public async Task <IActionResult> LoginAsync(string token) { _logger.LogInformation("Validate token"); if (!Guid.TryParse(token, out Guid masterQrCodeId)) { _logger.LogWarning("Token is no valid GUID."); return(AccessDenied()); } MasterQrCode masterQrCode = await _context.MasterQrCodes.FindAsync(masterQrCodeId); if (masterQrCode == null) { _logger.LogWarning("Token not found in the database."); return(AccessDenied()); } if (masterQrCode.RevokedAt != null) { _logger.LogWarning( "The master qr code has been revoked at {date}", masterQrCode.RevokedAt); return(AccessDenied()); } await SignInAsync(masterQrCode); return(LogonSuccess()); }
public async Task <IActionResult> DownloadMyMasterQrCodeAsync(Guid eventId) { Guid userId = User.GetUserId(); MasterQrCode masterQrCode = await _context.MasterQrCodes .Where(e => e.EventId == eventId && e.OwnerId == userId && e.RevokedAt == null) .FirstOrDefaultAsync(); if (masterQrCode == null) { masterQrCode = new MasterQrCode { EventId = eventId, OwnerId = userId, CreatedAt = DateTime.UtcNow }; _context.Add(masterQrCode); await _context.SaveChangesAsync(); } string loginUrl = Url.ActionAbsoluteUrl <MasterQrCodeLoginController>( nameof(MasterQrCodeLoginController.LoginAsync), new { token = masterQrCode.Id.ToString() }); return(new QrCodeResult(loginUrl)); }
private Task SignInAsync(MasterQrCode masterQrCode) { string authenticationScheme = EventManagementConstants.MasterQrCode.AuthenticationScheme; var claims = new List <Claim> { new Claim(JwtClaimTypes.Subject, masterQrCode.OwnerId.ToString()), new Claim(EventManagementClaimTypes.EventId, masterQrCode.EventId.ToString()) }; var claimsIdentity = new ClaimsIdentity(claims, authenticationScheme); var authProperties = new AuthenticationProperties { IsPersistent = true }; return(HttpContext.SignInAsync( authenticationScheme, new ClaimsPrincipal(claimsIdentity), authProperties)); }