public override SimpleAuthResult VerifyToken(string accessToken)
{
try
{
UserToken record;
using (var context = new SimpleUserDbContext())
{
record = context.UserToken.FirstOrDefault(x => accessToken == x.AccessToken);
string error = "";
if (record == null)
{
error = string.Format("AccessToken '{0}' not found", accessToken);
return(SimpleAuthResult.Fail(error));
}
if (record.ExpireAt < DateTime.Now)
{
error = string.Format("Token '{0}' has been expired.", accessToken);
return(SimpleAuthResult.Fail(error));
}
return(SimpleAuthResult.Success());
}
}
catch (Exception ex)
{
var error = string.Format("unknown error .{0}", ex.Message);
return(SimpleAuthResult.Fail(error));
}
}
/// <summary>
/// If it is single sign on , need to remove the existing token
/// </summary>
/// <param name="userId"></param>
/// <returns></returns>
public override SimpleAuthResult RemoveTokenFor(long userId)
{
try
{
using (var context = new SimpleUserDbContext())
{
var userTokens = context.UserToken.Where(x => x.UserId == userId).ToList();
if (userTokens.Count > 0)
{
foreach (var userToken in userTokens)
{
context.UserToken.Remove(userToken);
context.SaveChanges();
}
}
return(SimpleAuthResult.Success());
}
}
catch (Exception ex)
{
var error = string.Format("remove token failed for user '{0}'", userId);
return(SimpleAuthResult.Fail(error));
}
}
/// <summary>
/// user registration
/// </summary>
/// <param name="newUser"></param>
/// <returns></returns>
public SimpleAuthResult TryCreateUser(SimpleAuthUser newUser)
{
var hashedPassword = HashPassword(newUser.OriginPassword);
using (var context = new SimpleUserDbContext())
{
var userWithUserName = context.LoginUser.FirstOrDefault(x => x.UserName == newUser.UserName);
if (userWithUserName != null)
{
return(SimpleAuthResult.Fail(string.Format("user with name '{0}' already exists", newUser)));
}
var loginUser = new LoginUser()
{
UserName = newUser.UserName,
PasswordHash = hashedPassword,
Email = newUser.Email,
Phone = newUser.Phone
};
context.LoginUser.Add(loginUser);
context.SaveChanges();
return(SimpleAuthResult.Success());
}
}
public SimpleAuthResult <TokenEntity> UserCrendentialLogin(string username, string password)
{
using (var context = new SimpleUserDbContext())
{
var tryFindUser = context.LoginUser.FirstOrDefault(x => x.UserName == username);
if (tryFindUser == null)
{
return(SimpleAuthResult <TokenEntity> .Fail(string.Format("user name with '{0}' is not found .", username)));
}
var hashedPassword = HashPassword(password);
if (tryFindUser.PasswordHash != hashedPassword)
{
return(SimpleAuthResult <TokenEntity> .Fail("user password is not correct"));
}
if (_isSso)
{
_provider.RemoveTokenFor(tryFindUser.Id);
}
////issue a new token for password login
var newToken = _provider.CreateNew(tryFindUser.Id);
return(SimpleAuthResult <TokenEntity> .Success(newToken));
}
}
public override TokenEntity CreateNew(long userId)
{
var newToken = base.CreateNew(userId);
using (var dbContext = new SimpleUserDbContext())
{
var obj = MapperEx.CreateFrom <TokenEntity, UserToken>(newToken);
dbContext.UserToken.Add(obj);
dbContext.SaveChanges();
}
return(newToken);
}
public SimpleAuthResult ChangePassword(long userId, string oldpassword, string password, string confirmPassword)
{
if (string.IsNullOrWhiteSpace(oldpassword) ||
string.IsNullOrWhiteSpace(password) ||
string.IsNullOrWhiteSpace(confirmPassword))
{
return(SimpleAuthResult.Fail("password field can not be empty"));
}
using (var context = new SimpleUserDbContext())
{
var user = context.LoginUser.FirstOrDefault(x => x.Id == userId);
if (user == null)
{
return(SimpleAuthResult.Fail(string.Format("user with id '{0}' not found", userId)));
}
var hashedOldPassword = HashPassword(oldpassword);
if (hashedOldPassword != user.PasswordHash)
{
return(SimpleAuthResult.Fail("current password is incorrect."));
}
if (password != confirmPassword)
{
return(SimpleAuthResult.Fail("password does not match confirm password."));
}
//// apply more rules here
//// ...
var hashedPassword = HashPassword(password);
if (hashedPassword == user.PasswordHash)
{
return(SimpleAuthResult.Fail("password can not be same with current password."));
}
user.PasswordHash = hashedPassword;
context.SaveChanges();
return(SimpleAuthResult.Success());
}
}
public override RefreshTokenResult UpdateRefresh(string refreshToken)
{
try
{
UserToken record;
using (var context = new SimpleUserDbContext())
{
record = context.UserToken.FirstOrDefault(x => refreshToken == x.RefreshToken);
string error = "";
if (record == null)
{
error = string.Format("RefreshToken '{0}' not found", refreshToken);
return(new RefreshTokenResult(false, error, TokenEntity.Default()));
}
if (record.ExpireAt < DateTime.Now)
{
error = string.Format("Token '{0}' has been expired.", refreshToken);
return(new RefreshTokenResult(false, error, TokenEntity.Default()));
}
////create new one
var newToken = CreateRefresh();
newToken.UserId = record.UserId;
record.AccessToken = newToken.AccessToken;
record.RefreshToken = newToken.RefreshToken;
record.ExpireAt = DateTime.Parse(newToken.ExpireAt);
context.SaveChanges();
return(new RefreshTokenResult(true, "", newToken));
}
}
catch (Exception ex)
{
var error = string.Format("unknown error .{0}", ex.Message);
return(new RefreshTokenResult(false, error, TokenEntity.Default()));
}
}