public static async Task ResetForAsync(string sessionToken, string email) { Authorization.CheckAuthorization(sessionToken, MethodBase.GetCurrentMethod()); var login = await QueryAliveSessionAsync(sessionToken).ConfigureAwait(false) ?? throw new LogicException(ErrorType.InvalidToken); using var identityCtrl = new Controllers.Persistence.Account.IdentityController(Factory.CreateContext()) { SessionToken = sessionToken }; var identity = identityCtrl.ExecuteQuery(e => e.State == Contracts.Modules.Common.State.Active && e.Email.ToLower() == email.ToLower()) .FirstOrDefault(); if (identity == null) { throw new LogicException(ErrorType.InvalidAccount); } identity.AccessFailedCount = 0; await identityCtrl.UpdateAsync(identity).ConfigureAwait(false); await identityCtrl.SaveChangesAsync().ConfigureAwait(false); }
internal static async Task <LoginSession> QueryLoginByEmailAsync(string email, string password) { email.CheckArgument(nameof(email)); password.CheckArgument(nameof(password)); var result = default(LoginSession); var querySession = await QueryAliveSessionAsync(email, password).ConfigureAwait(false); if (querySession == null) { using var identityCtrl = new Controllers.Persistence.Account.IdentityController(Factory.CreateContext()) { SessionToken = Authorization.SystemAuthorizationToken, }; var identity = identityCtrl.ExecuteQuery(e => e.State == Contracts.Modules.Common.State.Active && e.AccessFailedCount < 4 && e.Email.ToLower() == email.ToLower()).FirstOrDefault(); if (identity != null && VerifyPasswordHash(password, identity.PasswordHash, identity.PasswordSalt)) { using var sessionCtrl = new Controllers.Persistence.Account.LoginSessionController(identityCtrl); var session = new LoginSession(); session.Identity = identity; session.Roles.AddRange(await QueryIdentityRolesAsync(sessionCtrl, identity.Id).ConfigureAwait(false)); session.JsonWebToken = JsonWebToken.GenerateToken(new Claim[] { new Claim(ClaimTypes.Email, identity.Email), new Claim(ClaimTypes.System, nameof(QuickNSmart)), }.Union(session.Roles.Select(e => new Claim(ClaimTypes.Role, e.Designation)))); var entity = await sessionCtrl.ExecuteInsertAsync(session).ConfigureAwait(false); if (identity.AccessFailedCount > 0) { identity.AccessFailedCount = 0; await identityCtrl.ExecuteUpdateAsync(identity).ConfigureAwait(false); } await sessionCtrl.SaveChangesAsync().ConfigureAwait(false); result = new LoginSession(); result.CopyProperties(session); LoginSessions.Add(session); } } else if (VerifyPasswordHash(password, querySession.PasswordHash, querySession.PasswordSalt)) { result = new LoginSession(); result.CopyProperties(querySession); } return(result); }
public async static Task <ILoginSession> LogonAsync(string jsonWebToken) { jsonWebToken.CheckArgument(nameof(jsonWebToken)); var result = default(LoginSession); if (JsonWebToken.CheckToken(jsonWebToken, out SecurityToken validatedToken)) { if (validatedToken.ValidTo < DateTime.UtcNow) { throw new LogicException(ErrorType.AuthorizationTimeOut); } var jwtValidatedToken = validatedToken as JwtSecurityToken; if (jwtValidatedToken != null) { var email = jwtValidatedToken.Claims.FirstOrDefault(e => e.Type == ClaimTypes.Email); if (email != null && email.Value != null) { using var identityCtrl = new Controllers.Persistence.Account.IdentityController(Factory.CreateContext()) { SessionToken = Authorization.SystemAuthorizationToken }; var identity = identityCtrl.ExecuteQuery(e => e.State == Contracts.Modules.Common.State.Active && e.EnableJwtAuth == true && e.Email.ToLower() == email.Value.ToString().ToLower()) .ToList() .FirstOrDefault(); if (identity != null) { var login = await QueryLoginAsync(identity.Email, identity.PasswordHash).ConfigureAwait(false); if (login != null) { result = new LoginSession(); result.CopyProperties(login); result.IsRemoteAuth = true; } } } } } else { throw new LogicException(ErrorType.InvalidJsonWebToken); } return(result ?? throw new LogicException(ErrorType.InvalidAccount)); }
internal static async Task <LoginSession> QueryLoginAsync(string email, byte[] calculatedHash) { email.CheckArgument(nameof(email)); calculatedHash.CheckArgument(nameof(calculatedHash)); var result = await QueryAliveSessionAsync(email, calculatedHash).ConfigureAwait(false); if (result == null) { using var identityCtrl = new Controllers.Persistence.Account.IdentityController(Factory.CreateContext()) { SessionToken = Authorization.SystemAuthorizationToken, }; var identity = identityCtrl.ExecuteQuery(e => e.State == Contracts.Modules.Common.State.Active && e.AccessFailedCount < 4 && e.Email.ToLower() == email.ToLower() && e.PasswordHash == calculatedHash).FirstOrDefault(); if (identity != null) { using var sessionCtrl = new Controllers.Persistence.Account.LoginSessionController(identityCtrl); var session = new LoginSession(); session.IdentityId = identity.Id; session.Name = identity.Name; session.Email = identity.Email; session.Roles.AddRange(await QueryIdentityRolesAsync(sessionCtrl, identity.Id).ConfigureAwait(false)); var entity = await sessionCtrl.ExecuteInsertAsync(session).ConfigureAwait(false); if (identity.AccessFailedCount > 0) { identity.AccessFailedCount = 0; await identityCtrl.ExecuteUpdateAsync(identity).ConfigureAwait(false); } await sessionCtrl.SaveChangesAsync().ConfigureAwait(false); result = new LoginSession(); result.CopyProperties(session); result.Name = identity.Name; result.Email = identity.Email; result.Roles.AddRange(session.Roles); result.JsonWebToken = JsonWebToken.GenerateToken(new Claim[] { new Claim(ClaimTypes.Email, identity.Email), new Claim(ClaimTypes.System, nameof(QnSHolidayCalendar)), }.Union(result.Roles.Select(e => new Claim(ClaimTypes.Role, e.Designation)))); LoginSessions.Add(result); } } return(result); }
internal static async Task <LoginSession> QueryAliveSessionAsync(string email, byte[] calculatedHash) { email.CheckArgument(nameof(email)); calculatedHash.CheckArgument(nameof(calculatedHash)); LoginSession result = LoginSessions.FirstOrDefault(e => e.IsActive && e.Email.Equals(email, StringComparison.CurrentCultureIgnoreCase) && e.PasswordHash == calculatedHash); if (result == null) { using var identityCtrl = new Controllers.Persistence.Account.IdentityController(Factory.CreateContext()) { SessionToken = Authorization.SystemAuthorizationToken, }; var identity = identityCtrl.ExecuteQuery(e => e.State == Contracts.Modules.Common.State.Active && e.AccessFailedCount < 4 && e.Email.ToLower() == email.ToLower() && e.PasswordHash == calculatedHash).FirstOrDefault(); if (identity != null) { using var sessionCtrl = new Controllers.Persistence.Account.LoginSessionController(identityCtrl); var session = sessionCtrl.ExecuteQuery(e => e.LogoutTime == null && e.IdentityId == identity.Id) .ToList() .FirstOrDefault(e => e.IsActive); if (session != null) { result = new LoginSession(); result.CopyProperties(session); result.Identity = new Identity(); result.Identity.CopyProperties(identity); result.Name = identity.Name; result.Email = identity.Email; result.Roles.AddRange(await QueryIdentityRolesAsync(sessionCtrl, identity.Id).ConfigureAwait(false)); result.JsonWebToken = JsonWebToken.GenerateToken(new Claim[] { new Claim(ClaimTypes.Email, identity.Email), }.Union(result.Roles.Select(e => new Claim(ClaimTypes.Role, e.Designation)))); LoginSessions.Add(result); } } } return(result); }
internal static async Task <LoginSession> QueryAliveSessionAsync(string sessionToken) { LoginSession result = LoginSessions.FirstOrDefault(ls => ls.IsActive && ls.SessionToken.Equals(sessionToken)); if (result == null) { using var sessionCtrl = new Controllers.Persistence.Account.LoginSessionController(Factory.CreateContext()) { SessionToken = Authorization.SystemAuthorizationToken }; var session = sessionCtrl.ExecuteQuery(e => e.SessionToken.Equals(sessionToken)) .ToList() .FirstOrDefault(e => e.IsActive); if (session != null) { using var identityCtrl = new Controllers.Persistence.Account.IdentityController(sessionCtrl); var identity = identityCtrl.ExecuteQuery(e => e.Id == session.IdentityId).FirstOrDefault(); if (identity != null) { session.Name = identity.Name; session.Email = identity.Email; session.Roles.AddRange(await QueryIdentityRolesAsync(sessionCtrl, identity.Id).ConfigureAwait(false)); session.JsonWebToken = JsonWebToken.GenerateToken(new Claim[] { new Claim(ClaimTypes.Email, identity.Email), new Claim(ClaimTypes.System, nameof(QuickNSmart)), }.Union(session.Roles.Select(e => new Claim(ClaimTypes.Role, e.Designation)))); result = new LoginSession(); result.CopyProperties(session); LoginSessions.Add(session); } } } return(result); }