public AuthViewModel GenerateAccessToken(TokenDataViewModel tokenData) { var claims = GetUserClaims(tokenData); var now = DateTime.UtcNow; var expires = now.Add(TimeSpan.FromDays(TokenOptions.LIFETIME)); var jwt = new JwtSecurityToken( issuer: TokenOptions.ISSUER, audience: TokenOptions.AUDIENCE, notBefore: now, claims: claims, expires: expires, signingCredentials: new SigningCredentials(TokenOptions.GetSymmetricSecurityKey(), SecurityAlgorithms.HmacSha256)); var token = new JwtSecurityTokenHandler().WriteToken(jwt); return(new AuthViewModel { Token = new TokenViewModel { Token = token, Type = "bearer", ExpiredAt = expires, Claims = claims.Select(x => new ClaimViewModel { Type = x.Type, Value = x.Value }).ToList() } }); }
private Claim GetRoleClaim(TokenDataViewModel tokenData) { Claim claim = null; if (tokenData.Roles != null && tokenData.Roles.Count > 1) { claim = new Claim(ClaimTypes.Role, tokenData.Roles.OrderByDescending(x => x.Lvl).FirstOrDefault().Name); } else { claim = new Claim(ClaimTypes.Role, tokenData.Roles[0].Name); } return(claim); }
private List <Claim> GetUserClaims(TokenDataViewModel tokenData) { var claims = new List <Claim>(9); claims.Add(new Claim(ClaimTypes.NameIdentifier, tokenData.User.Id.ToString())); claims.Add(new Claim(ClaimTypes.Name, tokenData.User.Username)); claims.Add(new Claim(ClaimTypes.Email, tokenData.UserLogin.Login)); claims.Add(new Claim(ClaimTypes.AuthenticationMethod, "pwd")); claims.Add(GetRoleClaim(tokenData)); claims.Add(new Claim("AppName", tokenData.App.Name)); //claims.Add(new Claim("Device", GetDeviceNameClaim(tokenData.Session))); claims.Add(new Claim("DeviceType", GetDeviceTypeClaim(tokenData.Session))); claims.Add(new Claim("Platform", GetOsClaim(tokenData.Session))); return(claims); }
public async Task <Result <UserLoginViewModel> > LoginByEmailAsync(LoginEmailCreateModel model) { var userLogin = await _db.UserLogins.AsNoTracking().FirstOrDefaultAsync(x => x.Login == model.Login && x.Type == UserLoginType.Email); if (userLogin == null) { return(new Result <UserLoginViewModel>("User with this login not exist")); } var app = await _db.Apps.AsNoTracking().FirstOrDefaultAsync(x => x.AppId == model.App.AppId); if (app == null) { return(new Result <UserLoginViewModel>("App not found")); } if (app.AppSecret != model.App.AppSecret) { return(new Result <UserLoginViewModel>("App creds not real")); } if (!app.IsActiveByDate) { return(new Result <UserLoginViewModel>("App is expiration by date")); } if (app.InDevelopment) { if (!app.CanUseWhileDevelopment.Contains(userLogin.UserId)) { return(new Result <UserLoginViewModel>("App in development")); } } if (!userLogin.IsConfirm) { return(new Result <UserLoginViewModel>("User not confirm")); } if (!model.Password.VerifyPasswordHash(userLogin.PasswordHash)) { return(new Result <UserLoginViewModel>("Login or password is incorrect")); } var clientInfo = _detectClient.GetClientInfo(model); var currentUser = await _db.Users.AsNoTracking().FirstOrDefaultAsync(x => x.Id == userLogin.UserId); if (currentUser == null) { return(new Result <UserLoginViewModel>("User not found")); } var userRoles = await _db.UserRoles.Include(x => x.Role).Where(x => x.UserId == userLogin.UserId).Select(x => x.Role).ToListAsync(); Location location; var reqLocation = await _locationService.GetIpInfoAsync(model.IP); if (reqLocation == null) { location = null; } else { location = new Location { City = reqLocation.City, Country = reqLocation.Country, IP = reqLocation.Query, Lat = reqLocation.Latitude, Lon = reqLocation.Longitude, Region = reqLocation.Region } }; var newSession = new Session { CreatedAt = DateTime.Now, CreatedBy = userLogin.Login, CreatedFromIP = model.IP, App = app, Device = clientInfo, Location = location, IsActive = true, UserId = currentUser.Id, DateUnActive = null, LastUpdatedAt = null, LastUpdatedBy = null, LastUpdatedFromIP = null, Version = 0, }; var dataForToken = new TokenDataViewModel { User = currentUser, UserLogin = userLogin, Roles = userRoles, App = app, Session = newSession }; var res = _claimsProvider.GenerateAccessToken(dataForToken); newSession.Token = res.Token.Token; await _db.Sessions.AddAsync(newSession); await _db.SaveChangesAsync(); _tokenManager.AddNewToken(newSession.Token); return(new Result <UserLoginViewModel>(new UserLoginViewModel(res))); }