Exemplo n.º 1
0
        public async Task <IActionResult> Login([FromBody] EmailPasswordModel model)
        {
            if (!ModelState.IsValid)
            {
                return(BadRequest("Invalid user name or password"));
            }

            var user = await _userManager.FindByEmailAsync(model.Email);

            if (user == null)
            {
                return(Conflict("Bad user name password combination"));
            }

            if (!await _userManager.CheckPasswordAsync(user, model.Password))
            {
                return(Conflict("Bad user name password combination"));
            }
            //TODO: implement user account lockout to avoid guess password with brute force

            var refreshToken = AesCryptor.EncryptStringAes(user.Id, RefreshtokenKey.Value, RefreshtokenKey.IV);
            var jwtToken     = JwtTokenizer.GenerateJwtToken(user.Id, user.Email);

            //CreateAuthenticatedCookie(jwtToken);
            return(Ok(new { userId = user.Id, Token = jwtToken, refreshtoken = refreshToken }));
        }
Exemplo n.º 2
0
        public async Task <IActionResult> Login([FromBody] LoginViewmodel value)
        {
            var user = await _userManager.FindByEmailAsync(value.Email);

            if (user != null && await _userManager.CheckPasswordAsync(user, value.Password))
            {
                _jwtTokenService.CreateToken(user);
            }
            return(Unauthorized());
        }
Exemplo n.º 3
0
        public async Task <IActionResult> Login([FromBody] LoginModel loginModel)
        {
            if (!ModelState.IsValid)
            {
                return(BadRequest(ModelState));
            }
            var user = await userManager.FindByNameAsync(loginModel.Email);

            if (!(user != null && await userManager.CheckPasswordAsync(user, loginModel.Password)))
            {
                return(Unauthorized());
            }
            if (!await userManager.IsEmailConfirmedAsync(user))
            {
                return(Ok(new { success = false, message = "Check your email to verify your account." }));
            }
            return(Ok(new { access_token = new ApplicationJwtProvider(Configuration, userManager).JwtTokenBuilder(user).Result }));
        }
Exemplo n.º 4
0
        protected override async Task <Response <CreateResult> > HandleCore(LoginRequest request)
        {
            var user = await _userManager.FindByNameAsync(request.UserName);

            if (user == null)
            {
                return(new Response <CreateResult>(CreateResult.NotCreated));
            }
            var passwordCheckResult = await _userManager.CheckPasswordAsync(user, request.Password);

            // todo: add new results with errors, (password bad, user not found, user locked and etc.)
            if (passwordCheckResult)
            {
                return(new Response <CreateResult>(CreateResult.Created));
            }
            else
            {
                return(new Response <CreateResult>(CreateResult.NotCreated));
            }
        }