public override Task OnActionExecutionAsync(ActionExecutingContext context, ActionExecutionDelegate next) { var allow = context.Controller .GetType() .GetMethod(ControllerContext.ActionDescriptor.ActionName) .GetCustomAttributes(typeof(AllowAnonymousAttribute), true) .ToList(); if (allow.Count() == 0) { UserLogged = new LoginJwt { UserId = Guid.Parse(HttpContext.User.Claims.Where(c => c.Type == "UserId").FirstOrDefault().Value), Validation = HttpContext.User.Claims.Where(c => c.Type == "Validation").SingleOrDefault().Value.ToString(), ExpireDate = Convert.ToDateTime(HttpContext.User.Claims.Where(c => c.Type == "ExpireDate").SingleOrDefault().Value.Split('.')[0].Replace("\"", "")), LoginBy = (LoginMode)Convert.ToInt32(HttpContext.User.Claims.Where(c => c.Type == "LoginBy").SingleOrDefault().Value) }; if (UserLogged.ExpireDate <= DateTime.Now) { //context.Result = StatusCode(403); } } return(base.OnActionExecutionAsync(context, next)); }
public async Task <JsonDefaultResponse> Handle(SignIn request, CancellationToken cancellationToken) { var login = await _context.User .Where(u => u.Username == request.Username) .SingleOrDefaultAsync(); if (login == null) { return new JsonDefaultResponse { Success = false, Message = Resx.Strings.LoginAndOrPasswordIncorrect } } ; if (!cryptoHelper.IsValid(request.Password, login.Password)) { return new JsonDefaultResponse { Success = false, Message = Resx.Strings.PasswordInformedIsIncorrect } } ; if (login.Status != Status.Active) { return new JsonDefaultResponse { Success = false, Message = Resx.Strings.UserDoesntHaveAccessPermission } } ; var loginToken = new LoginJwt { UserId = login.Id, Validation = Guid.NewGuid().ToString(), ExpireDate = DateTime.Now.AddDays(1), LoginBy = LoginMode.App }; Common.Helpers.JwtManager jwtManager = new Common.Helpers.JwtManager(Configuration); string tokenJWT = jwtManager.GenerateToken(loginToken); #region Saving JWT in the Database var oldJWT = await _context.LoginJwt .Where(j => j.UserId == loginToken.UserId && j.Status == Status.Active && j.ExpireDate > DateTime.Now) .SingleOrDefaultAsync(); if (oldJWT != null) { oldJWT.Status = Status.Inactive; oldJWT.UpdatedDate = DateTime.Now; _context.Entry(oldJWT).State = EntityState.Modified; await _context.SaveChangesAsync(cancellationToken); } string[] tokenSplitted = tokenJWT.Split('.'); var jwt = new Domain.Entities.LoginJwt { UserId = loginToken.UserId, Header = tokenSplitted[0], Payload = tokenSplitted[1], Signature = tokenSplitted[2], Status = Status.Active, ExpireDate = loginToken.ExpireDate }; try { _context.LoginJwt.Add(jwt); await _context.SaveChangesAsync(cancellationToken); } catch { return(new JsonDefaultResponse { Success = false, Message = Resx.Strings.ErrorSaveAuthToken }); } #endregion await _mediator.Publish(new UserAuthenticated { Id = loginToken.UserId }, cancellationToken); var person = await _context.UserHasPerson .Where(uhp => uhp.UserId == login.Id) .Select(uhp => uhp.Person) .SingleOrDefaultAsync(); var contact = await _context.PersonHasContact .Where(phc => phc.PersonId == person.Id) .Select(phc => phc.Contact) .SingleOrDefaultAsync(); return(new JsonDefaultResponse { Success = true, Message = Resx.Strings.LoginAuthorized, Payload = new UserAuth { JwtToken = tokenJWT, User = new UserData { Id = login.Id, Username = login.Username, Name = person.FirstName, LastName = person.LastName, PhoneNumber = contact.PhoneNumber, Email = contact.Email } } }); } } }