public TokenModel LogIn([FromBody] Users user)
{
using (IUMdbEntities entities = new IUMdbEntities())
{
#region Validation
#region checkIfUserIsNull
if (user == null)
{
return(null);
}
#endregion
#region checkIfUserExist
bool checkIfUserExist = entities.Users
.Any(e => e.Username == user.Username);
if (!checkIfUserExist)
{
return(null);
}
#endregion
string dbUserHashedPassword = entities.Users
.Where(e => e.Username == user.Username)
.Select(e => e.Password)
.First();
CryptoService cryptoService = new CryptoService();
#region checkIfUserPasswordMatches
bool checkIfUserPasswordMatches = cryptoService.CompareStringToHash(user.Password, dbUserHashedPassword);
if (!checkIfUserPasswordMatches)
{
return(null);
}
#endregion
#endregion
Users dbUser = entities.Users
.First(e => e.Username == user.Username);
List <string> userRoles = entities.Workplaces
.Where(e => e.UserId == dbUser.Id)
.Select(e => e.UserRoles.RoleName)
.ToList();
JWTContainerModel newRefreshTokenJWTContainerModel = JWTContainerModel.GetUserJWTContainerModel(
user.Username, user.Password, userRoles, MyTokenTypes.RefreshToken);
JWTService serviceJWT = new JWTService(DefaultSecretKey.key);
string newRefreshToken = serviceJWT.GenerateToken(newRefreshTokenJWTContainerModel);
Users newUser = new Users()
{
Id = dbUser.Id,
Username = dbUser.Username,
Password = dbUser.Password,
RefreshToken = newRefreshToken,
GoogleId = dbUser.GoogleId
};
entities.Users.AddOrUpdate(newUser);
entities.SaveChanges();
return(new TokenModel(newRefreshToken));
}
}
public TokenModel StartSession([FromBody] TokenModel refreshToken)
{
using (IUMdbEntities entities = new IUMdbEntities())
{
#region Validation
#region CheckIfRefreshTokenIsNull
if (refreshToken == null)
{
return(null);
}
#endregion
JWTService serviceJWT = new JWTService(DefaultSecretKey.key);
#region checkIfTokenIsValid
if (!serviceJWT.IsTokenValid(refreshToken.Token))
{
return(null);
}
#endregion
string username, password, tokenType;
List <string> userRoles;
List <Claim> tokenClaims = serviceJWT.GetTokenClaims(refreshToken.Token).ToList();
username = tokenClaims.FirstOrDefault(e => e.Type.Equals(MyClaimsTypes.Username)).Value;
password = tokenClaims.FirstOrDefault(e => e.Type.Equals(MyClaimsTypes.Password)).Value;
userRoles = tokenClaims.FirstOrDefault(e => e.Type.Equals(MyClaimsTypes.Roles)).Value.Split(',').ToList();
tokenType = tokenClaims.FirstOrDefault(e => e.Type.Equals(MyClaimsTypes.TokenType)).Value;
#region checkTokenType
if (!tokenType.Equals(MyTokenTypes.RefreshToken))
{
return(null);
}
#endregion
#region checkIfRefreshTokenMatches
bool checkIfRefreshTokenMatches = entities.Users
.Any(e => e.Username == username && e.RefreshToken == refreshToken.Token);
if (!checkIfRefreshTokenMatches)
{
return(null);
}
#endregion
string dbUserHashedPassword = entities.Users
.Where(e => e.Username == username)
.Select(e => e.Password)
.First();
CryptoService cryptoService = new CryptoService();
#region checkIfUserPasswordMatches
bool checkIfUserPasswordMatches = cryptoService.CompareStringToHash(password, dbUserHashedPassword);
if (!checkIfUserPasswordMatches)
{
return(null);
}
#endregion
#endregion
Users dbUser = entities.Users
.Where(e => e.Username == username)
.First();
JWTContainerModel newBearerTokenJWTContainerModel = JWTContainerModel.GetUserJWTContainerModel(
username, password, userRoles, MyTokenTypes.BearerToken);
string newBearerToken = serviceJWT.GenerateToken(newBearerTokenJWTContainerModel, true);
Users newUser = new Users()
{
Id = dbUser.Id,
Username = dbUser.Username,
Password = dbUser.Password,
RefreshToken = dbUser.RefreshToken,
BearerToken = newBearerToken,
GoogleId = dbUser.GoogleId
};
entities.Users.AddOrUpdate(newUser);
entities.SaveChanges();
return(new TokenModel(newBearerToken));
}
}