public ActionResult <AuthResultModel> Post([FromBody] AuthRequestModel model) { User user = _userRepository.GetUserByLogin(model.Login); if (user == null) { return(Unauthorized("User does not exist")); } if (_userRepository.Login(model.Login, model.Password)) { var result = new AuthResultModel() { Success = true }; var token = TokenSecurity.GenerateJwt(model.Login); result.Token = new JwtSecurityTokenHandler().WriteToken(token); result.Expiration = token.ValidTo; result.Name = $"{user.Firstname} {user.Lastname}"; result.Roles = user.Roles.Select(o => o.RoleId.ToString()).ToArray(); result.UserId = user.Id; return(Created("", result)); } return(Unauthorized("Wrong login or password")); }
private async void CheckJwt() { if (!(expirationTime != null && expirationTime.Value >= DateTime.UtcNow.AddSeconds(25))) { // Refresh UriBuilder ub = new UriBuilder(rootUrl + "/api/account/refreshtoken"); StringBuilder sb = new StringBuilder(); IntPtr valuePtr = Marshal.SecureStringToGlobalAllocUnicode(refreshToken); for (int i = 0; i < refreshToken.Length; i++) { short unicodeChar = Marshal.ReadInt16(valuePtr, i * 2); sb.Append((char)unicodeChar); } string json = JsonConvert.SerializeObject(new { RefreshToken = sb.ToString() }); var data = new StringContent(json, Encoding.UTF8, "application/json"); HttpResponseMessage response = await client.PostAsync(ub.Uri, data); string resultString = await response.Content.ReadAsStringAsync(); ResponseModel responseResult = JsonConvert.DeserializeObject <ResponseModel>(resultString); JObject jOData = (JObject)responseResult.Data; AuthResultModel authResult = jOData.ToObject <AuthResultModel>(); refreshToken.Clear(); for (int i = 0; i < authResult.refresh_token.Length; i++) { refreshToken.AppendChar(authResult.refresh_token[i]); } expirationTime = authResult.expiration.AddHours(3); client.DefaultRequestHeaders.Authorization = new AuthenticationHeaderValue("Bearer", authResult.acces_token); } }
public static async Task <IActionResult> CreateDieataryManagement( [HttpTrigger(AuthorizationLevel.Anonymous, "post", Route = (Routes.APIVersion + Routes.DietaryManagement))] HttpRequest req, ILogger log) { //link voor swagger https://devkimchi.com/2019/02/02/introducing-swagger-ui-on-azure-functions/ log.LogInformation("C# HTTP trigger function processed a request."); string requestBody = await new StreamReader(req.Body).ReadToEndAsync(); if (string.IsNullOrEmpty(requestBody)) { return(new UnprocessableEntityObjectResult(Messages.ErrorMissingValues)); } DietaryManagementModel dietary = new DietaryManagementModel(); JsonConvert.PopulateObject(requestBody, dietary); #region AuthCheck AuthResultModel authResult = await DIContainer.Instance.GetService <IAuthorization>().CheckAuthorization(req, dietary.PatientId); if (!authResult.Result) { return(new StatusCodeResult((int)authResult.StatusCode)); } #endregion Dictionary <ServiceDictionaryKey, object> dictionary = await DIContainer.Instance.GetService <IDietaryManagementService>().TryAddDietaryManagement(dietary); return(DIContainer.Instance.GetService <IResponseHandler>().ForgeResponse(dictionary)); }
public static async Task <IActionResult> GetDietaryManagementByPatient( [HttpTrigger(AuthorizationLevel.Anonymous, "get", Route = (Routes.APIVersion + Routes.GetDietaryManagement))] HttpRequest req, string patientId, ILogger log) { //link voor swagger https://devkimchi.com/2019/02/02/introducing-swagger-ui-on-azure-functions/ int id; if (!int.TryParse(patientId, out id)) { return(new UnprocessableEntityObjectResult(Messages.ErrorIncorrectId)); } #region AuthCheck AuthResultModel authResult = await DIContainer.Instance.GetService <IAuthorization>().AuthForDoctorOrPatient(req, id); if (!authResult.Result) { return(new StatusCodeResult((int)authResult.StatusCode)); } #endregion Dictionary <ServiceDictionaryKey, object> dictionary = await DIContainer.Instance.GetService <IDietaryManagementService>().TryGetDietaryManagementByPatient(id); return(DIContainer.Instance.GetService <IResponseHandler>().ForgeResponse(dictionary)); }
public static async Task <IActionResult> Run( [HttpTrigger(AuthorizationLevel.Anonymous, "delete", Route = (Routes.APIVersion + Routes.SpecificDoctor))] HttpRequest req, ILogger log, int doctorId) { #region AuthCheck AuthResultModel authResult = await DIContainer.Instance.GetService <IAuthorization>().AuthForDoctor(req, doctorId); if (!authResult.Result) { return(new StatusCodeResult((int)authResult.StatusCode)); } #endregion try { IDoctorRepository doctorRepository = DIContainer.Instance.GetService <IDoctorRepository>(); bool success = doctorRepository.Delete(doctorId); return(doctorRepository.Delete(doctorId) ? (ActionResult) new OkResult() : new StatusCodeResult(StatusCodes.Status409Conflict)); } catch (Exception e) { return(new BadRequestObjectResult(new MessageHandler().BuildErrorMessage(e))); } }
/// <summary> /// Login method /// </summary> public async Task <ResponseModel> Login(User usr) { this.CurrentUser = usr; UriBuilder ub = new UriBuilder(rootUrl + "/api/account/login"); string json = JsonConvert.SerializeObject(new { Username = usr.Username, Password = usr.Password }); var data = new StringContent(json, Encoding.UTF8, "application/json"); HttpResponseMessage response = await client.PostAsync(ub.Uri, data); string resultString = await response.Content.ReadAsStringAsync(); ResponseModel rM = JsonConvert.DeserializeObject <ResponseModel>(resultString); JObject jOData = (JObject)rM.Data; AuthResultModel aRM = jOData.ToObject <AuthResultModel>(); CurrentUser.CarPlateNumber = aRM.car_plate_number; refreshToken.Clear(); for (int i = 0; i < aRM.refresh_token.Length; i++) { refreshToken.AppendChar(aRM.refresh_token[i]); } expirationTime = aRM.expiration; client.DefaultRequestHeaders.Authorization = new AuthenticationHeaderValue("Bearer", aRM.acces_token); return(rM); }
public RequestResultDTO Map(AuthResultModel result) { return(new RequestResultDTO { IsSuccess = result.IsSuccess, Message = result.Message }); }
public async Task <AuthResultModel> AuthorizeUser(SignInModel model) { var user = await _userManager.Users.Include(u => u.UserRoles).ThenInclude(ur => ur.Role) .FirstOrDefaultAsync(u => u.UserName == model.Username); if (user == null) { throw new UserNotAuthorizedException("Username or password is incorrect"); } if (!await _userManager.CheckPasswordAsync(user, model.Password)) { throw new UserNotAuthorizedException("Username or password is incorrect"); } user.RefreshToken = GenerateRefreshToken(); await _userManager.UpdateAsync(user); var roles = user.UserRoles?.Select(_ => _.Role.Name).ToList(); var userPermissions = user.UserRoles?.SelectMany(_ => _.Role.Permissions.Split(",")).ToList(); var resultModel = new AuthResultModel { Token = await GenerateUserToken(user), Expire = DateTime.UtcNow.AddDays(7), UserId = user.Id, RefreshToken = user.RefreshToken, Roles = roles, Permissions = userPermissions, }; return(resultModel); }
internal AuthResult(AuthResultModel model) { Result = model.Result?.ToLower() == "allow" ? AuthState.Allow : AuthState.Deny; Status = model.Status; StatusMessage = model.Status_Msg; TrustedDeviceToken = model.Trusted_Device_Token; }
public async Task <AuthResultModel> RegisterUser(SignUpModel model) { if (await DbContext.Users.FirstOrDefaultAsync(_ => _.UserName == model.Username) != null) { throw new BadRequestException("User with this name already exist"); } var newUser = new ApplicationUser { UserName = model.Username, RefreshToken = GenerateRefreshToken() }; var identityResult = await _userManager.CreateAsync(newUser, model.Password); if (!identityResult.Succeeded) { throw new ServerErrorException($"User creation error. {string.Join(",", identityResult.Errors)}"); } // var roles = user.UserRoles?.Select(_ => _.Role.Name).ToList(); // var userPermissions = user.UserRoles?.SelectMany(_ => _.Role.Permissions.Split(",")).ToList(); var resultModel = new AuthResultModel { Token = await GenerateUserToken(newUser), Expire = DateTime.UtcNow.AddDays(7), UserId = newUser.Id, RefreshToken = newUser.RefreshToken }; return(resultModel); }
public async Task <AuthResultModel> Authenticate(string token) { var encodedVallue = Base64Utility.Encode(token.ToString()); AuthResultModel result = await base.Post <AuthResultModel>("auth", encodedVallue, null); return(result); }
public async Task <ActionResult> Login(LoginModel loginModel) { if (!ModelState.IsValid) { return(View(loginModel)); } AuthResultModel authResultModel = await _authService.CanLoginAsync(loginModel); if (!authResultModel.Success) { ModelState.AddModelError(authResultModel.Field ?? "Ошибка", authResultModel.ErrorMessage); return(View(loginModel)); } var claim = new ClaimsIdentity("ApplicationCookie", ClaimsIdentity.DefaultNameClaimType, ClaimsIdentity.DefaultRoleClaimType); claim.AddClaim(new Claim(ClaimTypes.NameIdentifier, authResultModel.PlayerId.ToString(), ClaimValueTypes.String)); claim.AddClaim(new Claim(ClaimsIdentity.DefaultNameClaimType, loginModel.Login, ClaimValueTypes.String)); claim.AddClaim(new Claim("http://schemas.microsoft.com/accesscontrolservice/2010/07/claims/identityprovider", "OWIN Provider", ClaimValueTypes.String)); AuthenticationManager.SignOut(); AuthenticationManager.SignIn(new AuthenticationProperties { IsPersistent = true }, claim); return(RedirectToAction("Index", "PlayerProfile")); }
public static async Task <bool> AuthLicense() { HttpResponseMessage response = await client.GetAsync($"helper/authenticate?version={EnvironmentVariables.CURRENT_VERSION}&license={License}"); if (response.IsSuccessStatusCode) { try { AuthResult = await response.Content.ReadAsAsync <AuthResultModel>(); if (AuthResult.user == null) { return(false); } return(true); } catch (Exception) { HandleError(response.Content.ReadAsAsync <Response>().Result); return(false); } } HandleError(DefaultResponse); return(false); }
private AuthResultModel GetFailedLogonResult(string userName, Exception ex) { List <string> errors = GetErrors(ex); var ret = new AuthResultModel(AuthResultModel.AuthAction.Logon) { UserName = userName, Succeeded = false, Reasons = errors.ToArray() }; return(ret); }
private async Task <bool> IsAuthorized(Dictionary <ServiceDictionaryKey, object> dict, HttpRequest req, int id) { AuthResultModel authResult = await _authorizationService.AuthForDoctorOrPatient(req, id); if (!authResult.Result) { dict.Add(ServiceDictionaryKey.ERROR, $"Authorization check wasn't passed."); HttpStatusCode httpStatusCode = (HttpStatusCode)(int)authResult.StatusCode; dict.Add(ServiceDictionaryKey.HTTPSTATUSCODE, httpStatusCode); } return(authResult.Result); }
internal AuthResult(AuthResultModel model) { switch (model.Result.ToLower()) { case "allow": Result = AuthState.Allow; break; default: Result = AuthState.Deny; break; } Status = model.Status; StatusMessage = model.Status_Msg; TrustedDeviceToken = model.Trusted_Device_Token; }
public static async Task <IActionResult> Run( [HttpTrigger(AuthorizationLevel.Anonymous, "get", Route = (Routes.APIVersion + Routes.GetFavoriteFood))] HttpRequest req, ILogger log, int patientId) { // Auth check AuthResultModel authResult = await DIContainer.Instance.GetService <IAuthorization>().AuthForDoctorOrPatient(req, patientId); if (!authResult.Result) { return(new StatusCodeResult((int)authResult.StatusCode)); } Dictionary <ServiceDictionaryKey, object> dictionary = await DIContainer.Instance.GetService <IFoodService>().TryGetFavoriteFood(patientId); return(DIContainer.Instance.GetService <IResponseHandler>().ForgeResponse(dictionary)); }
public async Task <AuthResultModel> RefreshUserToken(RefreshRequestModel refreshRequest) { var tokenValidationParameters = new TokenValidationParameters { ValidateAudience = false, ValidateIssuer = false, ValidateIssuerSigningKey = true, IssuerSigningKey = new SymmetricSecurityKey(Encoding.UTF8.GetBytes(_configuration["App:Auth:Key"])), ValidateLifetime = false }; var tokenHandler = new JwtSecurityTokenHandler(); var principal = tokenHandler.ValidateToken(refreshRequest.Token, tokenValidationParameters, out var securityToken); if (!(securityToken is JwtSecurityToken jwtSecurityToken) || !jwtSecurityToken.Header.Alg.Equals(SecurityAlgorithms.HmacSha256, StringComparison.InvariantCultureIgnoreCase)) { throw new BadRequestException("Invalid token"); } var userId = Guid.Parse(principal.FindFirstValue(ClaimTypes.NameIdentifier)); var user = await _userManager.Users.Include(u => u.UserRoles).ThenInclude(ur => ur.Role) .FirstOrDefaultAsync(u => u.Id == userId); if (user == null) { throw new BadRequestException("Invalid token"); } user.RefreshToken = GenerateRefreshToken(); await _userManager.UpdateAsync(user); var roles = user.UserRoles?.Select(_ => _.Role.Name).ToList(); var userPermissions = user.UserRoles?.SelectMany(_ => _.Role.Permissions.Split(",")).ToList(); var resultModel = new AuthResultModel { Token = await GenerateUserToken(user), Expire = DateTime.UtcNow.AddDays(7), UserId = user.Id, RefreshToken = user.RefreshToken, Roles = roles, Permissions = userPermissions }; return(resultModel); }
public async Task <ActionResult> Register(RegisterModel registerModel) { if (!ModelState.IsValid) { return(View(registerModel)); } AuthResultModel authResultModel = await _authService.RegisterAsync(registerModel); if (!authResultModel.Success) { ModelState.AddModelError(authResultModel.Field, authResultModel.ErrorMessage); return(View(registerModel)); } return(RedirectToAction("Login")); }
public static async Task <IActionResult> Run( [HttpTrigger(AuthorizationLevel.Function, "put", Route = (Routes.APIVersion + Routes.PutMeal))] HttpRequest req, ILogger log, int patientId, int mealId) { // Auth check AuthResultModel authResult = await DIContainer.Instance.GetService <IAuthorization>().CheckAuthorization(req, patientId); if (!authResult.Result) { return(new StatusCodeResult((int)authResult.StatusCode)); } Dictionary <ServiceDictionaryKey, object> dictionary = await DIContainer.Instance.GetService <IMealService>().TryPutMeal(patientId, mealId, req); return(DIContainer.Instance.GetService <IResponseHandler>().ForgeResponse(dictionary)); }
public async Task <AuthenticateResponseModel> AuthenticateAsync([FromBody] AuthenticateRequestModel request) { AuthResultModel authModel = null; switch (request.LoginProvider) { case LoginProvider.Standard: authModel = await _authService.AuthAsync(request.Email, request.Password); break; case LoginProvider.Google: authModel = await _authService.SocialAuthAsync(request.Email, Domain.Enums.LoginProvider.Google); break; } return(_mapper.Map <AuthenticateResponseModel>(authModel)); }
public static async Task <IActionResult> Run( [HttpTrigger(AuthorizationLevel.Anonymous, "get", Route = (Routes.APIVersion + Routes.FoodByPartialname))] HttpRequest req, ILogger log, string foodName, int count) { int patientId = await DIContainer.Instance.GetService <IAuthorization>().GetUserId(req); // Auth check AuthResultModel authResult = await DIContainer.Instance.GetService <IAuthorization>().CheckAuthorization(req, patientId); if (!authResult.Result) { return(new StatusCodeResult((int)authResult.StatusCode)); } Dictionary <ServiceDictionaryKey, object> dictionary = await DIContainer.Instance.GetService <IFoodService>().TryGetFoodBySearch(foodName, count); return(DIContainer.Instance.GetService <IResponseHandler>().ForgeResponse(dictionary)); }
public static async Task <IActionResult> Run( [HttpTrigger(AuthorizationLevel.Function, "delete", Route = (Routes.APIVersion + Routes.UnFavoriteFood))] HttpRequest req, ILogger log) { int patientId = await DIContainer.Instance.GetService <IAuthorization>().GetUserId(req); // Auth check AuthResultModel authResult = await DIContainer.Instance.GetService <IAuthorization>().CheckAuthorization(req, patientId); if (!authResult.Result) { return(new StatusCodeResult((int)authResult.StatusCode)); } Dictionary <ServiceDictionaryKey, object> dictionary = await DIContainer.Instance.GetService <IFoodService>().TryDeleteFavoriteFood(req); return(DIContainer.Instance.GetService <IResponseHandler>().ForgeResponse(dictionary)); }
protected async Task <AuthResultModel> SigInUser(string username, string password) { var model = new SignInModel { Username = username, Password = password }; var response = await PostModel <AuthResultModel, SignInModel>("/api/v1/auth/signin", model); AssertSuccesDataResponse(response); response.Data.Token.Should().NotBeNullOrEmpty(); response.Data.UserId.Should().NotBeEmpty(); UserData = response.Data; return(response.Data); }
public async Task <AuthResultModel> AuthenticateUser(AuthModelWithRefreshToken data) { AuthResultModel result = null; try { var authData = await _authServiceRepository.GetUserByRefreshToken(data.RefreshToken); result = MapperExtensions.Convert <AuthData, AuthResultModel>(authData); logger.Information($"AuthenticateUser [RefreshToken ] by {data.RefreshToken} was successfully"); } catch (Exception e) { logger.Error($"Method: AuthenticateUser with RefreshToken Message: {e.Message}"); throw; } return(result); }
public static async Task <IActionResult> Run( [HttpTrigger(AuthorizationLevel.Anonymous, "get", Route = (Routes.APIVersion + Routes.GetDoctorPatients))] HttpRequest req, ILogger log, int doctorId) { #region AuthCheck AuthResultModel authResult = await DIContainer.Instance.GetService <IAuthorization>().AuthForDoctor(req, doctorId); if (!authResult.Result) { return(new StatusCodeResult((int)authResult.StatusCode)); } #endregion IDoctorRepository doctorRepository = DIContainer.Instance.GetService <IDoctorRepository>(); List <Patient> patients = doctorRepository.GetDoctorPatients(doctorId); return(patients != null ? (ActionResult) new OkObjectResult(patients) : new NoContentResult()); }
public async Task <AuthResultModel> AuthenticateUser(AuthModelWithCredentials data) { AuthResultModel result = null; try { var authData = await _authServiceRepository.GetUserByСredentials(data.Login, data.Password); result = MapperExtensions.Convert <AuthData, AuthResultModel>(authData); logger.Information($"AuthenticateUser [WithCredentials] by {data.Login} was successfully"); } catch (Exception e) { logger.Error($"Method: AuthenticateUser With Credentials Message: {e.Message}"); throw; } return(result); }
public static async Task <IActionResult> Run( [HttpTrigger(AuthorizationLevel.Anonymous, "get", Route = (Routes.APIVersion + Routes.Doctor))] HttpRequest req, ILogger log) { #region AuthCheck AuthResultModel authResult = await DIContainer.Instance.GetService <IAuthorization>().CheckAuthorization(req); if (!authResult.Result) { return(new StatusCodeResult((int)authResult.StatusCode)); } #endregion IDoctorRepository doctorRepository = DIContainer.Instance.GetService <IDoctorRepository>(); List <AppNiZiAPI.Models.DoctorModel> doctors = doctorRepository.GetDoctors(); return(doctors.Count != 0 ? (ActionResult) new OkObjectResult(doctors) : new NoContentResult()); }
/// <summary> /// </summary> /// <param name="userInfo"></param> /// <param name="_config"></param> /// <returns></returns> public static string GenerateAccessToken(AuthResultModel userInfo, IConfiguration _config) { var securityKey = new SymmetricSecurityKey(Encoding.UTF8.GetBytes(_config["Jwt:Key"])); var credentials = new SigningCredentials(securityKey, SecurityAlgorithms.HmacSha256); var claims = new[] { new Claim(JwtRegisteredClaimNames.Sub, userInfo.Login), new Claim(JwtRegisteredClaimNames.Jti, Guid.NewGuid().ToString()), new Claim(ClaimTypes.Role, userInfo.ServiceAccessLevel.ToString()) }; var token = new JwtSecurityToken( _config["Jwt:Issuer"], _config["Jwt:Issuer"], claims, expires: DateTime.Now.AddDays(1), signingCredentials: credentials); return(new JwtSecurityTokenHandler().WriteToken(token)); }
public ActionResult <AuthResultModel> Post([FromBody] AuthRequestModel model) { // NEVER DO THIS, JUST SHOWING THE EXAMPLE if (model.Username == "*****@*****.**" && model.Password == "P@ssw0rd!") { var result = new AuthResultModel() { Success = true }; // Never do this either, hardcoded strings var token = TokenSecurity.GenerateJwt(model.Username); result.Token = new JwtSecurityTokenHandler().WriteToken(token); result.Expiration = token.ValidTo; return(Created("", result)); } return(BadRequest("Unknown failure")); }