private static Task HandleUnauthorizedExceptionAsync(HttpContext context, UnauthorizedApiException exception)
{
context.Response.ContentType = "application/json";
context.Response.StatusCode = (int)HttpStatusCode.Unauthorized;
return(context.Response.WriteAsync(exception.Message));
}
public async Task <UserModel> SignInUserAsync(UserSignInSpec userSignInSpec)
{
userSignInSpec.Email = ProcessEmail(userSignInSpec.Email);
userSignInSpec.Password = ProcessPassword(userSignInSpec.Password);
try
{
using (var transaction = await _identityDbContext.Database.BeginTransactionAsync().ConfigureAwait(false))
{
var user = await _userManager.FindByEmailAsync(userSignInSpec.Email).ConfigureAwait(false);
if (user == null)
{
throw new UnauthorizedApiException(UnauthorizedApiException.InvalidCredentials, "The user credentials are not valid");
}
bool remember = userSignInSpec.RememberSet && userSignInSpec.Remember;
var result = await _signInManager.PasswordSignInAsync(userSignInSpec.Email, userSignInSpec.Password, remember, lockoutOnFailure : true).ConfigureAwait(false);
if (result.Succeeded)
{
_logger.LogInformation("User signed in");
await _identityDbContext.SaveChangesAsync().ConfigureAwait(false);
transaction.Commit();
return(user);
}
// authorization failed
await _identityDbContext.SaveChangesAsync().ConfigureAwait(false);
transaction.Commit();
if (result.IsLockedOut)
{
_logger.LogWarning("User account is locked out");
throw new UnauthorizedApiException(UnauthorizedApiException.AccountLockedOut, "The user account is locked out");
}
else if (result.IsNotAllowed)
{
var exception = new UnauthorizedApiException(UnauthorizedApiException.EmailNotConfirmed, "The email address is not yet confirmed");
exception.UserUuid = user.Id;
throw exception;
}
else
{
throw new UnauthorizedApiException(UnauthorizedApiException.InvalidCredentials, "The user credentials are not valid");
}
}
}
catch (ApiException e)
{
throw e;
}
catch (Exception e)
{
_logger.LogError($"Error when signing in user: {e}");
throw new InternalServerErrorApiException();
}
}
