public async Task <AuthResponse> Handle(OTPLoginCommand request, CancellationToken cancellationToken) { var response = new AuthResponse { Status = new APIResponseStatus { IsSuccessful = true, Message = new APIResponseMessage() } }; try { var lockoutSetting = new List <ScrewIdentifierGrid>(); var cachedSetting = await _cacheService.GetCacheResponseAsync(CacheKeys.AuthSettings); if (!string.IsNullOrEmpty(cachedSetting)) { lockoutSetting = JsonConvert.DeserializeObject <List <ScrewIdentifierGrid> >(cachedSetting); } else { lockoutSetting = await _dataContext.ScrewIdentifierGrid.ToListAsync(); } await _cacheService.CatcheResponseAsync(CacheKeys.AuthSettings, lockoutSetting, TimeSpan.FromSeconds(3600)); var user = await _userManager.FindByEmailAsync(request.Email); await _measure.RemoveOtpAsync(request.OTP); var result = await _service.LoginAsync(user); var measure = Measures.CollectAsMuchAsPossible(user, result, request); await _measure.GetMeasuresAsync(measure); var session = _dataContext.SessionChecker.Find(user.Id); if (session != null) { session.LastRefreshed = DateTime.UtcNow.Add(lockoutSetting.FirstOrDefault(v => v.Module == (int)Modules.CENTRAL).InActiveSessionTimeout); session.Userid = user.Id; session.Module = (int)Modules.CENTRAL; _dataContext.Entry(session).CurrentValues.SetValues(session); await _dataContext.SaveChangesAsync(); } response.Token = result.Token; response.RefreshToken = result.RefreshToken; return(response); } catch (Exception ex) { response.Status.Message.FriendlyMessage = ex?.Message ?? ex?.InnerException?.Message; response.Status.Message.TechnicalMessage = ex.ToString(); return(response); } }
public async Task <AuthResponse> Handle(LoginCommand request, CancellationToken cancellationToken) { var response = new AuthResponse { Status = new APIResponseStatus { IsSuccessful = true, Message = new APIResponseMessage() } }; try { if (!await _measure.ReturnStatusAsync(request.UserName)) { response.Status.IsSuccessful = false; return(response); } var lockoutSetting = new List <ScrewIdentifierGrid>(); var cachedSetting = await _cacheService.GetCacheResponseAsync(CacheKeys.AuthSettings); if (!string.IsNullOrEmpty(cachedSetting)) { lockoutSetting = JsonConvert.DeserializeObject <List <ScrewIdentifierGrid> >(cachedSetting); } else { lockoutSetting = await _securityContext.ScrewIdentifierGrid.ToListAsync(); } await _cacheService.CatcheResponseAsync(CacheKeys.AuthSettings, lockoutSetting, TimeSpan.FromSeconds(86400)); if (!await IsPasswordCharactersValid(request.Password)) { response.Status.IsSuccessful = false; response.Status.Message.FriendlyMessage = "Invalid Password"; return(response); } if (!await UserExist(request)) { response.Status.IsSuccessful = false; response.Status.Message.FriendlyMessage = "User does not exist"; return(response); } if (!await IsValidPassword(request)) { response.Status.IsSuccessful = false; response.Status.Message.FriendlyMessage = "User/Password Combination is wrong"; return(response); } var user = await _userManager.FindByNameAsync(request.UserName); var otp = await OTPOptionsAsync(user.Id); if (otp.Status.IsSuccessful) { otp.Status.Message.MessageId = user.Email; return(otp); } var result = await _service.LoginAsync(user); var measure = Measures.CollectAsMuchAsPossible(user, result, _detectionService); var res = await _measure.GetMeasuresAsync(measure); await ReplaceDeviceAsync(user.Id, measure.Token); var session = _securityContext.SessionChecker.Find(user.Id); if (session != null) { session.LastRefreshed = DateTime.UtcNow.Add(lockoutSetting.FirstOrDefault(v => v.Module == (int)Modules.CENTRAL).InActiveSessionTimeout); session.Userid = user.Id; session.Module = (int)Modules.CENTRAL; _securityContext.Entry(session).CurrentValues.SetValues(session); await _securityContext.SaveChangesAsync(); } response.Token = result.Token; response.RefreshToken = result.RefreshToken; return(response); } catch (Exception ex) { response.Status.Message.FriendlyMessage = ex?.Message ?? ex?.InnerException?.Message; response.Status.Message.TechnicalMessage = ex.ToString(); return(response); } }