private async Task <ServiceResult> ValidateUserToken(long userid, string access_token, string refresh_token) { ServiceResult response = new ServiceResult(false, ""); ServiceResult <IEnumerable <UserTokenBo> > userTokenResult = await serviceManager.UserToken_Service.GetAsync( filter : (x => x.UserId == userid && x.RefreshToken == refresh_token), orderBy : (x => x.OrderByDescending(x => x.ExpiryDate))); if (!userTokenResult.Success || userTokenResult.Data == null || userTokenResult.Data.FirstOrDefault() == null) { response = new ServiceResult(false, "Refresh token not found!"); return(response); } UserTokenBo userTokenBo = userTokenResult.Data.FirstOrDefault(); if (userTokenBo.ExpiryDate < DateTime.UtcNow) { response = new ServiceResult(false, "Refresh token expired!"); return(response); } if (userTokenBo.IsLogout) { response = new ServiceResult(false, "Refresh token logouted!"); return(response); } if (userTokenBo.AccessToken != access_token) { response = new ServiceResult(false, "Access token mismatch!"); return(response); } response = new ServiceResult(true, ""); return(response); }
public async Task <GenericResponse> Put(long id, UserTokenDto dto) { if (id != dto.Id) { return(GenericResponse.Error(ResultType.Error, "Ids are mismatch!", "RT_PT_01", StatusCodes.Status500InternalServerError)); } try { UserTokenBo bo = UserTokenBo.ConvertToBusinessObject(dto); ServiceResult serviceResult = await serviceManager.UserToken_Service.UpdateAsync(id, bo); if (serviceResult.Success) { await serviceManager.CommitAsync(); return(GenericResponse.Ok()); } else { return(GenericResponse.Error(ResultType.Error, serviceResult.Error, "RT_PT_02", StatusCodes.Status500InternalServerError)); } } catch (Exception ex) { Log(ex.Message, LogLevel.Error, this.ControllerContext.RouteData.Values); return(GenericResponse.Error(ResultType.Error, ex.Message, "RT_PT_03", StatusCodes.Status500InternalServerError)); } }
public async Task <GenericResponse> Logout() { try{ Claim claim = null; long userTokenId = 0; string access_token = ""; IHttpContextAccessor httpContextAccessor = (IHttpContextAccessor)serviceManager.serviceContext.Items["IHttpContextAccessor"]; if (httpContextAccessor != null && httpContextAccessor.HttpContext != null && httpContextAccessor.HttpContext.User != null) { claim = httpContextAccessor.HttpContext.User.Claims.FirstOrDefault(c => c.Type == "utid"); if (claim != null) { if (!long.TryParse(claim.Value, out userTokenId)) { userTokenId = 0; } } } if (userTokenId == 0) { access_token = serviceManager.serviceContext.Items["Token"].ToString(); if (string.IsNullOrEmpty(access_token)) { return(GenericResponse.Error(ResultType.Error, "Token not found into the request!", "U_LO_01", StatusCodes.Status404NotFound)); } } UserTokenBo userTokenBo = null; ServiceResult <IEnumerable <UserTokenBo> > result = null; if (userTokenId > 0) { result = await serviceManager.UserToken_Service.GetAsync( filter : (rt => rt.Id == userTokenId && rt.UserId == this.currentUserId), orderBy : (rt => rt.OrderByDescending(x => x.ExpiryDate))); } else { result = await serviceManager.UserToken_Service.GetAsync( filter : (rt => rt.AccessToken == access_token && rt.UserId == this.currentUserId), orderBy : (rt => rt.OrderByDescending(x => x.ExpiryDate))); } if (!result.Success) { return(GenericResponse.Error(ResultType.Error, "User Token Not Found!", "U_LO_02", StatusCodes.Status404NotFound)); } userTokenBo = result.Data.FirstOrDefault(); userTokenBo.LogoutTime = DateTime.Now; userTokenBo.IsLogout = true; await serviceManager.UserToken_Service.UpdateAsync(userTokenBo.Id, userTokenBo); return(GenericResponse.Ok()); } catch (Exception ex) { return(GenericResponse.Error(ResultType.Error, ex.Message, "U_LO_03", StatusCodes.Status500InternalServerError)); } }
public void OnAuthorization(AuthorizationFilterContext context) { var user = context.HttpContext.User; if (!user.Identity.IsAuthenticated) { // it isn't needed to set unauthorized result // as the base class already requires the user to be authenticated // this also makes redirect to a login page work properly // context.Result = new UnauthorizedResult(); return; } try { long userTokenId = 0; Claim claim = user.Claims.FirstOrDefault(x => x.Type == "utid"); if (claim == null || !long.TryParse(claim.Value, out userTokenId)) { context.Result = new JsonResult(new { message = "User Token Id Not Found!" }) { StatusCode = StatusCodes.Status401Unauthorized }; return; } UserTokenBo userTokenBo = null; ServiceResult <UserTokenBo> result = serviceManager.UserToken_Service.GetByIdAsync(userTokenId).Result; if (!result.Success) { context.Result = new JsonResult(new { message = "User Token Not Found!" }) { StatusCode = StatusCodes.Status401Unauthorized }; return; } userTokenBo = result.Data; if (userTokenBo.IsLogout) { context.Result = new JsonResult(new { message = "Token Expired!" }) { StatusCode = StatusCodes.Status401Unauthorized }; return; } } catch (Exception ex) { context.Result = new JsonResult(new { message = ex.Message }) { StatusCode = StatusCodes.Status500InternalServerError }; return; } }
private UserTokenBo GenerateUserToken(UserBo userBo) { UserTokenBo userToken = new UserTokenBo(); userToken.UserId = userBo.Id; userToken.LoginTime = DateTime.UtcNow; // Token Life Time Setting int tokenLifeTimeSec = (userBo.UserType != null && userBo.UserType.TokenLifeTime > 0) ? userBo.UserType.TokenLifeTime : 60; DateTime dtimeTokenLife = DateTime.UtcNow.AddSeconds(tokenLifeTimeSec); userToken.ExpiryDate = dtimeTokenLife; return(userToken); }
private async Task <ServiceResult <TokenResponseDto> > GetTokenResponseAsync(UserBo user) { string accessToken = ""; string refreshToken = GenerateRefreshToken(); ServiceResult <TokenResponseDto> response = null; UserTokenBo userTokenBo = GenerateUserToken(user); userTokenBo.RefreshToken = refreshToken; userTokenBo.AccessToken = ""; ServiceResult <UserTokenBo> userTokenResult = await serviceManager.UserToken_Service.CreateAsync(userTokenBo); if (!userTokenResult.Success) { response = new ServiceResult <TokenResponseDto>(null, false, "User Token Create Failed!"); return(response); } userTokenBo = userTokenResult.Data; try { //sign your token here here.. accessToken = GenerateAccessToken(userTokenBo.Id, user); } catch (Exception ex) { response = new ServiceResult <TokenResponseDto>(null, false, "Token Create Failed! " + (ex.Message)); return(response); } userTokenBo.AccessToken = accessToken; await serviceManager.UserToken_Service.UpdateAsync(userTokenBo.Id, userTokenBo); await serviceManager.UserLogin_Service.CreateAsync(new UserLoginBo() { UserId = user.Id, LoginTime = DateTime.UtcNow }); TokenResponseDto tokenResponseDto = UserBo.ConvertToTokenResponseDto(user); tokenResponseDto.AccessToken = accessToken; tokenResponseDto.RefreshToken = refreshToken; response = new ServiceResult <TokenResponseDto>(tokenResponseDto, true, ""); return(response); }
public async Task <GenericResponse <UserTokenDto> > Get(long id) { UserTokenBo bo = null; ServiceResult <UserTokenBo> result = await serviceManager.UserToken_Service.GetByIdAsync(id); if (result.Success) { bo = result.Data; } else { Log(result.Error, LogLevel.Error, this.ControllerContext.RouteData.Values); } if (bo == null) { return(GenericResponse <UserTokenDto> .Error(ResultType.Error, "User Not Found!", "RT_G_01", StatusCodes.Status404NotFound)); } return(GenericResponse <UserTokenDto> .Ok(UserTokenBo.ConvertToDto(bo))); }
public async Task <GenericResponse <UserTokenDto> > Post([FromBody] UserTokenDto dto) { UserTokenBo bo = UserTokenBo.ConvertToBusinessObject(dto); ServiceResult <UserTokenBo> result = await serviceManager.UserToken_Service.CreateAsync(bo); if (result.Success) { bo = result.Data; await serviceManager.CommitAsync(); } else { return(GenericResponse <UserTokenDto> .Error(ResultType.Error, result.Error, "RT_PST_01", StatusCodes.Status500InternalServerError)); } if (bo == null) { return(GenericResponse <UserTokenDto> .Error(ResultType.Error, "NOt Found!", "RT_PST_02", StatusCodes.Status404NotFound)); } return(GenericResponse <UserTokenDto> .Ok(UserTokenBo.ConvertToDto(bo))); }