public static TokenValidation ValidateToken(string validToken) { try { System.Data.IDbConnection _Mydb = Supreme_Mobile.Models.GeneralService.DapperConnection(); var loginResult = _Mydb.Query <ValidTokenResultModel>(";Exec Supreme_AuthenticateToken @TokenID", new { TokenID = validToken }).SingleOrDefault(); MyUsersModel userModel = new MyUsersModel(); userModel.UserID = loginResult.UserID; userModel.UserName = loginResult.UserName; userModel.SecurityStamp = loginResult.SecurityStamp; GeneralService logger = new GeneralService(); logger.LogWrite("Token: " + validToken + " - " + JsonConvert.SerializeObject(userModel).ToString()); var validation = TokenManager.ValidateToken(ConfirmLoginTokenPurpose, userModel, validToken); return(validation); } catch (Exception ee) { var result = new TokenValidation(); result.Errors.Add(TokenValidationStatus.Expired); GeneralService.WriteErrorLog(ref ee); return(result); } }
public static string GenerateToken(string reason, MyUsersModel user) { byte[] _time = BitConverter.GetBytes(DateTime.UtcNow.ToBinary()); byte[] _key = Guid.Parse(user.SecurityStamp).ToByteArray(); byte[] _Id = Encoding.UTF8.GetBytes(user.UserID.ToString()); byte[] _reason = Encoding.UTF8.GetBytes(reason); byte[] data = new byte[_time.Length + _key.Length + _reason.Length + _Id.Length]; System.Buffer.BlockCopy(_time, 0, data, 0, _time.Length); System.Buffer.BlockCopy(_key, 0, data, _time.Length, _key.Length); System.Buffer.BlockCopy(_reason, 0, data, _time.Length + _key.Length, _reason.Length); System.Buffer.BlockCopy(_Id, 0, data, _time.Length + _key.Length + _reason.Length, _Id.Length); return(Convert.ToBase64String(data.ToArray())); }
public JsonResult APILogin(MyUsersModel Tokenmodel) { try { var loginResult = _db.Query <MyUserResultModel>(";Exec Supreme_AuthenticateUser @UserName,@Password", new { UserName = Tokenmodel.UserName, Password = GetHashedPassword(Tokenmodel.Password) }).SingleOrDefault(); Tokenmodel.UserID = loginResult.UserID; Tokenmodel.SecurityStamp = Guid.NewGuid().ToString(); var token = Managers.TokenManager.GenerateToken(ConfirmLoginTokenPurpose, Tokenmodel); _db.Query(";Exec Supreme_UpdateUserToken @UserID,@TokenID,@SecurityStamp", new { UserID = Tokenmodel.UserID, TokenID = token, SecurityStamp = Tokenmodel.SecurityStamp }); MyTokenResultModel tokenResult = new MyTokenResultModel(); tokenResult.tokenAuth = token; Tokenmodel.Password = string.Empty; logger.LogWrite(JsonConvert.SerializeObject(Tokenmodel).ToString()); return(Json(tokenResult, JsonRequestBehavior.AllowGet)); } catch (Exception ee) { GenericResultModel AccListResult2 = new GenericResultModel(); AccListResult2.Status = "Fail"; AccListResult2.Remarks = ee.Message; GeneralService.WriteErrorLog(ref ee); return(Json(AccListResult2, JsonRequestBehavior.AllowGet)); } }
public static TokenValidation ValidateToken(string reason, MyUsersModel user, string token) { var result = new TokenValidation(); byte[] data = Convert.FromBase64String(token); byte[] _time = data.Take(8).ToArray(); byte[] _key = data.Skip(8).Take(16).ToArray(); byte[] _reason = data.Skip(24).Take(2).ToArray(); byte[] _Id = data.Skip(26).ToArray(); DateTime when = DateTime.FromBinary(BitConverter.ToInt64(_time, 0)); if (when < DateTime.UtcNow.AddHours(-24)) { result.Errors.Add(TokenValidationStatus.Expired); } Guid gKey = new Guid(_key); if (gKey.ToString() != user.SecurityStamp) { result.Errors.Add(TokenValidationStatus.WrongGuid); } if (reason != Encoding.UTF8.GetString(_reason)) { result.Errors.Add(TokenValidationStatus.WrongPurpose); } if (user.UserID.ToString() != Encoding.UTF8.GetString(_Id)) { result.Errors.Add(TokenValidationStatus.WrongUser); } return(result); }