public async Task <AuthenticatedUserDto> AuthorizeAsync(LoginDto loginDto) { var userEntity = await _tripFlipDbContext .Users .AsNoTracking() .Include(user => user.ApplicationRoles) .ThenInclude(usersRoles => usersRoles.ApplicationRole) .FirstOrDefaultAsync(user => user.Email == loginDto.Email); EntityValidationHelper.ValidateEntityNotNull( userEntity, ErrorConstants.UserNotFound); bool isPasswordVerified = PasswordHasherHelper .VerifyPassword(loginDto.Password, userEntity.PasswordHash); if (!isPasswordVerified) { throw new ArgumentException(ErrorConstants.PasswordNotVerified); } AuthenticatedUserDto authenticatedUserDto = _mapper.Map <AuthenticatedUserDto>(userEntity); authenticatedUserDto.Token = JsonWebTokenHelper.GenerateJsonWebToken( userIncludingRoles: userEntity, issuer: _jwtConfiguration.Issuer, audience: _jwtConfiguration.Audience, secretKey: _jwtConfiguration.SecretKey, tokenLifetime: _jwtConfiguration.TokenLifetime); return(authenticatedUserDto); }
/// <summary> /// Is responsible for calling other methods that execute following actions: /// <list type="number"> /// <item>Exchanging given authorization code for id token.</item> /// <item>Obtaining user email from id token.</item> /// <item>Adding new user entry into database if user with the given email /// does not already exist.</item> /// <item>Generating new JWT token for the current user.</item> /// </list> /// </summary> /// <param name="authorizationCode">>A one-time authorization code provided by Google /// that is used to obtain Google's access token, ID token and refresh token.</param> /// <returns>A newly generated JWT.</returns> public async Task <string> LoginWithAuthCodeAsync(string authorizationCode) { await GetGoogleOpenIdConfigurationAsync(); var googleOauthResponse = await ExchangeAuthCodeForTokensAsync(authorizationCode); if (string.IsNullOrWhiteSpace(googleOauthResponse.AccessToken)) { throw new Exception(ErrorConstants.GoogleFailedToExchangeAuthCodeForTokens); } string userEmail = GetEmailFromGoogleIdToken(googleOauthResponse.IdToken); var userEntity = await GetUserByEmailAsync(userEmail); if (userEntity is null) { userEntity = await RegisterAsync(userEmail); } string jwt = JsonWebTokenHelper.GenerateJsonWebToken( userIncludingRoles: userEntity, issuer: _jwtConfiguration.Issuer, audience: _jwtConfiguration.Audience, secretKey: _jwtConfiguration.SecretKey, tokenLifetime: _jwtConfiguration.TokenLifetime); return(jwt); }
public async Task <AuthorizedUserViewModel> LoginAsync(UserLoginViewModel userLoginViewModel) { var userEntity = await _context.Users .AsNoTracking() .FirstOrDefaultAsync(u => u.Login == userLoginViewModel.Login); bool isPasswordVerified = PasswordHasherHelper .VerifyPassword(userLoginViewModel.Password, userEntity.PasswordHash); if (!isPasswordVerified) { throw new ArgumentException(); } var token = JsonWebTokenHelper.GenerateJsonWebToken(userEntity.Id, userEntity.Login); var authorizedUserViewModel = new AuthorizedUserViewModel() { JwtToken = token, Email = userEntity.Login }; return(authorizedUserViewModel); }