public async Task <bool> Set(string key, ApplicationUserToken token, object o, TimeSpan expiry) { var db = _redis.GetDatabase(); var jwt = (o as dynamic); var permissionViewModels = (jwt.resources as List <ApplicationPermissionViewModel>); var resources = JsonConvert.SerializeObject(permissionViewModels); var redisValue = await db.StringGetAsync(key); IList <string> jtiList = new List <string>(); if (redisValue.IsNullOrEmpty) { var jti = token.Jti as string; jtiList.Add(jti); } else { var dbValue = (dynamic)JsonConvert.DeserializeObject(redisValue.ToString()); var array = ((dbValue as dynamic).jtis as dynamic) as JArray; array.Add(token.Jti); jtiList = array.ToObject <List <string> >(); } var value = new { jtis = jtiList, resources = resources }; var stringSet = await db.StringSetAsync(key, JsonConvert.SerializeObject(value), expiry); return(stringSet); }
public async Task <IActionResult> PutApplicationUserToken(string id, ApplicationUserToken applicationUserToken) { if (id != applicationUserToken.UserId) { return(BadRequest()); } _context.Entry(applicationUserToken).State = EntityState.Modified; try { await _context.SaveChangesAsync(); } catch (DbUpdateConcurrencyException) { if (!ApplicationUserTokenExists(id)) { return(NotFound()); } else { throw; } } return(NoContent()); }
public async Task <ActionResult <UserToken> > CreateUser([FromBody] UserInfoToken model) { try { var user = new ApplicationUserToken { UserName = model.Email, Email = model.Email }; var result = await _userManager.CreateAsync(user, model.Password); if (result.Succeeded) { return(_tokenService.BuildToken(model)); } else { return(BadRequest("Usuário ou senha inválidos")); } } catch (Exception e) { return(NotFound(new { message = e.Message, errorCode = (int)HttpStatusCode.NotFound })); } }
protected override async Task RemoveUserTokenAsync(ApplicationUserToken token) { var userToken = new UserTokenRequest { LoginProvider = token.LoginProvider, Name = token.Name, Value = token.Value, UserId = token.UserId }; await _authenticationService.RemoveUserTokenAsync(userToken); }
protected override Task AddUserTokenAsync(ApplicationUserToken token) { var userToken = new UserTokenRequest { LoginProvider = token.LoginProvider, Name = token.Name, Value = token.Value, UserId = token.UserId, ExpiryTime = token.ExpiryTime }; _authenticationService.CreateUserToken(userToken); return(Task.CompletedTask); }
public async Task SaveTokenAsync(int userId, string audience, KeyValuePair <string, string> token, ILoginUow loginUow) { var applicationUserToken = new ApplicationUserToken { AudienceType = audience, CreatedDateTime = DateTime.UtcNow, UserId = userId, JwtToken = token.Value, SecurityKey = token.Key }; await loginUow.RegisterNewAsync <ApplicationUserToken>(applicationUserToken); await loginUow.CommitAsync(); this.Tokens.AddOrUpdate(token.Key, token.Value, (x, y) => token.Value); }
public async Task <ActionResult> Post([FromBody] LoginViewModel loginViewModel) { if (!ModelState.IsValid) { return(BadRequest(ModelState)); } ClaimsIdentity identity = await GetClaimsIdentity(loginViewModel.Username, loginViewModel.Password); if (identity == null) { return(BadRequest(Errors.AddErrorToModelState("login_failure", "Invalid username or password.", ModelState))); } Claim claim = identity.Claims.First(x => x.Type == Constants.Strings.JwtClaimIdentifiers.Id); var userId = claim.Value.ToString(); ApplicationUser user = securityDb.Users.First(x => x.Id == userId); if (user == null) { logger.LogError("Invalid login attempt for {UserName}", loginViewModel.Username); return(BadRequest("The user name or password is incorrect.")); } if (user.IsActive == false) { logger.LogError("Invalid login attempt for {UserName}", user.UserName); return(BadRequest("User is deactivated")); } var userRoles = securityDb.ApplicationUserRoles.Where(x => x.UserId == user.Id).Select(x => x.RoleId).ToList(); var roles = securityDb.ApplicationRoles.Where(x => userRoles.Contains(x.Id)).Select(x => x.Id).ToList(); //List<ApplicationPermissionViewModel> resources = new List<ApplicationPermissionViewModel>(); List <dynamic> resources = new List <dynamic>(); if (roles != null && roles.Count > 0) { resources = securityDb.Permissions.Include(x => x.Resource).Include(x => x.Role).Where(x => roles.Contains(x.RoleId) && x.IsAllowed).Select(x => x.GetMinimalViewModel()) .ToList(); } dynamic jwt = await Tokens.GenerateJwt( identity, jwtFactory, jwtOptions, user, roles, resources); var jtiClaim = identity.Claims.First(x => x.Type == JwtRegisteredClaimNames.Jti); var token = new ApplicationUserToken() { UserId = user.Id, Name = user.UserName, LoginProvider = jtiClaim.Value, Value = true.ToString(), Jti = jtiClaim.Value }; await securityDb.UserTokens.AddAsync(token); await securityDb.SaveChangesAsync(); await redisService.Set(token.Name, jwtOptions.ValidFor, token.Jti, JsonConvert.SerializeObject(resources)); return(Ok(jwt)); }
public async Task <ActionResult <ApplicationUserToken> > PostApplicationUserToken(ApplicationUserToken applicationUserToken) { _context.ApplicationUserTokens.Add(applicationUserToken); try { await _context.SaveChangesAsync(); } catch (DbUpdateException) { if (ApplicationUserTokenExists(applicationUserToken.UserId)) { return(Conflict()); } else { throw; } } return(CreatedAtAction("GetApplicationUserToken", new { id = applicationUserToken.UserId }, applicationUserToken)); }
public async Task <ActionResult> Post([FromBody] LoginViewModel loginViewModel) { if (!ModelState.IsValid) { return(BadRequest(ModelState)); } ClaimsIdentity identity = await GetClaimsIdentity(loginViewModel.Username, loginViewModel.Password); if (identity == null) { return(BadRequest(Errors.AddErrorToModelState("login_failure", "Invalid username or password.", ModelState))); } Claim claim = identity.Claims.First(x => x.Type == Constants.Strings.JwtClaimIdentifiers.Id); var userId = claim.Value.ToString(); ApplicationUser user = securityDb.Users.First(x => x.Id == userId); if (user == null) { logger.LogError("Invalid login attempt for {UserName}", loginViewModel.Username); return(BadRequest("The user name or password is incorrect.")); } if (user.IsActive == false) { logger.LogError("Invalid login attempt for {UserName}", user.UserName); return(BadRequest("User is Deactivated")); } var userRoles = securityDb.ApplicationUserRoles.Where(x => x.UserId == user.Id).Select(x => x.RoleId).ToList(); var roles = securityDb.ApplicationRoles.Where(x => userRoles.Contains(x.Id)).Select(x => (dynamic) new { x.Id, x.Name }).ToList(); dynamic jwt = await Tokens.GenerateJwt( identity, jwtFactory, jwtOptions, user, roles, new JsonSerializerSettings { Formatting = Formatting.None }, securityDb); var jtiClaim = identity.Claims.First(x => x.Type == JwtRegisteredClaimNames.Jti); var token = new ApplicationUserToken() { UserId = user.Id, Name = user.UserName, LoginProvider = jtiClaim.Value, Value = true.ToString(), Jti = jtiClaim.Value }; await securityDb.UserTokens.AddAsync(token); await securityDb.SaveChangesAsync(); await redisService.Set($"{token.Name}", token, jwt, jwtOptions.ValidFor); return(Ok(jwt)); }