public IHttpActionResult EmailExists(int userId, string email) { //the userId parameter really contains the contact id //TODO let's clean this up var authorizedWithCookie = Authorized(t => { var exists = _lookupRepository.EmailSearch(email, t); if (exists.Count == 0 || _userService.GetContactIdByUserId(Convert.ToInt32(exists["dp_RecordID"])) == userId) { return(Ok()); } return(BadRequest()); }); if (authorizedWithCookie is UnauthorizedResult) { var apiUser = _configurationWrapper.GetEnvironmentVarAsString("API_USER"); var apiPassword = _configurationWrapper.GetEnvironmentVarAsString("API_PASSWORD"); var authData = _authenticationRepository.Authenticate(apiUser, apiPassword); var token = authData?.AccessToken; var exists = _lookupRepository.EmailSearch(email, token); if (exists.Count == 0) { return(Ok()); } return(BadRequest()); } return(authorizedWithCookie); }
public IActionResult Authenticate([FromBody] User UserDomain) { var user = _authenticationRepository.Authenticate(UserDomain.Username, UserDomain.Password); if (user == null) { return(BadRequest(new { message = "Username or password is incorrect" })); } var tokenHandler = new JwtSecurityTokenHandler(); var key = Encoding.ASCII.GetBytes(_appSettings.Secret); var tokenDescriptor = new SecurityTokenDescriptor { Subject = new ClaimsIdentity(new Claim[] { new Claim(ClaimTypes.Name, user.UserID.ToString()), new Claim(ClaimTypes.Role, user.UserRole) }), Expires = DateTime.UtcNow.AddDays(7), SigningCredentials = new SigningCredentials(new SymmetricSecurityKey(key), SecurityAlgorithms.HmacSha256Signature) }; var token = tokenHandler.CreateToken(tokenDescriptor); var tokenString = tokenHandler.WriteToken(token); return(Ok(new { Id = user.UserID, Username = user.Username, FirstName = user.FirstName, LastName = user.LastName, Token = tokenString })); }
protected string ApiLogin() { var apiUser = _configurationWrapper.GetEnvironmentVarAsString("API_USER"); var apiPasword = _configurationWrapper.GetEnvironmentVarAsString("API_PASSWORD"); var authData = _authenticationService.Authenticate(apiUser, apiPasword); var token = authData["token"].ToString(); return(token); }
public IActionResult Login([FromBody] Authentication auth) { var user = _authRepo.Authenticate(auth.Mail, auth.Password); if (user is null) { return(BadRequest(new { message = "Username or password is wrong!" })); } return(Ok(user)); }
public ActionResult <AuthenticationResult> PostAsync([FromBody] UserLoginDTO loginUser) { var authorization = _userRepository.Authorize(_mapper.Map <User>(loginUser)); if (!authorization.Success) { return(Ok(authorization)); } return(Ok(_authenticationRepository.Authenticate(authorization.Data))); }
public IActionResult Get(string username, string password) { var authData = _authenticationRepository.Authenticate(username, password); //var loginInfo = new LoginInfo() //{ // Role = authData?.Role, // Token = authData?.Token, // Username = username, // UserId = authData?.UserId ?? 0 //}; return(new OkObjectResult(authData)); }
public void SetProfile(string token, Person person) { var contactDictionary = getDictionary(person.GetContact()); var householdDictionary = getDictionary(person.GetHousehold()); var addressDictionary = getDictionary(person.GetAddress()); addressDictionary.Add("State/Region", addressDictionary["State"]); // Some front-end consumers require an Address (e.g., /profile/personal), and // some do not (e.g., /undivided/facilitator). Don't attempt to create/update // an Address record if we have no data. if (addressDictionary.Values.All(i => i == null)) { addressDictionary = null; } _contactRepository.UpdateContact(person.ContactId, contactDictionary, householdDictionary, addressDictionary); var configuration = MpObjectAttributeConfigurationFactory.Contact(); _objectAttributeService.SaveObjectAttributes(person.ContactId, person.AttributeTypes, person.SingleAttributes, configuration); var participant = _participantService.GetParticipant(person.ContactId); if (participant.AttendanceStart != person.AttendanceStartDate) { participant.AttendanceStart = person.AttendanceStartDate; _participantService.UpdateParticipant(participant); } // TODO: It appears we are updating the contact records email address above if the email address is changed // TODO: If the password is invalid we would not run the update on user, and therefore create a data integrity problem // TODO: See About moving the check for new password above or moving the update for user / person into an atomic operation // // update the user values if the email and/or password has changed if (!(String.IsNullOrEmpty(person.NewPassword)) || (person.EmailAddress != person.OldEmail && person.OldEmail != null)) { var authData = _authenticationService.Authenticate(person.OldEmail, person.OldPassword); if (authData == null) { throw new Exception("Old password did not match profile"); } else { var userUpdateValues = person.GetUserUpdateValues(); userUpdateValues["User_ID"] = _userRepository.GetUserIdByUsername(person.OldEmail); _userRepository.UpdateUser(userUpdateValues); } } }
public ActionResult <IEnumerable <string> > Get(string userId, string password) { var authData = _authenticationRepository.Authenticate(userId, password); return(new OkObjectResult(authData)); }