public IActionResult Login([FromBody] APIUsers.Library.Models.UserMin user)
{
if (user == null)
{
return(BadRequest("Invalid client request"));
}
var ConnectionStringLocal = _configuration.GetValue <string>("ServidorAzure");
using (APIUsers.Library.Interfaces.ILogin Login = APIUsers.Library.Interfaces.Factorizador.CrearConexionServicioLogin(APIUsers.Library.Models.ConnectionType.MSSQL, ConnectionStringLocal)){
APIUsers.Library.Models.User objusr = Login.EstablecerLogin(user.Nick, user.Password);
if (objusr == null)
{
return(Unauthorized());
}
var secretKey = new SymmetricSecurityKey(Encoding.UTF8.GetBytes(_configuration.GetValue <string>("SecretKey")));
var signinCredentials = new SigningCredentials(secretKey, SecurityAlgorithms.HmacSha256);
var claims = new List <Claim> {
new Claim(ClaimTypes.Name, objusr.Nick),
new Claim(ClaimTypes.Role, objusr.Role),
new Claim("Id", objusr.ID.ToString()),
new Claim("imagen", objusr.Imagen)
};
var tokeOptions = new JwtSecurityToken(
issuer: "https://api03mtw102.azurewebsites.net",
audience: "https://api03mtw102.azurewebsites.net",
claims: claims,
expires: DateTime.Now.AddMinutes(120),
signingCredentials: signinCredentials
);
var tokenString = new JwtSecurityTokenHandler().WriteToken(tokeOptions);
var refreshString = GenerateRefreshToken();
objusr.RefreshToken = refreshString;
objusr.RefreshTokenExpiryTime = DateTime.Now.AddDays(7);
using (APIUsers.Library.Interfaces.IUser User = APIUsers.Library.Interfaces.Factorizador.CrearConexionServicio(APIUsers.Library.Models.ConnectionType.MSSQL, ConnectionStringLocal))
{
User.UpdateUserRefreshToken(objusr);
}
return(Ok(new {
Token = tokenString,
RefreshToken = refreshString
}));
}
}
public IActionResult GetUserByNick(string nick)
{
APIUsers.Library.Models.User user = new APIUsers.Library.Models.User();
var ConnectionStringLocal = _configuration.GetValue<string>("ServidorAzure");
using (IUser User = Factorizador.CrearConexionServicio(APIUsers.Library.Models.ConnectionType.MSSQL, ConnectionStringLocal))
{
user = User.GetUser(nick);
}
return Ok(new { user });
}
public Boolean UpdateUserDomicilio([FromBody] APIUsers.Library.Models.User value)
{
Boolean status;
var ConnectionStringLocal = _configuration.GetValue<string>("ServidorAzure");
using (IUser User = Factorizador.CrearConexionServicio(APIUsers.Library.Models.ConnectionType.MSSQL, ConnectionStringLocal))
{
status = User.UpdateUser_domicilio(value);
}
return status;
}
public IActionResult Refresh(Models.Token token)
{
if (token is null)
{
return(BadRequest("Invalid client request"));
}
string accessToken = token.AccessToken;
string refreshToken = token.RefreshToken;
var principal = GetPrincipalFromExpiredToken(accessToken);
var username = principal.Identity.Name; //this is mapped to the Name claim by default
var ConnectionStringLocal = _configuration.GetValue <string>("ServidorAzure");
using (APIUsers.Library.Interfaces.IUser User = APIUsers.Library.Interfaces.Factorizador.CrearConexionServicio(APIUsers.Library.Models.ConnectionType.MSSQL, ConnectionStringLocal))
{
APIUsers.Library.Models.User objusr = User.CheckRefreshToken(username);
if (objusr == null || objusr.RefreshToken != refreshToken || objusr.RefreshTokenExpiryTime <= DateTime.Now)
{
return(BadRequest("Invalid client request"));
}
var secretKey = new SymmetricSecurityKey(Encoding.UTF8.GetBytes(_configuration.GetValue <string>("SecretKey")));
var signinCredentials = new SigningCredentials(secretKey, SecurityAlgorithms.HmacSha256);
var tokeOptions = new JwtSecurityToken(
issuer: "https://api03mtw102.azurewebsites.net",
audience: "https://api03mtw102.azurewebsites.net",
claims: principal.Claims,
expires: DateTime.Now.AddMinutes(120),
signingCredentials: signinCredentials
);
var tokenString = new JwtSecurityTokenHandler().WriteToken(tokeOptions);
var refreshString = GenerateRefreshToken();
objusr.RefreshToken = refreshString;
objusr.RefreshTokenExpiryTime = DateTime.Now.AddDays(7);
using (APIUsers.Library.Interfaces.IUser User2 = APIUsers.Library.Interfaces.Factorizador.CrearConexionServicio(APIUsers.Library.Models.ConnectionType.MSSQL, ConnectionStringLocal))
{
User2.UpdateUserRefreshToken(objusr);
}
return(new ObjectResult(new
{
Token = tokenString,
RefreshToken = refreshString
}));
}
}
public IActionResult Revoke()
{
var username = User.Identity.Name;
//var user = userContext.LoginModels.SingleOrDefault(u => u.UserName == username);
var ConnectionStringLocal = _configuration.GetValue <string>("ServidorLocal");
using (IUser User = Factorizador.CrearConexionServicio(APIUsers.Library.Models.ConnectionType.MSSQL, ConnectionStringLocal))
{
APIUsers.Library.Models.User user = User.GetUser(username);
if (user == null)
{
return(BadRequest());
}
user.RefreshToken = null;
//userContext.SaveChanges();
User.UpdateRefreshToken(user);
return(NoContent());
}
}
public IActionResult Login([FromBody] UserMin user)
{
if (user == null)
{
return(BadRequest("Invalid client request"));
}
var ConnectionStringLocal = _configuration.GetValue <string>("ServidorLocal");
using (ILogin Login = Factorizador.CrearConexionServicioLogin(APIUsers.Library.Models.ConnectionType.MSSQL, ConnectionStringLocal))
{
//id = User.InsertUser(value.Nick, Functions.GetSHA256(value.Password));
APIUsers.Library.Models.User objusr = Login.EsblecerLogin(user.Nick, user.Password);
if (objusr.ID > 0)
{
//if (user.Nick == "rgatilanov" && user.Password == "4297f44b13955235245b2497399d7a93") //MD5 (123123)
//{
var secretKey = new SymmetricSecurityKey(Encoding.UTF8.GetBytes(_configuration.GetValue <string>("SecretKey")));
var signinCredentials = new SigningCredentials(secretKey, SecurityAlgorithms.HmacSha256);
var tokeOptions = new JwtSecurityToken(
issuer: "http://localhost:44369",
audience: "http://localhost:44369",
claims: new List <System.Security.Claims.Claim>(),
expires: DateTime.Now.AddMinutes(5),
signingCredentials: signinCredentials
);
var tokenString = new JwtSecurityTokenHandler().WriteToken(tokeOptions);
return(Ok(new { Token = tokenString }));
//}
}
else
{
return(Unauthorized());
}
}
}
public IActionResult Refresh(TokenApiModel tokenApiModel)
{
if (tokenApiModel is null)
{
return(BadRequest("Invalid client request"));
}
string accessToken = tokenApiModel.AccessToken;
string refreshToken = tokenApiModel.RefreshToken;
//var principal = tokenService.GetPrincipalFromExpiredToken(accessToken);
var principal = tokenService.GetPrincipalFromExpiredToken(accessToken, new SymmetricSecurityKey(Encoding.UTF8.GetBytes(_configuration.GetValue <string>("SecretKey"))));
var username = principal.Identity.Name; //this is mapped to the Name claim by default
//En lugar de usar la conexión por contexto, usamos la conexión mediante los servicios ya creados.
//var user = userContext.LoginModels.SingleOrDefault(u => u.UserName == username);
//Conexión mediante clase Login
var ConnectionStringLocal = _configuration.GetValue <string>("ServidorLocal");
using (IUser User = Factorizador.CrearConexionServicio(APIUsers.Library.Models.ConnectionType.MSSQL, ConnectionStringLocal))
{
APIUsers.Library.Models.User user = User.GetUser(username);
if (user == null || user.RefreshToken != refreshToken || user.RefreshTokenExpiryTime <= DateTime.Now)
{
return(BadRequest("Invalid client request"));
}
//var newAccessToken = tokenService.GenerateAccessToken(principal.Claims);
var newAccessToken = tokenService.GenerateAccessToken(principal.Claims, new SymmetricSecurityKey(Encoding.UTF8.GetBytes(_configuration.GetValue <string>("SecretKey"))));
var newRefreshToken = tokenService.GenerateRefreshToken();
user.RefreshToken = newRefreshToken;
//userContext.SaveChanges();
User.UpdateRefreshToken(user);
return(new ObjectResult(new
{
accessToken = newAccessToken,
refreshToken = newRefreshToken
}));
}
}
