public async Task <Response> Authenticate(LoginUserRequest request)
{
try
{
var user = await _repository.GetByEmail(request.Email);
if (!_hashService.AreEqual(request.Password, user.Hash, user.Salt))
{
return(ForbiddenResponse("Email ou senha incorretos"));
}
var response = new LoginUserResponse();
response.User = _mapper.Map <UserResponse>(user);
response.Token = _tokenService.GenerateToken(user);
response.ExpiresIn = _tokenService.GetExpirationInSeconds();
return(OkResponse(null, response));
}
catch (NullReferenceException)
{
return(NotFoundResponse("Usuário não encontrado"));
}
catch (Exception ex)
{
return(BadRequestResponse(ex.Message));
}
}
public async Task <LoginUserResponse> AuthorizeAsync(LoginUserRequest request)
{
LoginUserResponse response = new LoginUserResponse();
try
{
var user = await this.userRepository.GetByCredentialsAsync(request.Email, $"{request.Email}:{request.Password}".GenerateSHA512());
if (user.IsNotNull())
{
response.User = user;
response.Token = this.tokenGenerator.Generate(user.Id.ToString());
response.Nickname = await this.nicknameRepository.GetAByUserAsync(user);
}
else
{
response.IsSuccessful = false;
response.Errors.Add(new Error()
{
Code = ((int)ErrorCodes.NotFound).ToString(), Message = "Email or Password is incorrect"
});
}
}
catch (Exception exception)
{
throw new IDMoneyException(new Error()
{
Code = ((int)ErrorCodes.Unknown).ToString(), Message = "There was a problem. Please try again later"
});
}
return(response);
}
void RaiseLoginUserRequest()
{
LoginUserRequest.Raise(new Notification
{
Title = "Enter credentials..."
}, LoginNotification);
}
public LoginUserResponse Handle(LoginUserRequest request)
{
var response = new LoginUserResponse();
response.Errors = Validate(request);
if (response.HasErrors)
{
return(response);
}
try
{
request.Password = PasswordsHelper.HashPassword(request.Password);
AddSession(request, response);
return(response);
}
catch (Exception)
{
response.Errors.Add(new ErrorStatus("BAD_REQUEST"));
throw;
}
}
public async Task <MessageResponse <string> > LoginUserAsync(LoginUserRequest message)
{
var response = new MessageResponse <string>();
if (string.IsNullOrEmpty(message.Username) || !userValidator.ValidateUsername(message.Username))
{
response.Errors.Add(errorListProvider.GetError(ErrorCode.IE0007));
return(response);
}
if (string.IsNullOrEmpty(message.Password))
{
response.Errors.Add(errorListProvider.GetError(ErrorCode.IE0008));
return(response);
}
var user = await userRepository.FindByName(message.Username);
if (user == null)
{
response.Errors.Add(errorListProvider.GetError(ErrorCode.IE0005));
return(response);
}
if (await userRepository.CheckPassword(user, message.Password))
{
response.Message = await jwtFactory.GenerateEncodedToken(user.Id, user.UserName);
}
else
{
response.Errors.Add(errorListProvider.GetError(ErrorCode.IE0004));
}
return(response);
}
public ActionResult Login(LoginModel model)
{
if (!ModelState.IsValid)
{
return(View());
}
var request = new LoginUserRequest()
{
Email = model.Email,
Password = Utils.Utils.PassGenerate(model.Password)
};
var userLogin = JsonConvert.DeserializeObject <UserResponse>
(ServiceApiUtil.ApiResponse("api/user/GetByLoginAndPass", "POST", request));
if (userLogin != null)
{
var identify = new ClaimsIdentity(new[]
{
new Claim(ClaimTypes.Name, userLogin.Email),
new Claim(ClaimTypes.Sid, userLogin.Id.ToString())
},
"ApplicationCookie");
var ctx = Request.GetOwinContext();
var authManager = ctx.Authentication;
authManager.SignIn(identify);
return(Redirect(GetRedirectUrl(model.ReturnUrl)));
}
ModelState.AddModelError("", "Usuário ou senha inválidos");
return(View(model));
}
public string GenerateJwtToken(LoginUserRequest loginData)
{
IUser user = _readOnlyRepository.GetUserByEmail(loginData.Email);
if (user is null)
{
throw new NotFoundException("Bad Reque");
}
PasswordVerificationResult result = _passwordHasher.VerifyHashedPassword(user, user.Password, loginData.Password);
if (result.Equals(PasswordVerificationResult.Failed))
{
throw new NotFoundException("Incorrect email or password.");
}
List <Claim> claims = new()
{
new Claim(ClaimTypes.NameIdentifier, user.Id.ToString()),
new Claim(ClaimTypes.Name, $"{user.Name} {user.Surname}"),
new Claim(ClaimTypes.Role, user.RoleName),
//new Claim("DateOfBirth", user.DateOfBirth.Value.ToString("yyyy-MM-dd")),
new Claim("Nationality", user.CountryIso2)
};
var key = new SymmetricSecurityKey(Encoding.UTF8.GetBytes(_authSettings.JwtKey));
var cred = new SigningCredentials(key, SecurityAlgorithms.HmacSha256);
var expires = DateTime.Now.AddDays(_authSettings.JwtExpiredDays);
var token = new JwtSecurityToken(_authSettings.JwtIssuer, _authSettings.JwtIssuer, claims, expires: expires, signingCredentials: cred);
var tokenHandler = new JwtSecurityTokenHandler();
return(tokenHandler.WriteToken(token));
}
}
public async Task <IActionResult> LoginNganHangLienKet(LoginUserRequest request)
{
IActionResult response = Unauthorized();
UserBO login = new UserBO();
login.TenTaiKhoan = request.tenDangNhap;
login.MatKhau = request.matKhau;
var user = AuthenticateUser(login);
if (user != null && user.IdLoaiTaiKhoan == 4)
{
user.TenTaiKhoan = "nhom21";
user.Email = "*****@*****.**";
var stringToken = GetJSONWebToken(user);
var stringRefreshToken = TokenService.GenerateRefreshToken();
response = Ok(new
{
token = stringToken
});
}
return(response);
}
public UserEntity SigninUser(LoginUserRequest request)
{
var user = usersRepository.FindBy(x => x.Email.Equals(request.Email.Trim().ToLower(), StringComparison.CurrentCultureIgnoreCase)).FirstOrDefault();
if (user != null)
{
if (user.Enabled)
{
if (user.Verified)
{
if (user.Password.Equals(request.Password.Trim().HashMD5(), StringComparison.CurrentCulture))
{
return(user);
}
throw new GeneralException(10605, string.Format("The password you have provided for the user '{0}' is incorrect!", request.Email.Trim().ToLower()));
}
throw new GeneralException(10603, string.Format("User '{0}' is exists, but, the email address on the account has not been verified! Please check your email and click on the link provided in email to verify the account!", request.Email.Trim().ToLower()));
}
throw new GeneralException(10602, string.Format("User '{0}' is exists, but, the account may be terminated or blocked! Please contact us!", request.Email.Trim().ToLower()));
}
throw new GeneralException(10601, string.Format("User with the email address '{0}' does not exists!", request.Email.Trim().ToLower()));
}
public async Task <UserResponse> AuthenticateUser(LoginUserRequest loginUser)
{
var user = await _repository.Find(loginUser.Email);
if (Authenticate(user, loginUser.Password) == null)
{
throw new UnauthorizedException("this user unregistered");
}
var tokenHandler = new JwtSecurityTokenHandler();
var key = Encoding.ASCII.GetBytes(_jwtOptions.Secret);
var tokenDescriptor = new SecurityTokenDescriptor
{
Subject = new ClaimsIdentity(new Claim[]
{
new Claim(ClaimTypes.Name, user.UserName)
}),
Expires = DateTime.UtcNow.AddDays(7),
SigningCredentials = new SigningCredentials(new SymmetricSecurityKey(key), SecurityAlgorithms.HmacSha256Signature)
};
var token = tokenHandler.CreateToken(tokenDescriptor);
var tokenString = tokenHandler.WriteToken(token);
var response = _mapper.Map <User, UserResponse>(user);
response.Token = tokenString;
return(response);
}
public async Task <AuthResult> LoginAsync(LoginUserRequest userRequest)
{
var existUser = await _userManager.FindByNameAsync(userRequest.UserName);
if (existUser == null)
{
return(new AuthResult()
{
Error = "UserName doesn't Exist"
});
}
var checkPassword = await _userManager.CheckPasswordAsync(existUser, userRequest.Password);
if (!checkPassword)
{
return(new AuthResult()
{
Error = "InCorrect Password"
});
}
var emailConfirmed = await _userManager.IsEmailConfirmedAsync(existUser);
if (!emailConfirmed)
{
return(new AuthResult()
{
Error = "Your Email Address has not been confirm. Kindly Check Your Email Address"
});
}
return(await GenerateUserToken(existUser));
}
public async Task GivenAccountToLogin_WhenUserNameIsNotValid_ThenReturnsBadRequest()
{
// Arrange
var appUser = new AppUser
{
UserName = "******",
PasswordHash = Encoding.UTF8.GetBytes("Password1"),
PasswordSalt = Encoding.UTF8.GetBytes("Salt")
};
var dbSetMock = new List <AppUser> {
appUser
}.AsQueryable().BuildMockDbSet();
var dataContextOptions = new DbContextOptionsBuilder <DataContext>().Options;
var dataContextMock = new Mock <DataContext>(dataContextOptions);
dataContextMock.Setup(x => x.Users).Returns(dbSetMock.Object);
var request = new LoginUserRequest {
UserName = "******", Password = "******"
};
var tokenServiceMock = new Mock <ITokenService>();
var testee = new AccountController(dataContextMock.Object, tokenServiceMock.Object);
// Act
var result = await testee.Login(request).ConfigureAwait(false);
// Assert
result.Value.Should().BeNull("the user 'UserName1' does not exist in the database");
result.Result.Should().BeOfType <UnauthorizedObjectResult>().Which.Value.Should().Be("Invalid username");
}
public async Task GivenAccountToLogin_WhenCredentialsAreValidAndUserExists_ThenReturnsUserToken()
{
// Arrange
var appUser = new AppUser
{
UserName = "******",
PasswordSalt = Encoding.UTF8.GetBytes("Salt")
};
using var hmac = new HMACSHA512(appUser.PasswordSalt);
appUser.PasswordHash = hmac.ComputeHash(Encoding.UTF8.GetBytes("Password1"));
var dbSetMock = new List <AppUser> {
appUser
}.AsQueryable().BuildMockDbSet();
var dataContextOptions = new DbContextOptionsBuilder <DataContext>().Options;
var dataContextMock = new Mock <DataContext>(dataContextOptions);
dataContextMock.Setup(x => x.Users).Returns(dbSetMock.Object);
var request = new LoginUserRequest {
UserName = "******", Password = "******"
};
var tokenServiceMock = new Mock <ITokenService>();
tokenServiceMock.Setup(ts => ts.CreateToken(It.Is <AppUser>(user => user.UserName == "username1"))).Returns("Here is the token");
var testee = new AccountController(dataContextMock.Object, tokenServiceMock.Object);
// Act
var result = await testee.Login(request).ConfigureAwait(false);
// Assert
result.Result.Should().BeNull("so far, in the course the result is not ok");
result.Value.Should().NotBeNull("the user must be able to login");
result.Value.UserName.Should().Be("username1", "the username UserName1 must login");
result.Value.Token.Should().Be("Here is the token", "the token must be stored in the response");
}
public async Task <BaseResponseDto <ResponseLoginDto> > Handle(LoginUserRequest request, CancellationToken cancellationToken)
{
BaseResponseDto <ResponseLoginDto> response = new BaseResponseDto <ResponseLoginDto>();
ResponseLoginDto responseLoginDto = new ResponseLoginDto();
try
{
var user = await _repositoryWrapper.User.Where(p => (p.Email == request.Email && p.Password == GetHash(request.Password))).FirstOrDefaultAsync();
if (user != null)
{
//response.Data.User = new UserDto(user);
//response.Data.Token= GenerateJWT(user);
responseLoginDto.User = new UserDto(user);
responseLoginDto.Token = GenerateJWT(user);
response.Data = responseLoginDto;
}
else
{
response.Errors.Add("Böyle bir kullanıcı bulunamadı.");
}
}
catch (Exception ex)
{
_logger.LogError(ex, ex.InnerException.Message);
response.Errors.Add(ex.InnerException.Message);
response.Errors.Add("Kullanıcı giriş yaparken bir hata oluştu.");
}
return(response);
}
public LoginUserResponse Login(LoginUserRequest request)
{
var response = new LoginUserResponse();
try
{
//var user = DataContext.Users.Where(x => x.Username == request.Username).Include(x => x.Role).First();
var user = DataContext.Users.Where(x => x.Email == request.Email).Include(x => x.Role).Include(y => y.RolePrivileges).First();
if (user != null && user.Password == crypto.Compute(request.Password, user.PasswordSalt))
{
//Include(x => x.Role).
response = user.MapTo <LoginUserResponse>();
response.IsSuccess = true;
}
else
{
response.IsSuccess = false;
response.Message = string.Format("Failed login using email <{0}> and password <{1}>", request.Email, request.Password);
}
}
catch (System.InvalidOperationException x)
{
response.IsSuccess = false;
response.Message = string.Format("Failed login using email <{0}> and password <{1}> {2}", request.Email, request.Password, x.Message);
}
return(response);
}
public async Task <LoginUserResponse> LoginAsync(LoginUserRequest request)
{
var user = await _context.ApplicationUsers.SingleOrDefaultAsync(u => u.Email == request.Email);
if (user == null)
{
return(null);
}
var result = await _signInManager.CheckPasswordSignInAsync(user, request.Password, false);
if (!result.Succeeded)
{
return(null);
}
var generatedToken = await _jwtGenerator.CreateTokenAsync(user);
var responseDto = new LoginUserResponse()
{
Token = generatedToken.Token,
RefreshToken = generatedToken.RefreshToken,
};
return(responseDto);
}
private User GetAndValidateUser(LoginUserRequest request)
{
User user = UserManager.GetUserById(request.UserId);
ValidateUser(user, request.UserPassword);
return(user);
}
protected override UserContextDTO GetUserContext(LoginUserRequest request)
{
List <PendingReviewDTO> pendingReviews = GetPendingReviewsForUser(request);
CartDTO pendingCart = GetPendingCartForUser(request.UserId);
return(BuildResponseDTO(pendingReviews, pendingCart));
}
public LoginUserResponse Login(LoginUserRequest request)
{
try
{
using (var db = new DataBaseContext())
{
var user = db.Users.Where(u => u.Email == request.Email && u.Password == request.Password).FirstOrDefault();
if (user != null)
{
return(new LoginUserResponse {
UserID = user.Id, FirstName = user.FirstName, LastName = user.LastName, Image = user.Image, Success = true
});
}
else
{
return new LoginUserResponse {
ErrorMessage = "Email or password incorrect."
}
};
}
}
catch (Exception ex)
{
return(new LoginUserResponse {
ErrorMessage = ex.ToString()
});
}
}
/// <inheritdoc/>
public async Task <AuthResponse> LoginAsync(LoginUserRequest request)
{
var existingUser = await _userRepository.GetUserByUsernameAsync(request.Username);
if (existingUser == null)
{
return(new AuthResponse
{
Success = false,
Errors = new List <string>
{
"User with such username does not exist!"
}
});
}
var passwordCorrect = IsPasswordCorrect(existingUser, request.Password);
if (passwordCorrect)
{
return(await GenerateAuthResultForUserAsync(existingUser));
}
return(new AuthResponse
{
Success = false,
Errors = new List <string>
{
"Check username/password combination!"
}
});
}
public async Task <ActionResult> Login([FromBody] LoginUserRequest request)
{
var query = new GetTokenQuery(request.Username, request.Password);
var response = await _mediator.Send(query);
return(response != null ? (ActionResult)Ok(response) : BadRequest());
}
public async Task <IActionResult> Login(LoginUserRequest loginUserRequest)
{
var userDTO = _mapper.Map <QueryForExistingUserDTO>(loginUserRequest);
var returnedUser = await _authManager.LoginUser(userDTO);
var appUser = await _userManager.Users
.FirstOrDefaultAsync(u => u.NormalizedUserName == userDTO.UserName.ToUpper());
var _admin = await AmIAnAdmin(appUser);
var actualUserResponse = new ReceivedExistingUserResponse
{
UserName = appUser.UserName,
Id = appUser.Id,
Admin = _admin
};
if (actualUserResponse != null)
{
return(Ok(new
{
token = GenerateTokenString(appUser).Result,
user = actualUserResponse,
admin = _admin
}));
}
return(Unauthorized());
}
public IHttpActionResult LoginUser(LoginUserRequest loginRequest)
{
try
{
UserContextDTO contextDTO = loginService.LoginUser(loginRequest);
ControllerResponse response = ControllerHelper.CreateSuccessResponse("Login");
response.Data = contextDTO;
return(Ok(response));
}
catch (BadRequestException e)
{
return(CreateBadResponse(e.Message));
}
catch (RepositoryException e)
{
return(CreateBadResponse(e.Message));
}
catch (OperationException e)
{
return(CreateBadResponse(e.Message));
}
catch (Exception e)
{
return(CreateBadResponse("Ocurrió un error al realizar login"));
}
}
/// <summary>
/// Function to get the serviceId based on the userAttributes
/// Makes a call to EzPass LoginUser, then a call to EzPass AuthorizeUser using the ServiceClient from Common
/// </summary>
/// <param name="serviceUrl">Service Url endpoint</param>
/// <param name="userAttributes">User Attributes</param>
/// <returns></returns>
protected async Task <string> GetServiceId(string serviceUrl, IEnumerable <KeyValuePair <string, object> > userAttributes)
{
var keyValuePairs = userAttributes.ToList();
var loginUser = new LoginUserRequest()
{
username = keyValuePairs.FirstOrDefault(item => item.Key.Contains("UserName")).Value?.ToString(),
password = keyValuePairs.FirstOrDefault(item => item.Key.Contains("Password")).Value?.ToString(),
vendorId = keyValuePairs.FirstOrDefault(item => item.Key.Contains("VendorId")).Value?.ToString(),
model = "TEST",
systemVersion = "1.0",
appVersion = "1.0",
verificationToken = keyValuePairs.FirstOrDefault(item => item.Key.Contains("VerificationToken")).Value?.ToString(),
};
var loginUserResponse = await _serviceClient.PostAsync <LoginUserResponse>(serviceUrl, loginUser);
var authorizeUser = new AuthorizeUserRequest()
{
vendorId = loginUser.vendorId,
verificationToken = Sha256(loginUser.vendorId + "|" + loginUserResponse.LoginUser.AccessId + "|" + "XeroxMobileApp"),
accessId = loginUserResponse.LoginUser.AccessId,
};
var authorizeUserResponse = await _serviceClient.PostAsync <AuthorizeUserResponse>(serviceUrl, authorizeUser);
var serviceId = authorizeUserResponse.AuthorizeUser.ServiceId;
return(serviceId);
}
public async Task HandleWithValidCreateRequestCallSaveAsExpectedResultAsync()
{
// Arrange
var userModel = new UserModel {
Id = 1, FirstName = "Thirumalai", PhoneNumber = 123456, Email = "*****@*****.**", Password = "******"
};
var config = new MapperConfiguration(m => { m.CreateMap <UserDetail, UserModel>(); });
var mapper = new Mapper(config);
var bookingList = MockUserListResponse().ToList().AsQueryable();
repository = new Mock <IRepository>();
repository.Setup(m => m.Query <UserDetail>())
.Returns(bookingList);
underTest = new LoginUser(repository.Object, mapper);
request = new LoginUserRequest(userModel);
// Act
CancellationToken cancellationToken;
var result = await underTest.Handle(request, cancellationToken);
// Assert
Assert.NotNull(result);
Assert.Equal(userModel.Id, result.Id);
Assert.Equal(userModel.FirstName, result.FirstName);
}
public async Task <LoginUserResponse> LoginUserAsync(LoginUserRequest loginUserRequest)
{
var user = await this.GetUserAsync(loginUserRequest.Username);
this.userValidationService.ValidateLoginUser(user);
this.passwordService.CheckPassword(loginUserRequest.Password, user.HashedPassword);
user.LastLoginDate = DateTime.UtcNow;
await this.Context.SaveChangesAsync();
var accessTokenGenerationData = new AccessTokenGenerationData
{
UserId = user.Id,
RefreshToken = Encoding.Default.GetString(user.RefreshToken),
Email = user.Email,
AuthorizationRole = user.AuthorizationRole
};
var loginUserResponse = new LoginUserResponse
{
AccessToken = this.jwtSecurityTokenService.GenerateToken(accessTokenGenerationData),
User = Mapper.Map <User, UserDto>(user)
};
return(loginUserResponse);
}
public ServiceResponse <bool> ChangePassword([FromBody] ChangePasswordRequest Request)
{
Request.ClientUserId = CurrentUser.Id;
ServiceResponse <bool> response = new ServiceResponse <bool>();
GetUserResponse userResponse = _userService.ChangePassword(Request);
if (userResponse == null || !userResponse.IsSucceed)
{
response.IsSuccessful = userResponse.IsSucceed;
response.Message = userResponse.Message;
response.ResultCode = userResponse.ResultCode;
return(response);
}
LoginUserRequest login = new LoginUserRequest
{
Username = userResponse.User.Username,
Password = Request.NewPassword
};
Login(login);
return(response);
}
public async Task <ActionResult <UserTokenResponse> > Login([FromBody] LoginUserRequest request)
{
var user = await GetUser(request.UserName).ConfigureAwait(false);
if (user == null)
{
return(Unauthorized("Invalid username"));
}
var result = await _signInManager.CheckPasswordSignInAsync(user, request.Password, false).ConfigureAwait(false);
if (!result.Succeeded)
{
return(Unauthorized());
}
return(new UserTokenResponse
{
UserName = user.UserName,
Token = _tokenService.CreateToken(user),
PhotoUrl = user.Photos.FirstOrDefault(p => p.Enabled)?.Url,
KnownAs = user.KnownAs,
Gender = user.Gender
});
}
protected JsonMessage LoginUser(LoginUserRequest request)
{
LoginUserResponce responce = new LoginUserResponce();
responce.OK = false;
responce.Responce = "Invalid";
if (request != null)
{
var login = DB.GetAuthFromEmail(request.Email);
if (login != null)
{
var crypto = CheckPassword(login.UserID, login.TokenSalt, request.Password);
if (crypto != null)
{
responce.OK = true;
responce.UserID = login.UserID;
responce.Responce = GenerateAuthToken(login.UserID, crypto);
responce.SessionID = CreateSession();
}
}
}
return(responce);
}
public async Task <LoginUserResponse> Login(LoginUserRequest loginUserRequest)
{
var user = await _repo.Login(loginUserRequest.Username.ToLower(), loginUserRequest.Password);
if (user == null)
{
throw new RestException(HttpStatusCode.Unauthorized);
}
var claims = new[]
{
new Claim(ClaimTypes.NameIdentifier, user.Id.ToString()),
new Claim(ClaimTypes.Name, user.Username)
};
var key = new SymmetricSecurityKey(Encoding.UTF8.GetBytes(_config.GetSection("AppSettings:TokenKey").Value));
var creds = new SigningCredentials(key, SecurityAlgorithms.HmacSha512Signature);
var tokenDescriptor = new SecurityTokenDescriptor
{
Subject = new ClaimsIdentity(claims),
Expires = DateTime.Now.AddDays(1),
SigningCredentials = creds,
};
var tokenHandler = new JwtSecurityTokenHandler();
var token = tokenHandler.CreateToken(tokenDescriptor);
return(new LoginUserResponse
{
Username = user.Username,
UserId = user.Id,
AccessToken = tokenHandler.WriteToken(token),
});
}
/// <summary>
/// Login user.
/// </summary>
/// <param name="request">
/// The request.
/// </param>
/// <returns>
/// The login user.
/// </returns>
public LoginUserResponse LoginUser(LoginUserRequest request)
{
return new LoginUserResponse();
}
