public async Task <AuthenticationResult> Handle(AuthenticateCommand request, CancellationToken cancellationToken) { UserDto user = await _authenticateQueries.GetUserByLoginAsync(request.Login); if (user == null) { return(new AuthenticationResult("Incorrect login or password")); } if (!user.IsActive) { return(new AuthenticationResult("User is not active")); } if (!_passwordManager.VerifyPassword(user.Password, request.Password)) { return(new AuthenticationResult("Incorrect login or password")); } user.Claims ??= new List <Claim>(); // TODO: Understand why do we need to add the following in the claims //user.Claims.Add(new Claim(CustomClaimTypes.Name, user.Name)); //user.Claims.Add(new Claim(CustomClaimTypes.Email, user.Email)); return(new AuthenticationResult(user)); }
public User ValidateLogin(LoginCredentialsForm credentials) { var storedUser = _userRepository.GetFromUsername(credentials.Username); if (storedUser != null && _passwordManager.VerifyPassword(storedUser, credentials)) { return(storedUser); } return(null); }
private ServiceResult AuthUser(AppUser user, string password) { if (user == null) { return(ServiceResultFactory.BadRequestResult(nameof(AuthenticateAsync), "Username was not found.")); } var success = _passwordManager.VerifyPassword(password, user.PasswordHash, user.PasswordSalt); if (success == false) { return(ServiceResultFactory.BadRequestResult(nameof(AuthenticateAsync), "Password is wrong.")); } return(ServiceResultFactory.SuccessResult(user)); }
public async Task <TokenDTO> Handle(LoginUserQuery query, CancellationToken cancellationToken) { User user = await userRepository.GetByEmail(query.Email); if (user == null) { throw new AppException(ErrorCode.NotFound); } if (!passwordManager.VerifyPassword(query.Password, user.PasswordHash, user.Salt)) { throw new AppException(ErrorCode.InvalidPassword); } var token = tokenManager.GenerateToken(user.Id, user.Email); return(new TokenDTO(token, user.FirstName, user.LastName, user.Image)); }
public async Task <IActionResult> CreateToken([FromBody] CredentialModel model) { try { var user = await _userRepository.Get(model.Username); if (user == null) { return(Unauthorized()); } if (!await _passwordManager.VerifyPassword(user.Id, model.Password)) { return(Unauthorized()); } var claims = await _authManager.GetAllClaims(user); var signingCredentials = _authManager.GetSigningCredentials(); int validForDurationMinutes = 15; int.TryParse(_configuration[Constants.TokenDurationMinutes], out validForDurationMinutes); var token = _authManager.CreateToken(claims, validForDurationMinutes, signingCredentials); // Update User Last login time for audit await _userRepository.UpdateLastLogin(user.Id); return(Ok(new { token = new JwtSecurityTokenHandler().WriteToken(token), expiration = token.ValidTo })); } catch (Exception ex) { _logger.Error(ex, $"Exception thrown while creating JWT: {ex}"); } return(BadRequest("Failed to create token")); }