/// <inheritdoc /> public async Task <Result <TokenResponse> > Handle(LoginCommand request, CancellationToken cancellationToken) { Result <Email> emailResult = Email.Create(request.Email); if (emailResult.IsFailure) { return(Result.Failure <TokenResponse>(DomainErrors.Authentication.InvalidEmailOrPassword)); } Maybe <User> maybeUser = await _userRepository.GetByEmailAsync(emailResult.Value); if (maybeUser.HasNoValue) { return(Result.Failure <TokenResponse>(DomainErrors.Authentication.InvalidEmailOrPassword)); } User user = maybeUser.Value; bool passwordValid = user.VerifyPasswordHash(request.Password, _passwordHashChecker); if (!passwordValid) { return(Result.Failure <TokenResponse>(DomainErrors.Authentication.InvalidEmailOrPassword)); } string token = _jwtProvider.Create(user); return(Result.Success(new TokenResponse(token))); }
public async Task <AuthDto> HandleAsync(UseRefreshToken request) { var token = await _refreshTokenRepository.GetAsync(request.RefreshToken); if (token is null) { throw new InvalidRefreshTokenException(); } if (token.Revoked) { throw new RevokedRefreshTokenException(); } var user = await _userRepository.GetAsync(token.UserId); if (user is null) { throw new UserNotFoundException(token.UserId); } var auth = _jwtProvider.Create(token.UserId, user.Role); auth.RefreshToken = request.RefreshToken; return(auth); }
public async Task HandleAsync(UseRefreshToken command) { var token = await _refreshTokenRepository.GetAsync(command.RefreshToken); if (token is null) { throw new InvalidRefreshTokenException(); } if (token.Revoked) { throw new RevokedRefreshTokenException(); } var user = await _userRepository.GetAsync(token.UserId); if (user is null) { throw new UserNotFoundException(token.UserId); } var claims = user.Permissions.Any() ? new Dictionary <string, IEnumerable <string> > { ["permissions"] = user.Permissions } : null; var auth = _jwtProvider.Create(token.UserId, user.Name, user.Role, claims: claims); auth.RefreshToken = command.RefreshToken; _storage.Set(command.Id, auth); }
public async Task <AuthDto> UseAsync(string refreshToken) { var token = await _refreshTokenRepository.GetAsync(refreshToken); if (token is null) { throw new InvalidRefreshTokenException(); } if (token.Revoked) { throw new RevokedRefreshTokenException(); } var user = await _userRepository.GetAsync(token.UserId); if (user is null) { throw new UserNotFoundException(token.UserId); } var claims = user.Permissions.Any() ? new Dictionary <string, IEnumerable <string> > { ["permissions"] = user.Permissions } : null; var auth = _jwtProvider.Create(token.UserId, user.Role, claims: claims); auth.RefreshToken = refreshToken; return(auth); }
public async Task <AuthDto> SignInAsync(SignIn command) { if (!EmailRegex.IsMatch(command.Email)) { throw new InvalidEmailException(command.Email); } var user = await _userRepository.GetAsync(command.Email); if (user is null || !_passwordService.IsValid(user.Password, command.Password)) { throw new InvalidCredentialException(command.Email); } var claims = user.Permissions.Any() ? new Dictionary <string, IEnumerable <string> > { ["permissions"] = user.Permissions } : null; var auth = _jwtProvider.Create(user.Id, user.Role, claims: claims); auth.RefreshToken = await _refreshTokenService.CreateAsync(user.Id); return(auth); }
public async Task HandleAsync(SignIn command) { var user = await _userRepository.GetByNameAsync(command.Name); if (user is null || !_passwordService.IsValid(user.Password, command.Password)) { _logger.LogError($"User with name: {command.Name} was not found."); throw new InvalidCredentialsException(command.Name); } if (user.Locked) { throw new UserLockedException(user.Id); } var claims = user.Permissions.Any() ? new Dictionary <string, IEnumerable <string> > { ["permissions"] = user.Permissions } : null; var auth = _jwtProvider.Create(user.Id, user.Name, user.Role, claims: claims); auth.RefreshToken = await CreateRefreshTokenAsync(user.Id); _storage.Set(command.Id, auth); _logger.LogInformation($"User with ID: {user.Id} has been authenticated."); await _messageBroker.PublishAsync(new SignedIn(user.Id)); }
public async Task <AuthDto> UseAsync(string refreshToken) { var token = await _refreshTokenRepository.Get(refreshToken); if (token is null) { throw new InvalidRefreshTokenException(); } if (DateTime.Compare(DateTime.Now, token.RevokedAt.Value) > 0) { throw new RevokedRefreshTokenException(); } var user = await _userRepository.FindAsync(token.UserId); if (user is null) { throw new UserNotFoundException(token.UserId); } var auth = _jwtProvider.Create(token.UserId, user.Email, user.Role); await _refreshTokenRepository.Update(new(token.Id, token.Token, DateTime.UtcNow, token.UserId, DateTime.UtcNow.AddDays(7))); auth.RefreshToken = refreshToken; return(auth); }
/// <inheritdoc /> public async Task <Result <TokenResponse> > Handle(CreateUserCommand request, CancellationToken cancellationToken) { Result <FirstName> firstNameResult = FirstName.Create(request.FirstName); Result <LastName> lastNameResult = LastName.Create(request.LastName); Result <Email> emailResult = Email.Create(request.Email); Result <Password> passwordResult = Password.Create(request.Password); Result firstFailureOrSuccess = Result.FirstFailureOrSuccess(firstNameResult, lastNameResult, emailResult, passwordResult); if (firstFailureOrSuccess.IsFailure) { return(Result.Failure <TokenResponse>(firstFailureOrSuccess.Error)); } if (!await _userRepository.IsEmailUniqueAsync(emailResult.Value)) { return(Result.Failure <TokenResponse>(DomainErrors.User.DuplicateEmail)); } string passwordHash = _passwordHasher.HashPassword(passwordResult.Value); var user = User.Create(firstNameResult.Value, lastNameResult.Value, emailResult.Value, passwordHash); _userRepository.Insert(user); await _unitOfWork.SaveChangesAsync(cancellationToken); string token = _jwtProvider.Create(user); return(Result.Success(new TokenResponse(token))); }
public void AuthorizeUser(DomainUserDto userDto, HttpContext context) { var jwt = _jwtProvider.Create(userDto, userDto.Roles); context.User = new ClaimsPrincipal(jwt.Identity); userDto.AccessToken = jwt.AccessToken; }
public async Task <AuthDto> SignInAsync(SignIn command) { if (!EmailRegex.IsMatch(command.Email)) { _logger.LogError($"Invalid email: {command.Email}"); throw new InvalidEmailException(command.Email); } var user = await _userRepository.GetAsync(command.Email); if (user is null || !_passwordService.IsValid(user.Password, command.Password)) { _logger.LogError($"User with email: {command.Email} was not found."); throw new InvalidCredentialsException(command.Email); } var claims = user.Permissions.Any() ? new Dictionary <string, IEnumerable <string> > { ["permissions"] = user.Permissions } : null; var auth = _jwtProvider.Create(user.Id, user.Role, claims: claims); auth.RefreshToken = await _refreshTokenService.CreateAsync(user.Id); _logger.LogInformation($"User with id: {user.Id} has been authenticated."); await _messageBroker.PublishAsync(new SignedIn(user.Id, user.Role)); return(auth); }
public async Task <JwtDto> SignInAsync(SignIn command) { if (!EmailRegex.IsMatch(command.Email)) { var exception = new InvalidCredentialsException(command.Email); await _messageBroker.PublishAsync(new SignInRejected(command.Email, exception.Message, exception.Code)); throw exception; } var user = await _userRepository.GetAsync(command.Email); if (user is null || !_passwordService.IsValid(user.Password, command.Password)) { var exception = new InvalidCredentialsException(command.Email); await _messageBroker.PublishAsync(new SignInRejected(command.Email, exception.Message, exception.Code)); throw exception; } var token = _jwtProvider.Create(user.Id, user.Role); await _messageBroker.PublishAsync(new SignedIn(user.Id, user.Role)); return(token); }
public async Task <JwtDto> SignInAsync(SignIn command) { if (!EmailRegex.IsMatch(command.Email)) { _logger.LogWarning($"Invalid email address: {command.Email}."); var exception = new InvalidCredentialsException(command.Email); await _messageBroker.PublishAsync(new SignInRejected(command.Email, exception.Message, exception.Code)); throw exception; } var user = await _userRepository.GetAsync(command.Email); if (user is null || !_passwordService.IsValid(user.Password, command.Password)) { var exception = new InvalidCredentialsException(command.Email); await _messageBroker.PublishAsync(new SignInRejected(command.Email, exception.Message, exception.Code)); throw exception; } var token = _jwtProvider.Create(user.Id, user.Role); await _messageBroker.PublishAsync(new SignedIn(user.Id, user.Role)); _logger.LogInformation($"User with id: {user.Id} has been authenticated."); return(token); }
public async Task <AuthDto> HandleAsync(SignIn request) { if (!EmailRegex.IsMatch(request.Email)) { _logger.LogWarning($"Invalid email: {request.Email}"); throw new InvalidEmailException(request.Email); } var user = await _userRepository.GetAsync(request.Email); if (user is null) { _logger.LogWarning($"User with email: {request.Email} was not found."); throw new InvalidCredentialsException(request.Email); } if (user.IsLockedOut) { throw new UserLockedOutException(user.LockoutEnd.Subtract(DateTime.Now).Hours); } if (!_passwordService.IsValid(user.Password, request.Password)) { _logger.LogWarning($"Invalid authentication for user with id: {user.Id.Value}", user); user.InvalidLogin(); await _userRepository.UpdateAsync(user); if (user.IsLockedOut) { _logger.LogWarning($"Locked out user with Id: {user.Id.Value}", user); throw new UserLockedOutException(user.LockoutEnd.Subtract(DateTime.Now).Hours); } throw new InvalidCredentialsException(request.Email); } var claims = user.Permissions.Any() ? new Dictionary <string, IEnumerable <string> > { ["permissions"] = user.Permissions } : null; var auth = _jwtProvider.Create(user.Id, user.Role, claims: claims); auth.RefreshToken = await _refreshTokenService.CreateAsync(user.Id); user.ValidLogin(); await _userRepository.UpdateAsync(user); _logger.LogInformation($"User with id: {user.Id} has been authenticated.", user); await _messageBroker.PublishAsync(new SignedIn(user.Id, user.Role)); return(auth); }
public void AuthorizeUser(JwtUserDto userDto, HttpContext context) { var jwt = _jwtProvider.Create(userDto, userDto.Roles); jwt.Claims.TryGetValue(JwtRegisteredClaimNames.GivenName, out var firstName); jwt.Claims.TryGetValue(JwtRegisteredClaimNames.FamilyName, out var lastName); context.User = new ClaimsPrincipal(jwt.Identity); userDto.AccessToken = jwt.AccessToken; userDto.Id = jwt.Id; userDto.FirstName = firstName; userDto.LastName = lastName; }
public async Task <AuthDto> Handle(LoginCommand request, CancellationToken cancellationToken) { var user = await _userManager.FindByEmailAsync(request.Email); // var isPasswordCorrect = await _userManager.CheckPasswordAsync(user, request.Password); // Console.Write($"User Detail {user.Email} Password Result {isPasswordCorrect}"); if (user != null && await _userManager.CheckPasswordAsync(user, request.Password)) { var identity = new ClaimsIdentity(); identity.AddClaim(new Claim(ClaimTypes.NameIdentifier, user.Id)); identity.AddClaim(new Claim(ClaimTypes.Name, user.Email)); // user logged in string role = user.IsAdmin ? "Admin" : "User"; return(_jwtProvider.Create(user, role)); } Console.Write(user); throw new InvalidCredentialsException(request.Email); }
public async Task <JsonWebToken> SignInAsync(SignIn command) { var user = _users.SingleOrDefault(x => x.Username == command.Username); if (user == null) { throw new Exception("Invalid credentials."); } var passwordResult = _passwordHasher.VerifyHashedPassword(user, user.Password, command.Password); if (passwordResult == PasswordVerificationResult.Failed) { throw new Exception("Invalid credentials."); } await Task.CompletedTask; return(_jwtProvider.Create(user.Id, user.Role)); }
public async Task <AuthDto> SignInAsync(SignIn command) { var user = await _userRepository.GetByUserNameAsync(command.UserName); if (user is null) { _logger.LogError($"User with user name: {command.UserName} was not found."); throw new InvalidCredentialsException(command.UserName); } if (!_passwordService.IsValid(user.Password, command.Password)) { _logger.LogError($"Invalid password for user with id: {user.Id.Value}"); throw new InvalidCredentialsException(command.UserName); } var auth = _jwtProvider.Create(user.Id, "user"); _logger.LogInformation($"User with id: {user.Id} has been authenticated."); return(auth); }
public IActionResult Login() { JwtToken token = _jwtProvider.Create("1", "*****@*****.**", null); return(Json(token)); }