public TokensViewmodel CreateTokens(Claim[] claims) { DateTime generationTime = DateTime.Now; var tokenHandler = new JwtSecurityTokenHandler(); JwtSecurityToken token = tokenHandler.CreateJwtSecurityToken( issuer: jwtOptions.Value.Issuer, audience: jwtOptions.Value.Audience, subject: new ClaimsIdentity(claims), notBefore: generationTime, expires: DateTime.Now.AddMinutes(jwtOptions.Value.ExpiryMinutes), issuedAt: generationTime, signingCredentials: new SigningCredentials( ((IJwtSigningDecodingKey)signingKeys).GetKey(), signingKeys.SigningAlgorithm), encryptingCredentials: new EncryptingCredentials( ((IJwtEncryptingEncodingKey)encryptingKeys).GetKey(), encryptingKeys.SigningAlgorithm, encryptingKeys.EncryptingAlgorithm) ); TokensViewmodel model = new TokensViewmodel() { AccessToken = tokenHandler.WriteToken(token), RefreshToken = GenerateRandomToken(), GenerationTime = generationTime }; return(model); }
public async Task <ServiceResult> AuthenticateAsync(AuthenticationViewModel model, string ip) { ServiceResult result = new ServiceResult(); User user = await LoginAsync(model); if (user != null) { BannedDevice device = await context.BannedDevices.FirstOrDefaultAsync(d => d.UserId == user.Id && d.Fingerprint == model.Fingerprint); if (device == null) { Session session = await context.Sessions.FirstOrDefaultAsync(s => s.UserId == user.Id && s.FingerPrint == model.Fingerprint); if (session == null) { session = new Session() { UserId = user.Id, SessionId = GenerateRandomToken(), FingerPrint = model.Fingerprint, CreatedAt = DateTime.Now, App = model.App, OsCpu = model.OsCpu, // ExpiresInDays = 30, Location = GetLocationByIp(ip) }; context.Sessions.Add(session); } TokensViewmodel tokens = CreateTokens(new Claim[] { new Claim("UserId", user.Id.ToString()), new Claim("UserEmail", user.Email), new Claim("Fingerprint", model.Fingerprint), new Claim("Ip", ip), new Claim("SessionId", session.SessionId) }); session.IpAddress = ip; session.RefreshToken = tokens.RefreshToken; await context.SaveChangesAsync(); result.Data = JsonConvert.SerializeObject(tokens); } else { result.SetFail("Access is blocked"); } } else { result.SetFail("Authentication failed"); } return(result); }