public async Task <IActionResult> RefreshToken()
{
APIResult apiResult;
LoginRequestDTO loginRequestDTO = new LoginRequestDTO()
{
Account = User.FindFirst(JwtRegisteredClaimNames.Sid)?.Value,
};
string token = GenerateToken(loginRequestDTO);
string refreshToken = GenerateRefreshToken(loginRequestDTO);
LoginResponseDTO LoginResponseDTO = new LoginResponseDTO()
{
Account = loginRequestDTO.Account,
Id = 0,
Name = loginRequestDTO.Account,
Token = token,
TokenExpireMinutes = Convert.ToInt32(configuration["Tokens:JwtExpireMinutes"]),
RefreshToken = refreshToken,
RefreshTokenExpireDays = Convert.ToInt32(configuration["Tokens:JwtRefreshExpireDays"]),
};
apiResult = APIResultFactory.Build(true, StatusCodes.Status200OK,
ErrorMessageEnum.None, payload: LoginResponseDTO);
return(Ok(apiResult));
}
public IHttpActionResult Authenticate([FromBody] LoginRequestDTO login)
{
var loginResponse = new LoginResponseDTO();
LoginRequestDTO loginrequest = new LoginRequestDTO();
loginrequest.Username = login.Username.ToLower();
loginrequest.Password = login.Password;
IHttpActionResult response;
HttpResponseMessage responseMsg = new HttpResponseMessage();
bool isUsernamePasswordValid = _loginRepo.IsUserLoginValid(loginrequest.Username, loginrequest.Password);
// if credentials are valid
if (isUsernamePasswordValid)
{
string token = createToken(loginrequest.Username);
LoginRepository.CurrentUser.Token = token;
//return the token
return(Ok <string>(token));
}
else
{
// if credentials are not valid send unauthorized status code in response
loginResponse.ResponseMsg = new HttpResponseMessage();
loginResponse.ResponseMsg.StatusCode = HttpStatusCode.Unauthorized;
response = ResponseMessage(loginResponse.ResponseMsg);
return(response);
}
}
public async Task <IActionResult> Post(LoginRequestDTO loginRequestDTO)
{
if (ModelState.IsValid == false)
{
APIResult apiResult = APIResultFactory.Build(false, StatusCodes.Status200OK,
ErrorMessageEnum.傳送過來的資料有問題);
return(Ok(apiResult));
}
if (loginRequestDTO.Account != "admin" && loginRequestDTO.Account != "user")
{
APIResult apiResult = APIResultFactory.Build(false, StatusCodes.Status400BadRequest,
ErrorMessageEnum.帳號或密碼不正確);
return(BadRequest(apiResult));
}
{
string token = GenerateToken(loginRequestDTO);
string refreshToken = GenerateRefreshToken(loginRequestDTO);
LoginResponseDTO LoginResponseDTO = new LoginResponseDTO()
{
Account = loginRequestDTO.Account,
Id = 0,
Name = loginRequestDTO.Account,
Token = token,
TokenExpireMinutes = Convert.ToInt32(configuration["Tokens:JwtExpireMinutes"]),
RefreshToken = refreshToken,
RefreshTokenExpireDays = Convert.ToInt32(configuration["Tokens:JwtRefreshExpireDays"]),
};
APIResult apiResult = APIResultFactory.Build(true, StatusCodes.Status200OK,
ErrorMessageEnum.None, payload: LoginResponseDTO);
return(Ok(apiResult));
}
}
public async Task <IActionResult> RefreshToken()
{
UserID = Convert.ToInt32(User.FindFirst(JwtRegisteredClaimNames.Sid)?.Value);
TokenVersion = Convert.ToInt32(User.FindFirst(ClaimTypes.Version)?.Value);
var fooUser = await context.LobUsers.Include(x => x.Department).FirstOrDefaultAsync(x => x.Id == UserID);
if (fooUser == null)
{
APIResult apiResult = APIResultFactory.Build(false, StatusCodes.Status404NotFound,
ErrorMessageEnum.沒有發現指定的該使用者資料);
return(NotFound(apiResult));
}
else
{
APIResult apiResult;
if (fooUser.TokenVersion > TokenVersion)
{
apiResult = APIResultFactory.Build(false, StatusCodes.Status400BadRequest,
ErrorMessageEnum.使用者需要強制登出並重新登入以便進行身分驗證);
return(BadRequest(apiResult));
}
string token = GenerateToken(fooUser);
string refreshToken = GenerateRefreshToken(fooUser);
LoginResponseDTO LoginResponseDTO = fooUser.ToLoginResponseDTO(
token, refreshToken,
configuration["Tokens:JwtExpireMinutes"], configuration["Tokens:JwtRefreshExpireDays"]);
apiResult = APIResultFactory.Build(true, StatusCodes.Status200OK,
ErrorMessageEnum.None, payload: LoginResponseDTO);
return(Ok(apiResult));
}
}
public async Task <ActionResult> SimLogin([FromBody] SimLoginRequestDTO request)
{
LoginResponseDTO res = new LoginResponseDTO();
try
{
IPlatformSession session = ClusterClient.GetGrain <IPlatformSession>(request.user_name);
Account account = await session.VerifyAccount(Platform.Sim, request.user_name);
if (account == null)
{
throw new Exception($"VerifyAccount cant found {request.user_name}");
}
string access_token = JWT.GetAccessToken(account);
await session.RefreshToken(access_token);
res.data = access_token;
res.result = LoginResult.Success;
}
catch (Exception ex)
{
res.result = LoginResult.None;
res.data = ex.ToString();
Logger.LogError(ex.ToString());
}
return(Json(res));
}
/// <summary>
/// Login the user.
/// </summary>
public async Task <bool> VerifyLogin(string UserID, string Password, string MacAddr)
{
var param = new VerifyLoginRM(UserID, Password, MacAddr);
var response = await _sgService
.VerifyLogin(Priority.UserInitiated, param)
.ConfigureAwait(false);
if (response.StatusCode == System.Net.HttpStatusCode.OK)
{
var responseDto = new LoginResponseDTO();
var responseString = response.Content.ReadAsStringAsync().Result;
responseDto = JsonConvert.DeserializeObject <LoginResponseDTO>(responseString);
Globals.LoginStatus = LoginStatusType.Success;
Globals.LoginUsername = responseDto.USER_ID;
Globals.UserType = responseDto.USER_TYPE;
Globals.UserMessage = responseDto.User_Msg;
return(true);
}
else if (response.StatusCode == System.Net.HttpStatusCode.NotFound)
{
Globals.LoginStatus = LoginStatusType.LoginError;
Globals.ErrorTitle = "Error";
Globals.ErrorDescription = "Not Found";
return(true);
}
return(false);
}
// 使用者帳號與密碼可以使用 user1~user50 / password1~password50
public async Task LoginAsync(string account, string password)
{
string url = "https://lobworkshop.azurewebsites.net/api/Login";
LoginRequestDTO loginRequestDTO = new LoginRequestDTO()
{
Account = account,
Password = password
};
var httpJsonPayload = JsonConvert.SerializeObject(loginRequestDTO);
HttpClient client = new HttpClient();
HttpResponseMessage response = await client.PostAsync(url,
new StringContent(httpJsonPayload, System.Text.Encoding.UTF8, "application/json"));
if (response.IsSuccessStatusCode)
{
String strResult = await response.Content.ReadAsStringAsync();
APIResult apiResult = JsonConvert.DeserializeObject <APIResult>(strResult, new JsonSerializerSettings {
MetadataPropertyHandling = MetadataPropertyHandling.Ignore
});
if (apiResult.Status == true)
{
string itemJsonContent = apiResult.Payload.ToString();
item = JsonConvert.DeserializeObject <LoginResponseDTO>(itemJsonContent, new JsonSerializerSettings {
MetadataPropertyHandling = MetadataPropertyHandling.Ignore
});
string content = JsonConvert.SerializeObject(item);
await StorageUtility.WriteToDataFileAsync(Constants.DataFolder, Constants.LoginServiceFilename, content);
}
}
}
public async Task <InvoiceResponseDTO> UpdateInvoiceAsync(LoginResponseDTO loginResponseDTO, InvoiceRequestDTO invoiceRequestDTO)
{
InvoiceResponseDTO invoiceResponseDTO = new InvoiceResponseDTO();
string url = $"{Constants.InvoiceAPI}/{invoiceRequestDTO.Id}";
var httpJsonPayload = JsonConvert.SerializeObject(invoiceRequestDTO);
HttpClient client = new HttpClient();
client.DefaultRequestHeaders.Authorization = new AuthenticationHeaderValue("Bearer", loginResponseDTO.Token);
HttpResponseMessage response = await client.PutAsync(url,
new StringContent(httpJsonPayload, System.Text.Encoding.UTF8, "application/json"));
String strResult = await response.Content.ReadAsStringAsync();
if (response.IsSuccessStatusCode)
{
APIResult apiResult = JsonConvert.DeserializeObject <APIResult>(strResult, new JsonSerializerSettings {
MetadataPropertyHandling = MetadataPropertyHandling.Ignore
});
if (apiResult.Status == true)
{
string itemJsonContent = apiResult.Payload.ToString();
invoiceResponseDTO = JsonConvert.DeserializeObject <InvoiceResponseDTO>(itemJsonContent, new JsonSerializerSettings {
MetadataPropertyHandling = MetadataPropertyHandling.Ignore
});
}
}
return(invoiceResponseDTO);
}
private async Task <LoginResponseDTO> GerarJwt(string email)
{
// buscar usuario na base
var user = await _userManager.FindByEmailAsync(email);
// buscar claims
var claims = await _userManager.GetClaimsAsync(user);
// buscar regras
var userRoles = await _userManager.GetRolesAsync(user);
// add nas claims
claims.Add(new Claim(JwtRegisteredClaimNames.Sub, user.Id));
claims.Add(new Claim(JwtRegisteredClaimNames.Email, user.Email));
claims.Add(new Claim(JwtRegisteredClaimNames.UniqueName, user.UserName));
// add roles
foreach (var userRole in userRoles)
{
claims.Add(new Claim("role", userRole));
}
var identityClaims = new ClaimsIdentity();
identityClaims.AddClaims(claims);
// criar token
var tokenHandler = new JwtSecurityTokenHandler();
// criar token baseado nas info
var token = tokenHandler.CreateToken(new SecurityTokenDescriptor
{
Issuer = _appSettings.Emissor,
Audience = _appSettings.ValidoEm,
Subject = identityClaims,
NotBefore = DateTime.Now,
Expires = DateTime.UtcNow.AddHours(_appSettings.ExpiracaoHoras),
SigningCredentials = _signingConfigurations.SigningCredentials
});
// gerar código
var encodedToken = tokenHandler.WriteToken(token);
// add obj resposta
var response = new LoginResponseDTO
{
AccessToken = encodedToken,
ExpiresIn = TimeSpan.FromHours(2).TotalSeconds,
UserToken = new UserTokenDTO
{
Id = user.Id,
Email = user.Email,
Claims = claims.Select(c => new ClaimDTO {
Type = c.Type, Value = c.Value
})
}
};
return(response);
}
public HttpResponseMessage Login([FromBody] LoginModel loginModel)
{
string email = loginModel.email;
string password = loginModel.password;
CustomResponse response;
User loginUser = _repository.Login(loginModel);
if (loginUser != null)
{
//LoginUser
var userToken = new UserTokenDTO()
{
email = email,
password = password,
expireDate = DateTime.Now.AddDays(TOKEN_EXPIRE_DAY)
};
//Serializing userToken
var jsonString = JsonConvert.SerializeObject(userToken);
// Token generation
var token = FTH.Extension.Encrypter.Encrypt(jsonString, LoginUtility.PRIVATE_KEY);
LoginResponseDTO userDTO = GenericMapper.MapToLoginResponseDTO(loginUser, token);
response = ResponseMessageHelper.CreateResponse(HttpStatusCode.OK, false, userDTO, ConstantResponse.LOGIN_SUCCESS);
return(Request.CreateResponse <CustomResponse>(HttpStatusCode.OK, response));
}
else
{
response = ResponseMessageHelper.CreateResponse(HttpStatusCode.Unauthorized, true, null, ConstantResponse.LOGIN_FAILED);
return(Request.CreateResponse <CustomResponse>(HttpStatusCode.Unauthorized, response));
}
}
public async Task <IActionResult> RegisterUser([FromBody] UserRegistrationDTO userRegistrationDTO)
{
if (userRegistrationDTO == null)
{
return(BadRequest(Constants.CommonErrorMessages.Request_Is_Not_Valid));
}
var userResult = await _userService.RegisterUserAsync(userRegistrationDTO);
if (!userResult.IsSuccessed)
{
return(BadRequest(userResult.GetErrorString()));
}
var tokenResult = CreateUserToken(userResult.Value);
if (!tokenResult.IsSuccessed)
{
return(BadRequest(tokenResult.GetErrorString()));
}
var response = new LoginResponseDTO
{
Token = tokenResult.Value.Value,
};
return(Ok(response));
}
public LoginResponseDTO GetUserAndToken(string username, string password)
{
LoginResponseDTOAssembler asm = new LoginResponseDTOAssembler();
LoginInfo logininfo = _usersApplicationService.GetUserAndToken(username,password);
LoginResponseDTO res = asm.ToDTO(logininfo);
return res;
}
public void ProcessRequest(HttpContext context)
{
LoginResponseDTO res;
LoginRequestDTO dto = new LoginRequestDTO()
{
PlatformId = HttpExtension.GetRequestParam("PlatformId"),
UserCode = HttpExtension.GetRequestParam("UserCode"),
UserPassword = HttpExtension.GetRequestParam("UserPassword")
};
if (dto.PlatformId.IsEmpty() || dto.UserCode.IsEmpty() || dto.UserPassword.IsEmpty())
{
res = new LoginResponseDTO()
{
Success = false,
ErrorMsg = "登陆信息不完整"
};
}
else
{
res = new CommonController().Login(dto);
}
context.Response.ContentType = "text/plain";
context.Response.Write(res.ToJson());
}
public LoginResponseDTO GetRole(LoginRequestDTO request)
{
using (var con = new SqlConnection("Data Source=db-mssql;Initial Catalog=s14354;Integrated Security=True"))
using (var com = new SqlCommand())
{
com.Connection = con;
//hash
request.Haslo = Hash(request.Haslo, GetSalt(request.Login));
com.CommandText = "select IndexNumber, LastName, Role from Student where IndexNumber = @index and Password = @password";
com.Parameters.AddWithValue("index", request.Login);
com.Parameters.AddWithValue("password", request.Haslo);
con.Open();
var dr = com.ExecuteReader();
while (dr.Read())
{
var response = new LoginResponseDTO();
response.id = dr["IndexNumber"].ToString();
response.name = dr["LastName"].ToString();
response.role = dr["Role"].ToString();
return(response);
}
return(null);
}
}
public ResponseResult <LoginResponseDTO> LoginByAccount(LoginRequestDTO request)
{
Log.Info($"deviceId={request.Client.DeviceId}&clientver={request.Client.Version}&source={request.Client.Type}&userCode={request.UserCode}&password={request.Password}");
var app = OAuthAppCache.Get(request.Appid);
if (app == null)
{
return(Fail <LoginResponseDTO>("无效的应用id", "0400"));
}
LoginProvider loginProvider = new LoginProvider(request.UserCode, request.Password, request.Scopes, (LoginType)request.LoginType);
if (!loginProvider.Login(request.Client.Type, request.Client.System, request.Client.DeviceId, request.Client.IP, request.Client.SessionId, request.Client.Version, app.Id))
{
return(Fail <LoginResponseDTO>(loginProvider.PromptInfo.CustomMessage));
}
LoginResponseDTO response = new LoginResponseDTO()
{
Token = loginProvider.Token,
Expires = loginProvider.OAuthUser.Expire_In,
Openid = loginProvider.OAuthUser.Open_Id,
RefreshExpires = loginProvider.OAuthUser.Refresh_Expire_In,
RefreshToken = loginProvider.OAuthUser.Refresh_Token,
};
return(Success(response));
}
public LoginResponseDTO Login(LoginRequestDTO dto)
{
LoginResponseDTO res;
if (dto == null)
{
res = new LoginResponseDTO()
{
Success = false,
ErrorMsg = "传入对象为空"
}
}
;
else
{
try
{
res = _login(dto);
}
catch (Exception ex)
{
res = new LoginResponseDTO()
{
Success = false,
ErrorMsg = ex.Message
};
}
}
Log.Info($"Login", dto, res);
return(res);
}
public User LogIn(string username, string password)
{
LoginRequestDTO loginRequestDTO = new LoginRequestDTO(username, password);
try
{
LoginResponseDTO loginResponseDTO = new LoginResponseDTO(MojUserPortClient.login(loginRequestDTO.LoginRequest));
User response = loginResponseDTO.User;
User userDB = unitOfWork.Users.SingleOrDefault(u => u.Id == response.Id);
if (userDB != null)
{
userDB = response;
unitOfWork.Complete();
}
else
{
unitOfWork.Users.Add(response);
unitOfWork.Complete();
}
return(response);
}
catch
{
return(null);
}
}
public async Task <IActionResult> Login([FromBody] UserCredentialsDTO userCredentialsDTO)
{
if (userCredentialsDTO == null)
{
return(BadRequest(PearUp.Constants.CommonErrorMessages.Request_Is_Not_Valid));
}
var user = await _authenticationService.Authenticate(userCredentialsDTO.PhoneNumber, userCredentialsDTO.Password);
if (!user.IsSuccessed)
{
return(BadRequest(user.GetErrorString()));
}
var token = CreateUserToken(user.Value);
if (!token.IsSuccessed)
{
return(BadRequest(token.GetErrorString()));
}
var response = new LoginResponseDTO
{
Token = token.Value.Value,
};
return(Ok(response));
}
public async Task <LoginResponseDTO> Login([FromBody] LoginUserDTO model)
{
var user = await _userManager.FindByNameAsync(model.UserName);
if (user != null && await _userManager.CheckPasswordAsync(user, model.Password))
{
var token = await CreateTokenAsync(user);
var loginInfo = new LoginResponseDTO
{
UserName = user.UserName,
Token = token.Token,
Expiration = token.Expiration,
isRegistered = await _userManager.IsInRoleAsync(user, "Registered user"),
isManager = await _userManager.IsInRoleAsync(user, "Hotel manager"),
isAdmin = await _userManager.IsInRoleAsync(user, "Administrator"),
isSuperAdmin = await _userManager.IsInRoleAsync(user, "SuperAdministrator")
};
if (loginInfo != null)
{
return(loginInfo);
}
}
throw new NotAuthorizedException("Invalid username or password.");
}
public IActionResult Login([FromBody] LoginRequestDTO request)
{
Guid guid = Guid.NewGuid();
_log.RegistrarEvento($"{guid.ToString()}{Environment.NewLine}{Newtonsoft.Json.JsonConvert.SerializeObject(request)}");
LoginResponseDTO response = new LoginResponseDTO();
try
{
response.Result.Data = _usersService.AuthenticateUsers(request.UserName, EncryptionLibrary.EncryptText(request.Password));
response.Result.Success = true;
}
catch (ResultException ex)
{
response.Result = new Result()
{
Success = true, ErrCode = ex.Result.ErrCode, Message = ex.Result.Message
};
}
catch (Exception ex)
{
response.Result = new Result()
{
Success = false, Message = "Ocurrio un problema en el servicio, intentelo nuevamente."
};
_log.RegistrarEvento(ex, guid.ToString());
}
_log.RegistrarEvento($"{guid.ToString()}{Environment.NewLine}{Newtonsoft.Json.JsonConvert.SerializeObject(response)}");
return(Ok(response));
}
public async Task <ActionResult> SimLogin(string user_name)
{
LoginResponseDTO res = new LoginResponseDTO();
try
{
Account account = await AccountRepository.GetByUserName(user_name);
if (account == null)
{
account = Account.Create();
account.platform = Platform.Sim;
account.platform_id = account.user_id.ToString();
account.user_name = user_name;
await AccountRepository.CreateAccount(account);
}
string access_token = JWT.GetAccessToken(account);
await AccountRepository.RefreshToken(account.user_id, access_token);
res.data = access_token;
res.result = LoginResult.Success;
}
catch (Exception ex)
{
res.result = LoginResult.None;
res.data = ex.ToString();
Logger.LogError(ex.ToString());
}
return(Json(res));
}
public override Task <LoginResponseDTO> LoginByAccount(LoginRequestDTO request, ServerCallContext context)
{
return(Task.Run(() =>
{
LoginResponseDTO response = new LoginResponseDTO();
Log.Info($"deviceId={request.Client.DeviceId}&clientver={request.Client.Version}&source={request.Client.Type}&userCode={request.Usercode}&password={request.Password}");
var app = OAuthAppCache.Get(request.Appid);
if (app == null)
{
response.RetCode = "0400";
response.RetMsg = "未注册的应用";
return response;
}
LoginProvider loginProvider = new LoginProvider(request.Usercode, request.Password, request.Scopes, (LoginType)request.LoginType);
if (!loginProvider.Login(request.Client.Type, request.Client.System, request.Client.DeviceId, request.Client.Ip, request.Client.SessionId, request.Client.Version, app.Id))
{
response.RetCode = xUtils.TransformFailRetCode(loginProvider.PromptInfo.ResultType);
response.RetMsg = loginProvider.PromptInfo.CustomMessage;
return response;
}
response.RetCode = "0000";
response.RetMsg = "ok";
response.Data = new LoginResponseDTO.Types.Result()
{
Token = loginProvider.Token,
Expires = loginProvider.OAuthUser.Expire_In,
Openid = loginProvider.OAuthUser.Open_Id,
RefreshExpires = loginProvider.OAuthUser.Refresh_Expire_In,
RefreshToken = loginProvider.OAuthUser.Refresh_Token,
};
return response;
}));
}
public async Task <List <InvoiceResponseDTO> > RetriveInvoiceAsync(LoginResponseDTO loginResponseDTO)
{
List <InvoiceResponseDTO> invoiceResponseDTOs = new List <InvoiceResponseDTO>();
string url = Constants.InvoiceAPI;
HttpClient client = new HttpClient();
client.DefaultRequestHeaders.Authorization = new AuthenticationHeaderValue("Bearer", loginResponseDTO.Token);
HttpResponseMessage response = await client.GetAsync(url);
String strResult = await response.Content.ReadAsStringAsync();
if (response.IsSuccessStatusCode)
{
APIResult apiResult = JsonConvert.DeserializeObject <APIResult>(strResult, new JsonSerializerSettings {
MetadataPropertyHandling = MetadataPropertyHandling.Ignore
});
if (apiResult.Status == true)
{
string itemJsonContent = apiResult.Payload.ToString();
invoiceResponseDTOs = JsonConvert.DeserializeObject <List <InvoiceResponseDTO> >(itemJsonContent, new JsonSerializerSettings {
MetadataPropertyHandling = MetadataPropertyHandling.Ignore
});
}
}
return(invoiceResponseDTOs);
}
public LoginResponseDTO AttemptNativeLogin(LoginRequestDTO loginRequest)
{
var loginValid = false;
var userId = -1;
var message = "";
var userName = "";
var userEmail = "";
var password = loginRequest.Password;
var user = UserService.GetByEmail(loginRequest.Email, loginRequest.IsSeller);
if (user != null && password != null)
{
if (loginRequest.Password.Equals(user.Password))
{
if (user.Active)
{
var device = user.Device;
device.MobileId = loginRequest.MobileId;
device.RegistrationId = loginRequest.RegistrationId;
if (!loginRequest.IsSeller)
{
var buyer = (Buyer)user;
buyer.Phone.AreaCode = loginRequest.PhoneAreaCode;
buyer.Phone.Number = loginRequest.PhoneNumber;
}
UserService.Update(user);
loginValid = true;
userId = user.Id;
userName = user.Name;
userEmail = user.Email;
}
else
{
message = "Usuario inactivo.";
}
}
else
{
message = "Usuario / contraseña incorrecta.";
}
}
else
{
message = "Usuario / contraseña incorrecta.";
}
var loginResponse = new LoginResponseDTO
{
Valid = loginValid,
Message = message,
UserId = userId,
UserName = userName,
UserEmail = userEmail
};
return(loginResponse);
}
public IHttpActionResult Login([FromBody] LoginRequestDTO model)
{
try
{
if (model == null)
{
return(BadRequest("You've sent an empty model"));
}
int statusCode = 200;
// Проверка пользователя
var user = _context.Users.SingleOrDefault(u => u.UserName == model.usr);
if (user == null)
{
statusCode = 401;
LoginResponseDTO erroResult = new LoginResponseDTO
{
Status = 401
};
return(Ok(erroResult));
}
// Проверка пароля
if (_hasher.VerifyHashedPassword(user.PasswordHash, model.pass) == PasswordVerificationResult.Success)
{
// Ежемесячные операции
var monthlyOpsService = new MonthlyOpsService(user.Id);
monthlyOpsService.ExecuteMonthlyOps();
LoginResponseDTO result = new LoginResponseDTO
{
Status = statusCode,
UserId = user.Id,
CarryOverRests = user.CarryoverRests,
DefCurrency = user.DefCurrency,
UpdateDate = user.UpdateDate,
UseTemplates = user.UseTemplates
};
return(Ok(result));
}
else
{
statusCode = 401;
LoginResponseDTO erroResult = new LoginResponseDTO
{
Status = 401
};
return(Ok(erroResult));
}
}
catch (Exception ex)
{
return(BadRequest(ex.Message));
}
}
private async Task <LoginResponseDTO> GerarJwt(string email)
{
var user = await _userManager.FindByEmailAsync(email);
var claims = await _userManager.GetClaimsAsync(user);
var userRoles = await _userManager.GetRolesAsync(user);
claims.Add(new Claim(JwtRegisteredClaimNames.Sub, user.Id));
claims.Add(new Claim(JwtRegisteredClaimNames.Email, user.Email));
claims.Add(new Claim(JwtRegisteredClaimNames.UniqueName, user.UserName));
foreach (var userRole in userRoles)
{
claims.Add(new Claim("role", userRole));
}
// nova instancia de claims
var identityClaims = new ClaimsIdentity();
identityClaims.AddClaims(claims);
var tokenHandler = new JwtSecurityTokenHandler();
var key = Encoding.ASCII.GetBytes(_appSettings.Secret);
var token = tokenHandler.CreateToken(new SecurityTokenDescriptor
{
Issuer = _appSettings.Emissor,
Audience = _appSettings.ValidoEm,
Subject = identityClaims,
Expires = DateTime.UtcNow.AddHours(_appSettings.ExpiracaoHoras),
SigningCredentials = new SigningCredentials(new SymmetricSecurityKey(key), SecurityAlgorithms.HmacSha256Signature)
});
// gerar código
var encodedToken = tokenHandler.WriteToken(token);
// add obj resposta
var response = new LoginResponseDTO
{
AccessToken = encodedToken,
ExpiresIn = TimeSpan.FromHours(_appSettings.ExpiracaoHoras).TotalSeconds,
UserToken = new UserTokenDTO
{
Id = user.Id,
Email = user.Email,
Claims = claims.Select(c => new ClaimDTO {
Type = c.Type, Value = c.Value
})
}
};
return(response);
}
public async Task Read()
{
string content = await StorageUtility.ReadFromDataFileAsync(Constants.DataFolder, Constants.LoginServiceFilename);
item = JsonConvert.DeserializeObject <LoginResponseDTO>(content);
if (item == null)
{
item = new LoginResponseDTO();
}
}
public async Task <ActionResult> LoginAsync([FromBody] LoginRequest request)
{
var loginDTO = new LoginRequestDTO
{
EmailOrUserName = request.EmailOrUserName,
Password = request.Password
};
LoginResponseDTO response = await authService.LoginAsync(loginDTO);
return(Ok(response));
}
public ApiResponse <LoginResponseDTO> Login(LoginRequestDTO request)
{
LoginResponseDTO response = _accountService.Login(request);
if (response != null)
{
response.AccessToken = new TokenGenerator(_configuration).GenerateJSONWebToken(response.UserId, response.Email);
return(new ApiResponse <LoginResponseDTO>(response));
}
return(new ApiResponse <LoginResponseDTO>("Login Failed", null, false));
}
public LoginResponseDTO Execute(ApplicationUser user, RefreshToken refreshToken = null)
{
var now = DateTime.UtcNow;
var claims = new List <Claim>()
{
new Claim(JwtRegisteredClaimNames.NameId, user.Id),
new Claim(JwtRegisteredClaimNames.Jti, user.Id.ToString()),
new Claim(JwtRegisteredClaimNames.Iat, new DateTimeOffset(now).ToUniversalTime().ToUnixTimeSeconds().ToString(), ClaimValueTypes.Integer64),
new Claim(JwtRegisteredClaimNames.Sub, user.UserName),
};
var expiration = TimeSpan.FromMinutes(Convert.ToInt32(this.config["JwtExpires"]));
var issuer = this.config["JwtIssuer"];
var audience = this.config["JwtAudience"];
var key = new SymmetricSecurityKey(Encoding.ASCII.GetBytes(this.config["JwtKey"]));
var credentials = new SigningCredentials(key, SecurityAlgorithms.HmacSha256);
if (refreshToken == null)
{
refreshToken = new RefreshToken()
{
UserId = user.Id,
Token = Guid.NewGuid().ToString("N"),
};
this.db.InsertNew(refreshToken);
}
refreshToken.IssuedUtc = now;
refreshToken.ExpiresUtc = now.Add(expiration);
this.db.SaveChanges();
var jwt = new JwtSecurityToken(
issuer: issuer,
audience: audience,
claims: claims.ToArray(),
notBefore: now,
expires: now.Add(expiration),
signingCredentials: credentials);
var encodedJwt = new JwtSecurityTokenHandler().WriteToken(jwt);
var response = new LoginResponseDTO
{
access_token = encodedJwt,
refresh_token = refreshToken.Token,
expires_in = (int)expiration.TotalSeconds,
userName = user.UserName,
};
return(response);
}
