示例#1
0
        public async Task <ActionResult <SignInResponse> > SignIn(SignInRequest request)
        {
            var authAttempt = await _userAuthService.AuthenticateAsync(request.Username, request.Password);

            if (!authAttempt.IsSuccess)
            {
                return(StatusCode((int)HttpStatusCode.Unauthorized, new SignInResponse
                {
                    ResultCode = authAttempt.Code.ToString("G"),
                }));
            }

            Response.Cookies.Append(
                JwtBearerAuthenticationOptions.JwtBearerAuthentication,
                _jwtTokenGenerator.CreateToken(authAttempt.User),
                new CookieOptions
            {
                Expires  = DateTimeOffset.Now.AddDays(7),
                HttpOnly = false,
                Secure   = false,
            }
                );

            return(Ok(new SignInResponse
            {
                ResultCode = authAttempt.Code.ToString("G"),
            }));
        }
示例#2
0
        public async Task <IActionResult> CreateToken([FromBody] LogInReq model)
        {
            try
            {
                var user = await _userRepository.WithEmail(model.Email);

                if (user == null)
                {
                    return(NotFound("Usuario con email no existe"));
                }
                if (_passwordHasher.VerifyHashedPassword(user, user.Password, model.Password) != PasswordVerificationResult.Success)
                {
                    return(Unauthorized());
                }

                var claims = new[] {
                    new Claim(JwtRegisteredClaimNames.Sub, user.Id.ToString()),
                    new Claim(JwtRegisteredClaimNames.Jti, Guid.NewGuid().ToString()),
                    new Claim(JwtRegisteredClaimNames.Email, user.Email)
                };
                var jwtSecurityToken = _jwtTokenGenerator.CreateToken(claims);

                return(Ok(new AuthResponse {
                    Token = new JwtSecurityTokenHandler().WriteToken(jwtSecurityToken),
                    Expiration = jwtSecurityToken.ValidTo,
                    User = new UserResponse(user),
                    IAmRoot = await permissionRepository.UserIsRoot(user.Id),
                    Permissions = (await permissionRepository.GetUserPermissions(user.Id)).Select(p => new PermissionResponse(p)).ToList(),
                    Companies = (await companyRepository.GetUserCompanies(user.Id)).Select(c => new CompanyResult(c)).ToList()
                }));
            }
            catch (Exception ex)
            {
                _logger.LogError($"error while creating token: {ex}");
                return(StatusCode((int)HttpStatusCode.InternalServerError, "error while creating token"));
            }
        }
示例#3
0
        public ActionResult <JwtToken> RefreshTask()
        {
            StringValues token = Request.Headers["authorization"];

            if (string.IsNullOrWhiteSpace(token))
            {
                return(BadRequest());
            }

            string userId = JwtTokenGenerator.GetUserKey(token);

            //Validate if the user was maybe deleted since the last auth
            if (!_dbDriver.Service.PamaxieUserData.Exists(userId))
            {
                return(Unauthorized());
            }

            var newToken = _generator.CreateToken(userId, ApiApplicationConfiguration.JwtSettings);

            return(Ok(newToken));
        }