public async Task <bool> Set(string key, ApplicationUserToken token, object o, TimeSpan expiry)
{
var db = _redis.GetDatabase();
var jwt = (o as dynamic);
var permissionViewModels = (jwt.resources as List <ApplicationPermissionViewModel>);
var resources = JsonConvert.SerializeObject(permissionViewModels);
var redisValue = await db.StringGetAsync(key);
IList <string> jtiList = new List <string>();
if (redisValue.IsNullOrEmpty)
{
var jti = token.Jti as string;
jtiList.Add(jti);
}
else
{
var dbValue = (dynamic)JsonConvert.DeserializeObject(redisValue.ToString());
var array = ((dbValue as dynamic).jtis as dynamic) as JArray;
array.Add(token.Jti);
jtiList = array.ToObject <List <string> >();
}
var value = new { jtis = jtiList, resources = resources };
var stringSet = await db.StringSetAsync(key, JsonConvert.SerializeObject(value), expiry);
return(stringSet);
}
public async Task <IActionResult> PutApplicationUserToken(string id, ApplicationUserToken applicationUserToken)
{
if (id != applicationUserToken.UserId)
{
return(BadRequest());
}
_context.Entry(applicationUserToken).State = EntityState.Modified;
try
{
await _context.SaveChangesAsync();
}
catch (DbUpdateConcurrencyException)
{
if (!ApplicationUserTokenExists(id))
{
return(NotFound());
}
else
{
throw;
}
}
return(NoContent());
}
public async Task <ActionResult <UserToken> > CreateUser([FromBody] UserInfoToken model)
{
try {
var user = new ApplicationUserToken {
UserName = model.Email, Email = model.Email
};
var result = await _userManager.CreateAsync(user, model.Password);
if (result.Succeeded)
{
return(_tokenService.BuildToken(model));
}
else
{
return(BadRequest("Usuário ou senha inválidos"));
}
}
catch (Exception e)
{
return(NotFound(new
{
message = e.Message,
errorCode = (int)HttpStatusCode.NotFound
}));
}
}
protected override async Task RemoveUserTokenAsync(ApplicationUserToken token)
{
var userToken = new UserTokenRequest
{
LoginProvider = token.LoginProvider,
Name = token.Name,
Value = token.Value,
UserId = token.UserId
};
await _authenticationService.RemoveUserTokenAsync(userToken);
}
protected override Task AddUserTokenAsync(ApplicationUserToken token)
{
var userToken = new UserTokenRequest
{
LoginProvider = token.LoginProvider,
Name = token.Name,
Value = token.Value,
UserId = token.UserId,
ExpiryTime = token.ExpiryTime
};
_authenticationService.CreateUserToken(userToken);
return(Task.CompletedTask);
}
public async Task SaveTokenAsync(int userId, string audience, KeyValuePair <string, string> token, ILoginUow loginUow)
{
var applicationUserToken = new ApplicationUserToken
{
AudienceType = audience,
CreatedDateTime = DateTime.UtcNow,
UserId = userId,
JwtToken = token.Value,
SecurityKey = token.Key
};
await loginUow.RegisterNewAsync <ApplicationUserToken>(applicationUserToken);
await loginUow.CommitAsync();
this.Tokens.AddOrUpdate(token.Key, token.Value, (x, y) => token.Value);
}
public async Task <ActionResult> Post([FromBody] LoginViewModel loginViewModel)
{
if (!ModelState.IsValid)
{
return(BadRequest(ModelState));
}
ClaimsIdentity identity = await GetClaimsIdentity(loginViewModel.Username, loginViewModel.Password);
if (identity == null)
{
return(BadRequest(Errors.AddErrorToModelState("login_failure", "Invalid username or password.",
ModelState)));
}
Claim claim = identity.Claims.First(x => x.Type == Constants.Strings.JwtClaimIdentifiers.Id);
var userId = claim.Value.ToString();
ApplicationUser user = securityDb.Users.First(x => x.Id == userId);
if (user == null)
{
logger.LogError("Invalid login attempt for {UserName}", loginViewModel.Username);
return(BadRequest("The user name or password is incorrect."));
}
if (user.IsActive == false)
{
logger.LogError("Invalid login attempt for {UserName}", user.UserName);
return(BadRequest("User is deactivated"));
}
var userRoles = securityDb.ApplicationUserRoles.Where(x => x.UserId == user.Id).Select(x => x.RoleId).ToList();
var roles = securityDb.ApplicationRoles.Where(x => userRoles.Contains(x.Id)).Select(x => x.Id).ToList();
//List<ApplicationPermissionViewModel> resources = new List<ApplicationPermissionViewModel>();
List <dynamic> resources = new List <dynamic>();
if (roles != null && roles.Count > 0)
{
resources = securityDb.Permissions.Include(x => x.Resource).Include(x => x.Role).Where(x => roles.Contains(x.RoleId) && x.IsAllowed).Select(x => x.GetMinimalViewModel())
.ToList();
}
dynamic jwt = await Tokens.GenerateJwt(
identity,
jwtFactory,
jwtOptions,
user,
roles,
resources);
var jtiClaim = identity.Claims.First(x => x.Type == JwtRegisteredClaimNames.Jti);
var token = new ApplicationUserToken()
{
UserId = user.Id,
Name = user.UserName,
LoginProvider = jtiClaim.Value,
Value = true.ToString(),
Jti = jtiClaim.Value
};
await securityDb.UserTokens.AddAsync(token);
await securityDb.SaveChangesAsync();
await redisService.Set(token.Name, jwtOptions.ValidFor, token.Jti, JsonConvert.SerializeObject(resources));
return(Ok(jwt));
}
public async Task <ActionResult <ApplicationUserToken> > PostApplicationUserToken(ApplicationUserToken applicationUserToken)
{
_context.ApplicationUserTokens.Add(applicationUserToken);
try
{
await _context.SaveChangesAsync();
}
catch (DbUpdateException)
{
if (ApplicationUserTokenExists(applicationUserToken.UserId))
{
return(Conflict());
}
else
{
throw;
}
}
return(CreatedAtAction("GetApplicationUserToken", new { id = applicationUserToken.UserId }, applicationUserToken));
}
public async Task <ActionResult> Post([FromBody] LoginViewModel loginViewModel)
{
if (!ModelState.IsValid)
{
return(BadRequest(ModelState));
}
ClaimsIdentity identity = await GetClaimsIdentity(loginViewModel.Username, loginViewModel.Password);
if (identity == null)
{
return(BadRequest(Errors.AddErrorToModelState("login_failure", "Invalid username or password.",
ModelState)));
}
Claim claim = identity.Claims.First(x => x.Type == Constants.Strings.JwtClaimIdentifiers.Id);
var userId = claim.Value.ToString();
ApplicationUser user = securityDb.Users.First(x => x.Id == userId);
if (user == null)
{
logger.LogError("Invalid login attempt for {UserName}", loginViewModel.Username);
return(BadRequest("The user name or password is incorrect."));
}
if (user.IsActive == false)
{
logger.LogError("Invalid login attempt for {UserName}", user.UserName);
return(BadRequest("User is Deactivated"));
}
var userRoles = securityDb.ApplicationUserRoles.Where(x => x.UserId == user.Id).Select(x => x.RoleId).ToList();
var roles = securityDb.ApplicationRoles.Where(x => userRoles.Contains(x.Id)).Select(x => (dynamic) new { x.Id, x.Name }).ToList();
dynamic jwt = await Tokens.GenerateJwt(
identity,
jwtFactory,
jwtOptions,
user,
roles,
new JsonSerializerSettings { Formatting = Formatting.None },
securityDb);
var jtiClaim = identity.Claims.First(x => x.Type == JwtRegisteredClaimNames.Jti);
var token = new ApplicationUserToken()
{
UserId = user.Id,
Name = user.UserName,
LoginProvider = jtiClaim.Value,
Value = true.ToString(),
Jti = jtiClaim.Value
};
await securityDb.UserTokens.AddAsync(token);
await securityDb.SaveChangesAsync();
await redisService.Set($"{token.Name}", token, jwt, jwtOptions.ValidFor);
return(Ok(jwt));
}
