public async Task <AuthenticatedUserDto> AuthorizeAsync(LoginDto loginDto)
{
var userEntity = await _tripFlipDbContext
.Users
.AsNoTracking()
.Include(user => user.ApplicationRoles)
.ThenInclude(usersRoles => usersRoles.ApplicationRole)
.FirstOrDefaultAsync(user => user.Email == loginDto.Email);
EntityValidationHelper.ValidateEntityNotNull(
userEntity, ErrorConstants.UserNotFound);
bool isPasswordVerified = PasswordHasherHelper
.VerifyPassword(loginDto.Password, userEntity.PasswordHash);
if (!isPasswordVerified)
{
throw new ArgumentException(ErrorConstants.PasswordNotVerified);
}
AuthenticatedUserDto authenticatedUserDto =
_mapper.Map <AuthenticatedUserDto>(userEntity);
authenticatedUserDto.Token = JsonWebTokenHelper.GenerateJsonWebToken(
userIncludingRoles: userEntity,
issuer: _jwtConfiguration.Issuer,
audience: _jwtConfiguration.Audience,
secretKey: _jwtConfiguration.SecretKey,
tokenLifetime: _jwtConfiguration.TokenLifetime);
return(authenticatedUserDto);
}
/// <summary>
/// Is responsible for calling other methods that execute following actions:
/// <list type="number">
/// <item>Exchanging given authorization code for id token.</item>
/// <item>Obtaining user email from id token.</item>
/// <item>Adding new user entry into database if user with the given email
/// does not already exist.</item>
/// <item>Generating new JWT token for the current user.</item>
/// </list>
/// </summary>
/// <param name="authorizationCode">>A one-time authorization code provided by Google
/// that is used to obtain Google's access token, ID token and refresh token.</param>
/// <returns>A newly generated JWT.</returns>
public async Task <string> LoginWithAuthCodeAsync(string authorizationCode)
{
await GetGoogleOpenIdConfigurationAsync();
var googleOauthResponse =
await ExchangeAuthCodeForTokensAsync(authorizationCode);
if (string.IsNullOrWhiteSpace(googleOauthResponse.AccessToken))
{
throw new Exception(ErrorConstants.GoogleFailedToExchangeAuthCodeForTokens);
}
string userEmail =
GetEmailFromGoogleIdToken(googleOauthResponse.IdToken);
var userEntity = await GetUserByEmailAsync(userEmail);
if (userEntity is null)
{
userEntity = await RegisterAsync(userEmail);
}
string jwt = JsonWebTokenHelper.GenerateJsonWebToken(
userIncludingRoles: userEntity,
issuer: _jwtConfiguration.Issuer,
audience: _jwtConfiguration.Audience,
secretKey: _jwtConfiguration.SecretKey,
tokenLifetime: _jwtConfiguration.TokenLifetime);
return(jwt);
}
public async Task <AuthorizedUserViewModel> LoginAsync(UserLoginViewModel userLoginViewModel)
{
var userEntity = await _context.Users
.AsNoTracking()
.FirstOrDefaultAsync(u => u.Login == userLoginViewModel.Login);
bool isPasswordVerified = PasswordHasherHelper
.VerifyPassword(userLoginViewModel.Password, userEntity.PasswordHash);
if (!isPasswordVerified)
{
throw new ArgumentException();
}
var token = JsonWebTokenHelper.GenerateJsonWebToken(userEntity.Id, userEntity.Login);
var authorizedUserViewModel = new AuthorizedUserViewModel()
{
JwtToken = token,
Email = userEntity.Login
};
return(authorizedUserViewModel);
}