestObjectResult("Given email is already used"));
}
body.Password = SecurePasswordHasher.Hash(body.Password);
var user = _context.Users.Add(body).Entity;
_context.SaveChanges();
IAuthContainerModel model = JwtFunctions.GetJwtContainerModel(user.Id, user.Email);
IAuthService authService = new JwtService(model.SecretKey);
var token = authService.GenerateToken(model);
return(new OkObjectResult(new
{ token, expiresIn = model.ExpireMinutes, user = _mapper.Map <DTOUserModel>(user) }));
}
catch (Exception ex)
{
return(new BadRequestObjectResult(new { error = ex, body }));
}
}
public async Task SendValidToken()
{
JwtService service = new JwtService(ValidKey
, "Xari");
JwtPayload InitialPayload;
InitialPayload = new JwtPayload {
{ "UserOid", "001" },
{ JwtRegisteredClaimNames.Iat, service.DateToNumber(DateTime.Now).ToString() },
{ JwtRegisteredClaimNames.Iss, "Xari" },
};
var StringToken = service.JwtPayloadToToken(InitialPayload);
var Headers = new RequestHeadersCollection();
Headers.Add("AuthId", "db1");
Headers.Add("Authorization", StringToken);
client = new Client(new NewtonsoftSerializationAdapter(), createHttpClient: (name) => _testServerHttpClientFactory.CreateClient());
Uri resource = new Uri(UriString);
var result = await client.GetAsync <string>(resource, Headers);
Assert.AreEqual("It's working", result.Body);
}
public void Login_ShouldReturnToken(string userName, string password)
{
// arrange
var dto = new LoginDto
{
UserName = userName,
Password = password
};
var encodedPassword = PasswordHelper.EncodePassword(password);
var baseRepositoryMock = new Mock <IBaseRepository>();
baseRepositoryMock
.Setup(m => m.Get <User>(x => x.UserName == dto.UserName))
.Returns(() => new User
{
UserName = userName,
Password = encodedPassword.PasswordHash,
PasswordSalt = encodedPassword.PasswordSalt
});
var jwtService = new JwtService();
var userService = new UserService(null, null, null, null);
var userProfileService = new UserProfileService(baseRepositoryMock.Object, null, userService);
var service = new AuthService(baseRepositoryMock.Object, jwtService, userProfileService);
// act
var result = service.Login(dto);
// assert
Assert.IsNotEmpty(result.Token);
Assert.IsNotNull(result.Token);
}
