public UserTokenData Authenticate(string username, string password) { var user = _context.Users.SingleOrDefault(x => x.NombreUsuario.Trim().Equals(username.Trim()) && x.Pass.Trim().Equals(password.Trim())); if (user == null) { return(null); } var tokenHandler = new JwtSecurityTokenHandler(); var key = Encoding.ASCII.GetBytes(_appSettings.Secret); var tokenDescriptor = new SecurityTokenDescriptor { Subject = new ClaimsIdentity(new Claim[] { new Claim(ClaimTypes.Name, user.Id.ToString()), new Claim(ClaimTypes.NameIdentifier, user.NombreUsuario) }), Expires = DateTime.UtcNow.AddDays(1), SigningCredentials = new SigningCredentials(new SymmetricSecurityKey(key), SecurityAlgorithms.HmacSha256Signature) }; var token = tokenHandler.CreateToken(tokenDescriptor); var userToken = new UserTokenData() { UserName = username, Token = tokenHandler.WriteToken(token) }; return(userToken); }
public async Task <bool> RevokeToken(string token) { JwtSecurityToken decodedToken = this.tokenService.decodeToken(token); int userId = int.Parse(decodedToken.Id); var user = await this.unitOfWork.Users.GetByIdAsync(userId); if (user == null) { throw new AppException("Invalid token."); } int tokenId = int.Parse(decodedToken.Id); UserTokenData stoken = await unitOfWork.Users.GetUserRefreshTokenByTokenId(tokenId); if (stoken == null) { throw new AppException("Invalid Token"); } if (!stoken.IsActive) { return(false); } stoken.BlackListed = true; await unitOfWork.Users.BlackListed(tokenId); return(true); }
public object GenerateReFreshToken(string token) { var configReader = new ConfigurationReader(); var tokenManager = new TokenManager(configReader); var decrypt = AesHelper.Decrypt(token); UserTokenData userTokenData = JsonConvert.DeserializeObject <UserTokenData>(decrypt); return(tokenManager.GenerateUserRefreshToken(userTokenData)); }
public async Task <int> AddRefreshTokenAsync(UserTokenData entity) { entity.CreatedAt = DateTime.UtcNow; var sql = @"Insert into user_refresh_tokens ([user_id],[access_token],[refresh_token],[expires_at],black_listed,created_by_ip,[created_at] ) VALUES (@user_id,@AccessToken, @RefreshToken,@ExpiresAt,@BlackListed,@CreatedByIP, @CreatedAt)"; using (var connection = this.GetOpenConnection()) { var result = await connection.ExecuteAsync(sql, entity); return(result); } }
//This check the time data in the to see if the token has expire already public bool IsTokenExpired(UserTokenData userTokenData) { if (userTokenData == null) { return(true); } var now = DateTime.Now; if ((DateTime.Compare(userTokenData.AbsoluteExpiration, now) < 0) || (DateTime.Compare(userTokenData.SlidingExpiration, now) < 0)) { return(false); } return(true); }
/// <summary> /// Common method for login and register services. /// </summary> /// <param name="id"></param> /// <param name="email"></param> /// <returns></returns> private ServiceResult <LoginResponseModel> Login(int id, string email) { var tokenData = new UserTokenData { Id = id, Email = email }; string token = AuthHelper.CreateToken(UserConfig.Value.UserTokenSecret, 60 * 24, tokenData); return(ServiceResult <LoginResponseModel> .Instance.SuccessResult(new LoginResponseModel { Id = id, Token = token })); }
public async Task <ResponseAuthDto> Authenticate(LoginDto model, string ipAddress = "") { var user = await this.unitOfWork.Users.GetUserByEmailAsync(model.username); if (user == null) { throw new AppException("User not found - Invalid Email"); } if (user.password_hash == Helper.HashPassword(model.password, user.password_salt)) { throw new AppException("Invalid password"); } var userInfo = _mapper.Map <UserInfo>(user); TokenDto newAccessToken = tokenService.generateAccessToken(userInfo); TokenDto newRefreshToken = tokenService.generateRefreshToken(userInfo); var token = new UserTokenData() { AccessToken = newAccessToken.EncodedToken, RefreshToken = newRefreshToken.EncodedToken, BlackListed = false, AccessTokenExpiresAt = newRefreshToken.TokenModel.ValidTo, CreatedAt = newRefreshToken.TokenModel.IssuedAt, CreatedByIP = ipAddress, }; token.user_id = user.user_id; await this.unitOfWork.Users.AddRefreshTokenAsync(token); var tokenInfo = new TokenInfoDto { AccessToken = newAccessToken.EncodedToken, RefreshToken = newRefreshToken.EncodedToken, ExpiresAt = newRefreshToken.TokenModel.ValidTo, TokenType = JwtBearerDefaults.AuthenticationScheme }; return(new ResponseAuthDto { Token = tokenInfo, User = userInfo }); }
//This generate a refresh token for the user by updating the sliding expiration field of the token public string GenerateUserRefreshToken(UserTokenData userTokenData) { int periodSliding = _configurationReader.GetSlidingExpiration(); var freshUserTokenData = new UserTokenData(); var now = DateTime.Now; freshUserTokenData.SlidingExpiration = now.AddMinutes(periodSliding); freshUserTokenData.AbsoluteExpiration = userTokenData.AbsoluteExpiration; freshUserTokenData.PresentTime = DateTime.Now; freshUserTokenData.CipherUserName = userTokenData.CipherUserName; var newToken = AesHelper .Encrypt( JsonConvert .SerializeObject(freshUserTokenData)); return(newToken); }
public string GenerateNewTokenWithExpiryData(string userNameShaEncryptedString) { var periodSliding = _configurationReader.GetSlidingExpiration(); var periodAbsolute = _configurationReader.GetAbsoluteExpiration(); var userTokenData = new UserTokenData(); var now = DateTime.Now; userTokenData.SlidingExpiration = now.AddMinutes(periodSliding); userTokenData.PresentTime = DateTime.Now; userTokenData.AbsoluteExpiration = now.AddHours(periodAbsolute); userTokenData.CipherUserName = userNameShaEncryptedString; var newToken = AesHelper .Encrypt( JsonConvert .SerializeObject( userTokenData)); return(newToken); }
public static int AddUserToMap(string token, UserTokenData user) { try { if (!UserTokenMap.ContainsKey(token)) { UserTokenMap.Add(token, user); return 0; } else { UserTokenMap.Remove(token); UserTokenMap.Add(token, user); return 1; } } catch (Exception e) { Console.WriteLine(e.StackTrace); return -1; } }
public CoreIdentity(UserTokenData userData, IEnumerable <Claim> claims) : base(claims, DefaultNameClaimType) { UserData = userData; }
public CoreIdentity(UserTokenData userData) { UserData = userData; }
public async Task <ResponseAuthDto> RenewAccessToken(RequestAuthDto request, string ipAddress = "") { JwtSecurityToken decodedToken = this.tokenService.decodeToken(request.RefreshToken); var user = await this.unitOfWork.Users.GetByIdAsync(int.Parse(decodedToken.Subject)); if (user == null) { throw new AppException("Invalid token."); } var tokenRecord = await this.unitOfWork.Users.GetUserRefreshToken(request.RefreshToken); if (tokenRecord == null) { throw new AppException("Invalid refresh token."); } //Access token should be verified. //because on the token storage it's been save as a paired token (access and refresh token are saved together) if (tokenRecord.AccessToken != request.AccessToken) { throw new AppException("Invalid access token."); } if (tokenRecord.BlackListed) { throw new AppException("Token is blacklisted."); } if (tokenRecord.ExpiresAt.Subtract(DateTime.UtcNow).TotalSeconds <= 0) { throw new AppException("Refresh token is expired."); } //AutoMapper.Mapper.Map<Destination>(source); var userInfo = _mapper.Map <UserInfo>(user); TokenDto newAccessToken = tokenService.generateAccessToken(userInfo); TokenDto newRefreshToken = tokenService.generateRefreshToken(userInfo); await this.unitOfWork.Users.BlackListed(tokenRecord.TokenId); var token = new UserTokenData() { AccessToken = newAccessToken.EncodedToken, RefreshToken = newRefreshToken.EncodedToken, BlackListed = false, ExpiresAt = newRefreshToken.TokenModel.ValidTo, CreatedAt = newRefreshToken.TokenModel.IssuedAt, CreatedByIP = ipAddress }; await this.unitOfWork.Users.AddRefreshTokenAsync(token); var tokenInfo = new TokenInfoDto { AccessToken = newAccessToken.EncodedToken, RefreshToken = newRefreshToken.EncodedToken, ExpiresAt = newRefreshToken.TokenModel.ValidTo, TokenType = JwtBearerDefaults.AuthenticationScheme }; return(new ResponseAuthDto { Token = tokenInfo, User = userInfo }); }