public async Task <IActionResult> LoginFacebookUser([FromBody] UserViewModel model)
{
if (!ModelState.IsValid)
{
return(BadRequest(ModelState));
}
var user = await userManager.FindByNameAsync(model.Username);
if (user == null)
{
var newUser = new AppUser
{
Email = model.Username,
UserName = model.Username,
Name = model.Name,
Surname = model.Surname,
FacebookId = model.FacebookId,
};
var result = await userManager.CreateAsync(newUser, Guid.NewGuid().ToString());
if (!result.Succeeded)
{
foreach (var item in result.Errors)
{
ModelState.AddModelError(item.Code, item.Description);
}
return(BadRequest(ModelState));
}
await userManager.AddToRoleAsync(newUser, "User");
return(Ok("Account created"));
}
else
{
var appAccessTokenResponse = await Client.GetStringAsync($"https://graph.facebook.com/oauth/access_token?client_id=241649093381428&client_secret=feec026a9ac9d57e65c407c10752b262&grant_type=client_credentials");
var appAccessToken = JsonConvert.DeserializeObject <FacebookAppAccessToken>(appAccessTokenResponse);
var userAccessTokenValidationResponse = await Client.GetStringAsync($"https://graph.facebook.com/debug_token?input_token={model.FacebookAuthToken}&access_token={appAccessToken.AccessToken}");
var userAccessTokenValidation = JsonConvert.DeserializeObject <FacebookUserAccessTokenValidation>(userAccessTokenValidationResponse);
if (!userAccessTokenValidation.Data.IsValid)
{
ModelState.AddModelError("login_failure", "Invalid facebook token.");
return(BadRequest(ModelState));
}
var refreshToken = jwtFactory.GenerateRefreshToken();
await AddRefreshToken(refreshToken, user.Id);
var accessToken = await jwtFactory.GenerateAccessToken(user);
return(Ok(new { username = user.UserName, accessToken, refreshToken }));
}
}
public async Task <IActionResult> Login([FromBody] CredentialsViewModel credentials)
{
if (!ModelState.IsValid)
{
return(BadRequest(ModelState));
}
var user = await userManager.FindByNameAsync(credentials.Username);
if (user == null || !await userManager.CheckPasswordAsync(user, credentials.Password))
{
ModelState.AddModelError("login_failure", "Invalid username or password.");
return(BadRequest(ModelState));
}
var refreshToken = jwtFactory.GenerateRefreshToken();
await AddRefreshToken(refreshToken, user.Id);
var accessToken = await jwtFactory.GenerateAccessToken(user);
return(Ok(new { username = user.UserName, accessToken, refreshToken }));
}
private async Task <LoginResponse> GenerateResponse(User user, string userAgent, Guid?oldRefreshTokenId = null)
{
var roles = await UserManager.GetRolesAsync(user);
var identity = jwtFactory.GenerateClaimsIdentity(user.UserName, user.Id.ToString(), roles.Select(r => Enum.Parse(typeof(RoleNames), r)).Cast <RoleNames>());
var loginInfo = new LoginResponse
{
User = mapper.Map <UserView>(user),
AccessToken = jwtFactory.GenerateAccessToken(user.UserName, identity),
RefreshToken = await jwtFactory.GenerateRefreshToken(user.Id, userAgent, oldRefreshTokenId),
Roles = roles.ToList()
};
return(loginInfo);
}
public async Task <ActionResult <LoginView> > Login([FromBody] LoginRequest loginRequest)
{
try
{
var user = await userManager.FindByEmailAsync(loginRequest.Email)
?? throw new ArgumentNullException();
if (!await userManager.CheckPasswordAsync(user, loginRequest.Password))
{
return(Forbid(JwtBearerDefaults.AuthenticationScheme));
}
return(Ok(new LoginView
{
AccessToken = jwtFactory.GenerateAccessToken(user.Id)
}));
}
catch (ArgumentNullException)
{
return(NotFound("Can't find user"));
}
}
private LoginResponse GetLoginResponse(User user)
=> new LoginResponse
{
User = mapper.Map <UserView>(user),
AccessToken = jwtFactory.GenerateAccessToken(user.Id)
};
private async Task <LoginResponse> GetLoginResponse(User user)
=> new LoginResponse
{
User = mapper.Map <UserView>(user),
AccessToken = jwtFactory.GenerateAccessToken(user.Id, (await userManager.GetRolesAsync(user)).ToList())
};
