public async Task <TokenDto> SignIn(SignInDto signInDto)
{
var user = await userRepository.FindByLoginAsync(signInDto.Email);
TokenDto tokenDto = new TokenDto();
if (user == null || user.StatusOfVerification == "Processing" || user.StatusOfVerification == "Blocked")
{
tokenDto.Code = 401;
return(tokenDto);
}
if (signInDto.Email != user.Email || !VerifyPassword(signInDto.Password, user.HashPassword, user.Salt))
{
tokenDto.Code = 401;
return(tokenDto);
}
//Return two tokens Access, Refresh
tokenDto.Name = user.FirstName;
tokenDto.Code = 200;
tokenDto.AccessToken = token.GenerateToken(user);
tokenDto.RefreshToken = token.RefreshGenerateToken();
//Save To database Refresh token
RefreshTokens refreshToken = new RefreshTokens(tokenDto.RefreshToken, user.Id, true);
refreshRepository.Create(refreshToken);
await refreshRepository.SaveChangesAsync();
return(tokenDto);
}
public ActionResult AddUser([FromBody] UserData userData)
{
if (!ModelState.IsValid)
{
return(BadRequest());
}
string userToken = _tokenGenerator.GenerateToken(userData.Login);
User user = new User()
{
Login = userData.Login,
FeedbackUrl = userData.Url,
UserToken = userToken
};
_context.Users.Add(user);
_context.SaveChanges();
return(Json(new
{
generatedToken = userToken
}));
}
public async Task <IActionResult> AddUser([FromBody] UserData userData)
{
if (!ModelState.IsValid)
{
return(BadRequest(ModelState));
}
User existedUser = await _context
.Users
.FirstOrDefaultAsync(u => u.Login == userData.Login);
if (existedUser != null)
{
return(BadRequest("Already have such login"));
}
string userToken = _tokenGenerator.GenerateToken(userData.Login);
User user = new User()
{
Login = userData.Login,
FeedbackUrl = userData.Url,
UserToken = userToken
};
_context.Users.Add(user);
await _context.SaveChangesAsync();
return(Json(new
{
generatedToken = userToken
}));
}
/// <summary>
/// Sign in with correct email and input password
/// </summary>
/// <param name="userLoginDto"></param>
/// <returns>return TokenDto with new Access Token and Refresh Token
/// if user null or email or password not correct
/// return tokenDto with code 401</returns>
public async Task <TokenDto> SignInAsync(UserLoginDto userLoginDto)
{
var user = await userRepository.FindByLoginAsync(userLoginDto.Email);
TokenDto tokenDto = new TokenDto();
if (user == null)
{
tokenDto.Code = 401;
return(tokenDto);
}
if (userLoginDto.Email != user.Email || !VerifyPassword(userLoginDto.Password, user.HashPassword, user.Salt))
{
tokenDto.Code = 401;
return(tokenDto);
}
//Return two tokens Access, Refresh
tokenDto.Code = 200;
tokenDto.AccessToken = token.GenerateToken(user);
tokenDto.RefreshToken = token.RefreshGenerateToken();
//Save To database Refresh token
RefreshToken refreshToken = new RefreshToken(tokenDto.RefreshToken, user.UserId, true);
refreshRepository.Create(refreshToken);
await refreshRepository.SaveChangesAsync();
return(tokenDto);
}
public async Task <AuthenticateCommandResponse> Handle(AuthenticateCommand request, CancellationToken cancellationToken)
{
if (!request.UserName.Equals(_appSettings.Auth.User) || !request.PassWord.Equals(_appSettings.Auth.Pass))
{
throw new UserNotAuthenticatedException();
}
return(await _tokenGeneratorService.GenerateToken(request.UserName, null));;
}
public IActionResult CreateToken([FromBody] LoginModel login)
{
if (!context.IsValidUsernameAndPassword(login.UserName, login.Password))
{
return(BadRequest());
}
logger.Debug($"Token created for {login.UserName}");
return(Ok(tokenGeneratorService.GenerateToken(login)));
}
/// <summary>
/// Generate Access Token and Refresh Token
/// </summary>
/// <param name="token"></param>
/// <returns>return TokenDto with code 200</returns>
public async Task <TokenDto> GenerateRefreshTokenAsync(TokenClaimsDto token)
{
TokenDto tokenDto = new TokenDto();
var user = await userRepository.FindByIdDetailsAsync(token.UserId);
tokenDto.AccessToken = tokenGeneratorService.GenerateToken(user);
tokenDto.RefreshToken = tokenGeneratorService.RefreshGenerateToken();
tokenDto.Code = 200;
return(tokenDto);
}
public async Task <Result <UserOutputModel> > Login(UserInputModel userInput)
{
var user = await userManager.FindByEmailAsync(userInput.Email);
if (user == null)
{
return(InvalidErrorMessage);
}
var passwordValid = await userManager.CheckPasswordAsync(user, userInput.Password);
if (!passwordValid)
{
return(InvalidErrorMessage);
}
var token = jwtTokenGenerator.GenerateToken(user);
return(new UserOutputModel(token));
}
public IActionResult Login([FromQuery] UserLoginModel loginModel)
{
_logger.LogTrace("Login attempt from {RemoteIp} and {UserAgent} with user name {UserName}", UserIp, UserAgent, loginModel.UserName);
var dbUser = _db.Users.FirstOrDefault(u => u.UserName == loginModel.UserName);
if (dbUser == null)
{
//TODO: maybe change to generalized error
_logger.LogTrace("User name {UserName} not exist", loginModel.UserName);
ModelState.AddModelError("User", "user not found");
return(BadRequest(new ValidationProblemDetails(ModelState)));
}
try
{
if (dbUser.State == EUserState.InChallenge)
{
return(Forbid(new AuthenticationProperties(new Dictionary <string, string> {
{ "Challenge", "need pass" }
})));
}
switch (dbUser.VerifyPassword(loginModel.Password))
{
case PasswordVerificationResult.Failed:
_logger.LogTrace("User {UserName} send wrong password", loginModel.UserName);
ModelState.AddModelError("Password", "Wrong password");
return(BadRequest(new ValidationProblemDetails(ModelState)));
case PasswordVerificationResult.SuccessRehashNeeded:
{
dbUser.HashPasswordAndSet(loginModel.Password);
_db.Users.Update(dbUser);
break;
}
}
var refreshToken = new DbRefreshToken()
{
Fingerprint = loginModel.Fingerprint,
FromTime = _now,
ToTime = _now.AddDays(_authOptions.RefreshTokenLifetimeDays),
CreatedIp = UserIp,
NavUser = dbUser,
UserAgent = UserAgent,
Token = _rngGenerator.GetGuid()
};
_db.RefreshTokens.Add(refreshToken);
_db.SaveChanges();
var jwt = _tokenGenerator.GenerateToken(dbUser.UserName, dbUser.Role);
return(Ok(new AuthResult()
{
JwtToken = jwt,
RefreshToken = refreshToken.Token,
UserName = dbUser.UserName
}));
}
catch (SecurityTokenEncryptionFailedException e)
{
_logger.LogError(e, "Problem with generating JWT for {UserName}", dbUser.UserName);
throw;
}
catch (Exception e)
{
_logger.LogError(e, "Problem with applying changes to db");
throw;
}
}
