private async Task GenerateToken(HttpContext context)
{
var refreshToken = context.Request.Form["refreshToken"].ToString();
if (string.IsNullOrWhiteSpace(refreshToken))
{
context.Response.StatusCode = 400;
await context.Response.WriteAsync("User must relogin.");
return;
}
var db = context.RequestServices.GetService <IdentityContext>();
var signInManager = context.RequestServices.GetService <SignInManager <ApplicationUser> >();
var userManager = context.RequestServices.GetService <UserManager <ApplicationUser> >();
var refreshTokenModel = db.RefreshTokens
.Include(x => x.User)
.SingleOrDefault(i => i.Token == refreshToken);
if (refreshTokenModel == null)
{
context.Response.StatusCode = 400;
await context.Response.WriteAsync("User must relogin.");
return;
}
if (!await signInManager.CanSignInAsync(refreshTokenModel.User))
{
context.Response.StatusCode = 400;
await context.Response.WriteAsync("User is unable to login.");
return;
}
if (userManager.SupportsUserLockout && await userManager.IsLockedOutAsync(refreshTokenModel.User))
{
context.Response.StatusCode = 400;
await context.Response.WriteAsync("User is locked out.");
return;
}
var user = refreshTokenModel.User;
var token = LoginToken.Execute(user, db, refreshTokenModel);
context.Response.ContentType = "application/json";
await context.Response.WriteAsync(JsonConvert.SerializeObject(token, _serializerSettings));
}
private async Task GenerateToken(HttpContext context)
{
try
{
var username = context.Request.Form["username"].ToString();
var password = context.Request.Form["password"];
var signInManager = context.RequestServices.GetService <SignInManager <ApplicationUser> >();
var userManager = context.RequestServices.GetService <UserManager <ApplicationUser> >();
var result = await signInManager.PasswordSignInAsync(username, password, false, lockoutOnFailure : false);
if (!result.Succeeded)
{
context.Response.StatusCode = 400;
await context.Response.WriteAsync("Invalid username or password.");
return;
}
var user = await userManager.Users
.SingleAsync(i => i.UserName == username);
if (!user.IsEnabled)
{
context.Response.StatusCode = 400;
await context.Response.WriteAsync("Invalid username or password.");
return;
}
var db = context.RequestServices.GetService <IdentityContext>();
var response = LoginToken.Execute(user, db);
// Serialize and return the response
context.Response.ContentType = "application/json";
await context.Response.WriteAsync(JsonConvert.SerializeObject(response, _serializerSettings));
}
catch (Exception ex)
{
//TODO log error
//Logging.GetLogger("Login").Error("Erorr logging in", ex);
}
}
