public async Task <ActionResult> RefreshAsync(RefreshRequest refreshRequest, ModelStateDictionary modelState)
{
if (!modelState.IsValid)
{
return(BadRequestModelState(modelState));
}
bool isValidRefreshToken = _refreshTokenValidator.Validate(refreshRequest.RefreshToken);
if (!isValidRefreshToken)
{
return(new BadRequestObjectResult(new ErrorResponse("Invalid refresh token.")));
}
RefreshToken refreshTokenDTO = await _refreshTokenRepository.GetByTokenAsync(refreshRequest.RefreshToken);
if (refreshTokenDTO == null)
{
return(new NotFoundObjectResult(new ErrorResponse("Invalid refresh token.")));
}
await _refreshTokenRepository.DeleteAsync(refreshTokenDTO.Id);
Account account = await _accountService.GetAsync(refreshTokenDTO.AccountId);
if (account == null)
{
return(new NotFoundObjectResult(new ErrorResponse("Account not found.")));
}
AuthenticatedAccountResponse response = await _authenticator.AuthenticateAsync(account);
return(new OkObjectResult(response));
}
public async System.Threading.Tasks.Task Login(string username, string password)
{
Tokens = await _authenticationClient.LoginAsync(username, password);
_tokenProvider.WriteTokensToFile(Tokens);
CurrentAccount = await _accountClient.GetAccountAsync(Tokens.AccessToken);
}
public void WriteTokensToFile(AuthenticatedAccountResponse tokens)
{
using (StreamWriter file = File.CreateText(Path)) {
JsonSerializer serializer = new JsonSerializer();
//serialize object directly into file stream
serializer.Serialize(file, tokens);
}
}
public async System.Threading.Tasks.Task LogoutAsync()
{
bool result = await _authenticationClient.LogoutAsync(Tokens.AccessToken);
if (!result)
{
Tokens = await _authenticationClient.RefreshAsync(Tokens.RefreshToken);
result = await _authenticationClient.LogoutAsync(Tokens.AccessToken);
}
_tokenProvider.DeleteFile();
CurrentAccount = null;
}
public async Task <RegistrationResponse> RegisterAsync(string email, string username, string password, string confirmPassword)
{
RegisterRequest registerRequest = new RegisterRequest()
{
Email = email,
Username = username,
Password = password,
ConfirmPassword = confirmPassword
};
string json = JsonConvert.SerializeObject(registerRequest);
var data = new StringContent(json, Encoding.UTF8, "application/json");
HttpResponseMessage response = await _client.PostAsync("register", data);
RegistrationResponse registrationResponse = new RegistrationResponse();
string jsonResponse = await response.Content.ReadAsStringAsync();
if (response.StatusCode == System.Net.HttpStatusCode.BadRequest)
{
registrationResponse.registrationResult = RegistrationResult.InvalidEmail;
registrationResponse.authenticatedAccountResponse = null;
return(registrationResponse);
}
if (response.StatusCode == System.Net.HttpStatusCode.Conflict)
{
ErrorResponse errorResponse = JsonConvert.DeserializeObject <ErrorResponse>(jsonResponse);
string errorMessage = errorResponse.ErrorMessages.First();
if (errorMessage == "Account with this email already exists.")
{
registrationResponse.registrationResult = RegistrationResult.EmailAlreadyExists;
}
if (errorMessage == "Account with this username already exists.")
{
registrationResponse.registrationResult = RegistrationResult.UsernameAlreadyExists;
}
registrationResponse.authenticatedAccountResponse = null;
return(registrationResponse);
}
AuthenticatedAccountResponse authenticatedAccountResponse = JsonConvert.DeserializeObject <AuthenticatedAccountResponse>(jsonResponse);
registrationResponse.authenticatedAccountResponse = authenticatedAccountResponse;
registrationResponse.registrationResult = RegistrationResult.Success;
return(registrationResponse);
}
public async Task <ActionResult> RegisterAsync(RegistrationRequest registrationRequest, ModelStateDictionary modelState)
{
if (!modelState.IsValid)
{
return(BadRequestModelState(modelState));
}
if (registrationRequest.Password != registrationRequest.ConfirmPassword)
{
return(new BadRequestObjectResult(new ErrorResponse("Passwords don't match.")));
}
Account existingAccountByEmail = await _accountService.GetByEmailAsync(registrationRequest.Email);
if (existingAccountByEmail != null)
{
return(new ConflictObjectResult(new ErrorResponse("Account with this email already exists.")));
}
Account existingAccountByUsername = await _accountService.GetByUsernameAsync(registrationRequest.Username);
if (existingAccountByUsername != null)
{
return(new ConflictObjectResult(new ErrorResponse("Account with this username already exists.")));
}
string passwordHash = _passwordHasher.HashPassword(registrationRequest.Password);
Account registrationAccount = new Account()
{
Email = registrationRequest.Email,
Username = registrationRequest.Username,
PasswordHash = passwordHash,
DatesJoined = DateTime.Today
};
Account account = await _accountService.CreateAsync(registrationAccount);
AuthenticatedAccountResponse response = await _authenticator.AuthenticateAsync(account);
return(new OkObjectResult(response));
}
public async Task <bool> RefreshAccessToken()
{
Tokens = await _authenticationClient.RefreshAsync(Tokens.RefreshToken);
if (Tokens == null)
{
return(false);
}
else
{
CurrentAccount = await _accountClient.GetAccountAsync(Tokens.AccessToken);
if (CurrentAccount == null)
{
return(false);
}
else
{
_tokenProvider.WriteTokensToFile(Tokens);
return(true);
}
}
}
public async Task <bool> TryToAuthenticateAsync()
{
Tokens = _tokenProvider.GetTokensFromFile();
if (Tokens == null)
{
return(false);
}
else
{
try {
CurrentAccount = await _accountClient.GetAccountAsync(Tokens.AccessToken);
if (CurrentAccount == null)
{
return(false);
}
}
catch (UnauthorizedException) {
return(await RefreshAccessToken());
}
return(true);
}
}
public async Task <ActionResult> LoginAsync(LoginRequest loginRequest, ModelStateDictionary modelState)
{
if (!modelState.IsValid)
{
return(BadRequestModelState(modelState));
}
Account account = await _accountService.GetByUsernameAsync(loginRequest.Username);
if (account == null)
{
return(new UnauthorizedObjectResult("User with this username wasn't found."));
}
PasswordVerificationResult passwordResult = _passwordHasher.VerifyHashedPassword(account.PasswordHash, loginRequest.Password);
if (passwordResult != PasswordVerificationResult.Success)
{
return(new UnauthorizedObjectResult("Password is invalid."));
}
AuthenticatedAccountResponse response = await _authenticator.AuthenticateAsync(account);
return(new OkObjectResult(response));
}
