public async Task <IActionResult> Authenticate([FromBody] LoginFormDto userDto)
{
var user = await _userService.Authenticate(userDto.Email, userDto.Password);
if (user == null)
{
return(BadRequest(new { message = "Username or password is incorrect" }));
}
var tokenHandler = new JwtSecurityTokenHandler();
var key = Encoding.ASCII.GetBytes(_appSettings.Secret);
var tokenDescriptor = new SecurityTokenDescriptor
{
Subject = new ClaimsIdentity(new Claim[] {
new Claim(ClaimTypes.Name, user.Id.ToString())
}),
Expires = DateTime.UtcNow.AddDays(1),
SigningCredentials = new SigningCredentials(new SymmetricSecurityKey(key), SecurityAlgorithms.HmacSha256Signature)
};
var token = tokenHandler.CreateToken(tokenDescriptor);
var tokenString = tokenHandler.WriteToken(token);
return(Ok(new
{
Id = user.Id,
FirstName = user.FirstName,
LastName = user.LastName,
ProfilePictureUrl = user.ProfilePicture?.Url ?? "/images/default_avatar.png",
Token = tokenString
}));
}
public IActionResult Update(string id, [FromBody] LoginFormDto loginFormDto)
{
var user = _mapper.Map <User>(loginFormDto);
user.Id = id;
try
{
_userService.Update(user, loginFormDto.Password);
return(Ok());
} catch (AppException ex)
{
return(BadRequest(new { message = ex.Message }));
}
}
public IActionResult Login(LoginFormDto userForLoginDto)
{
var userFromRepo = repo.findUserByUsernameAndPassword(userForLoginDto.username, userForLoginDto.password); // repo.getUserByUserName
if (userFromRepo == null)
{
Console.WriteLine("not found");
return(Unauthorized());
}
// add id,name into token and generate
var claims = new[] {
new Claim(ClaimTypes.NameIdentifier, userFromRepo.ID.ToString()),
new Claim(ClaimTypes.Name, userFromRepo.USER_NAME)
};
var key = new SymmetricSecurityKey(Encoding.UTF8
.GetBytes("DOASDNAONAODFADWONNACCAONOSNCOAOC"));
var cred = new SigningCredentials(key, SecurityAlgorithms.HmacSha512Signature);
var tokenDescriptor = new SecurityTokenDescriptor
{
Subject = new ClaimsIdentity(claims),
Expires = DateTime.Now.AddDays(1),
SigningCredentials = cred,
};
var tokenHandler = new JwtSecurityTokenHandler();
var token = tokenHandler.CreateToken(tokenDescriptor);
// done
return(Ok(new
{
message = "Ok",
data = new
{
token = tokenHandler.WriteToken(token),
}
}));;
}
public IActionResult Login(LoginFormDto userForLoginDto)
{
Guid newId = Guid.NewGuid();
Console.WriteLine(newId);
//Thành - sunivy - begin
//12/12/2020
//isLoginPass = true sẽ login bằng pass
if (userForLoginDto.isLoginPass)
{
//Login có kiểm tra LDAP
if (userForLoginDto.isLdap)
{
//Check LDAP
KeyValuePair <int, string> check = CheckLoginLDAP(userForLoginDto.username, userForLoginDto.password);
if (check.Key != 0)
{
return(Unauthorized());
}
else
{
//Update pass vào DB
if (!_userRepository.UpdatePasswordUser(userForLoginDto.username, userForLoginDto.password))
{
return(Unauthorized());
}
}
}
}
//end
var userFromRepo = _userRepository.FindUserByUsernameAndPassword(userForLoginDto.username, userForLoginDto.password, userForLoginDto.isLoginPass);
// repo.getUserByUserName
if (userFromRepo == null)
{
Console.WriteLine("not found");
return(Unauthorized());
}
Console.WriteLine(userFromRepo.REGION_ID_C.ToString());
// add id,name into token and generate
var endpoint = _userRepository.GetEndPonitUser(userFromRepo.ID.ToString()).Result;
var claims = new[] {
new Claim(ClaimTypes.NameIdentifier, userFromRepo.ID.ToString()),
new Claim(ClaimTypes.Name, userFromRepo.USER_NAME),
new Claim(ClaimTypes.StateOrProvince, userFromRepo.REGION_ID_C.ToString()),
new Claim("Name", Utils.Base64Encode(userForLoginDto.username + "_" + userForLoginDto.password + "TeleSales")),
new Claim("IsAdmin", userFromRepo.IS_ADMIN.ToString()),
new Claim("Role", (endpoint != null ? string.Join(",", endpoint) : "")), // lưu quyền vào token
};
var key = new SymmetricSecurityKey(Encoding.UTF8.GetBytes(_config.GetValue <String>("AppIdentitySettings:SecurityKey")));
var cred = new SigningCredentials(key, SecurityAlgorithms.HmacSha512Signature);
var tokenDescriptor = new SecurityTokenDescriptor
{
Subject = new ClaimsIdentity(claims),
Expires = DateTime.Now.AddSeconds(_config.GetValue <int>("AppIdentitySettings:TokenExpireTime")),
SigningCredentials = cred,
};
var tokenHandler = new JwtSecurityTokenHandler();
var token = tokenHandler.CreateToken(tokenDescriptor);
// done
//lưu token vào cached
_ = _userRepository.InsertUpdateToken(userFromRepo.ID.ToString(), tokenHandler.WriteToken(token)).Result;
Dictionary <string, string> cachedToken = (Dictionary <string, string>)_cache.Get("Token");
if (cachedToken == null)
{
if (setCached())
{
cachedToken = (Dictionary <string, string>)_cache.Get("Token");
}
else
{
cachedToken = new Dictionary <string, string>();
}
}
if (cachedToken.ContainsKey(userFromRepo.ID.ToString()))
{
cachedToken[userFromRepo.ID.ToString()] = tokenHandler.WriteToken(token);
}
else
{
cachedToken.Add(userFromRepo.ID.ToString(), tokenHandler.WriteToken(token));
}
_cache.Set("Token", cachedToken);
// done
return(Ok(new
{
message = "Ok",
data = new
{
token = tokenHandler.WriteToken(token),
},
code = 200
}));;
}
