public async Task <TokenDto> SignIn(SignInDto signInDto) { var user = await userRepository.FindByLoginAsync(signInDto.Email); TokenDto tokenDto = new TokenDto(); if (user == null || user.StatusOfVerification == "Processing" || user.StatusOfVerification == "Blocked") { tokenDto.Code = 401; return(tokenDto); } if (signInDto.Email != user.Email || !VerifyPassword(signInDto.Password, user.HashPassword, user.Salt)) { tokenDto.Code = 401; return(tokenDto); } //Return two tokens Access, Refresh tokenDto.Name = user.FirstName; tokenDto.Code = 200; tokenDto.AccessToken = token.GenerateToken(user); tokenDto.RefreshToken = token.RefreshGenerateToken(); //Save To database Refresh token RefreshTokens refreshToken = new RefreshTokens(tokenDto.RefreshToken, user.Id, true); refreshRepository.Create(refreshToken); await refreshRepository.SaveChangesAsync(); return(tokenDto); }
public ActionResult AddUser([FromBody] UserData userData) { if (!ModelState.IsValid) { return(BadRequest()); } string userToken = _tokenGenerator.GenerateToken(userData.Login); User user = new User() { Login = userData.Login, FeedbackUrl = userData.Url, UserToken = userToken }; _context.Users.Add(user); _context.SaveChanges(); return(Json(new { generatedToken = userToken })); }
public async Task <IActionResult> AddUser([FromBody] UserData userData) { if (!ModelState.IsValid) { return(BadRequest(ModelState)); } User existedUser = await _context .Users .FirstOrDefaultAsync(u => u.Login == userData.Login); if (existedUser != null) { return(BadRequest("Already have such login")); } string userToken = _tokenGenerator.GenerateToken(userData.Login); User user = new User() { Login = userData.Login, FeedbackUrl = userData.Url, UserToken = userToken }; _context.Users.Add(user); await _context.SaveChangesAsync(); return(Json(new { generatedToken = userToken })); }
/// <summary> /// Sign in with correct email and input password /// </summary> /// <param name="userLoginDto"></param> /// <returns>return TokenDto with new Access Token and Refresh Token /// if user null or email or password not correct /// return tokenDto with code 401</returns> public async Task <TokenDto> SignInAsync(UserLoginDto userLoginDto) { var user = await userRepository.FindByLoginAsync(userLoginDto.Email); TokenDto tokenDto = new TokenDto(); if (user == null) { tokenDto.Code = 401; return(tokenDto); } if (userLoginDto.Email != user.Email || !VerifyPassword(userLoginDto.Password, user.HashPassword, user.Salt)) { tokenDto.Code = 401; return(tokenDto); } //Return two tokens Access, Refresh tokenDto.Code = 200; tokenDto.AccessToken = token.GenerateToken(user); tokenDto.RefreshToken = token.RefreshGenerateToken(); //Save To database Refresh token RefreshToken refreshToken = new RefreshToken(tokenDto.RefreshToken, user.UserId, true); refreshRepository.Create(refreshToken); await refreshRepository.SaveChangesAsync(); return(tokenDto); }
public async Task <AuthenticateCommandResponse> Handle(AuthenticateCommand request, CancellationToken cancellationToken) { if (!request.UserName.Equals(_appSettings.Auth.User) || !request.PassWord.Equals(_appSettings.Auth.Pass)) { throw new UserNotAuthenticatedException(); } return(await _tokenGeneratorService.GenerateToken(request.UserName, null));; }
public IActionResult CreateToken([FromBody] LoginModel login) { if (!context.IsValidUsernameAndPassword(login.UserName, login.Password)) { return(BadRequest()); } logger.Debug($"Token created for {login.UserName}"); return(Ok(tokenGeneratorService.GenerateToken(login))); }
/// <summary> /// Generate Access Token and Refresh Token /// </summary> /// <param name="token"></param> /// <returns>return TokenDto with code 200</returns> public async Task <TokenDto> GenerateRefreshTokenAsync(TokenClaimsDto token) { TokenDto tokenDto = new TokenDto(); var user = await userRepository.FindByIdDetailsAsync(token.UserId); tokenDto.AccessToken = tokenGeneratorService.GenerateToken(user); tokenDto.RefreshToken = tokenGeneratorService.RefreshGenerateToken(); tokenDto.Code = 200; return(tokenDto); }
public async Task <Result <UserOutputModel> > Login(UserInputModel userInput) { var user = await userManager.FindByEmailAsync(userInput.Email); if (user == null) { return(InvalidErrorMessage); } var passwordValid = await userManager.CheckPasswordAsync(user, userInput.Password); if (!passwordValid) { return(InvalidErrorMessage); } var token = jwtTokenGenerator.GenerateToken(user); return(new UserOutputModel(token)); }
public IActionResult Login([FromQuery] UserLoginModel loginModel) { _logger.LogTrace("Login attempt from {RemoteIp} and {UserAgent} with user name {UserName}", UserIp, UserAgent, loginModel.UserName); var dbUser = _db.Users.FirstOrDefault(u => u.UserName == loginModel.UserName); if (dbUser == null) { //TODO: maybe change to generalized error _logger.LogTrace("User name {UserName} not exist", loginModel.UserName); ModelState.AddModelError("User", "user not found"); return(BadRequest(new ValidationProblemDetails(ModelState))); } try { if (dbUser.State == EUserState.InChallenge) { return(Forbid(new AuthenticationProperties(new Dictionary <string, string> { { "Challenge", "need pass" } }))); } switch (dbUser.VerifyPassword(loginModel.Password)) { case PasswordVerificationResult.Failed: _logger.LogTrace("User {UserName} send wrong password", loginModel.UserName); ModelState.AddModelError("Password", "Wrong password"); return(BadRequest(new ValidationProblemDetails(ModelState))); case PasswordVerificationResult.SuccessRehashNeeded: { dbUser.HashPasswordAndSet(loginModel.Password); _db.Users.Update(dbUser); break; } } var refreshToken = new DbRefreshToken() { Fingerprint = loginModel.Fingerprint, FromTime = _now, ToTime = _now.AddDays(_authOptions.RefreshTokenLifetimeDays), CreatedIp = UserIp, NavUser = dbUser, UserAgent = UserAgent, Token = _rngGenerator.GetGuid() }; _db.RefreshTokens.Add(refreshToken); _db.SaveChanges(); var jwt = _tokenGenerator.GenerateToken(dbUser.UserName, dbUser.Role); return(Ok(new AuthResult() { JwtToken = jwt, RefreshToken = refreshToken.Token, UserName = dbUser.UserName })); } catch (SecurityTokenEncryptionFailedException e) { _logger.LogError(e, "Problem with generating JWT for {UserName}", dbUser.UserName); throw; } catch (Exception e) { _logger.LogError(e, "Problem with applying changes to db"); throw; } }