public async Task <IActionResult> Register([FromBody] RegisterModel model)
{
if (TenjinUtils.IsStringEmpty(model?.Username) || TenjinUtils.IsStringEmpty(model?.Password) || TenjinUtils.IsStringEmpty(model?.Code))
{
return(BadRequest());
}
if (model.Code.IsObjectIdEmpty())
{
return(BadRequest());
}
var linked = await _service.IsLinked(model.Code);
var existed = await _service.IsExisted(model.Username);
if (existed || linked)
{
return(BadRequest());
}
await _service.Add(new User
{
Code = model.Code.ToObjectId(),
Name = model.Name.NormalizeString(),
Username = model.Username.NormalizeString(),
Password = model.Password,
Permission = model.Permission
});
return(Ok());
}
public AuthenticationTicket Decode(string token)
{
try
{
if (TenjinUtils.IsStringEmpty(token))
{
return(default);
public async Task <bool> IsExisted(string username)
{
if (TenjinUtils.IsStringEmpty(username))
{
throw new Exception($"Username is required.");
}
username = username.NormalizeString().ToLower();
return(await Count(x => username.Equals(x.Username)) > 0);
}
public async Task <User> GetByUsername(string username)
{
if (TenjinUtils.IsStringEmpty(username))
{
throw new Exception($"Username is required.");
}
username = username.NormalizeString().ToLower();
return(await GetSingleByExpression(x => username.Equals(x.Username)));
}
public async Task <User> Login(string username, string password)
{
if (TenjinUtils.IsStringEmpty(password))
{
throw new Exception($"Password is required.");
}
username = username.NormalizeString().ToLower();
var user = await GetByUsername(username);
return(TenjinUtils.IsStringEmpty(user?.Password)
? default
: password.Equals(user.Password) || password.VerifyRijndaelHash(user.Password) ? user : default);
public async Task <IActionResult> ChangePassword([FromBody] ChangePasswordModel model)
{
if (TenjinUtils.IsStringEmpty(model?.Code) ||
TenjinUtils.IsStringEmpty(model?.NewPassword) ||
model.NewPassword != model.ConfirmPassword)
{
return(BadRequest());
}
var user = await _service.GetSingleByExpression(x => x.Code == model.Code.ToObjectId());
if (user == null)
{
return(BadRequest());
}
await _service.ChangePassword(user.Id, model.NewPassword);
return(Ok());
}
public async Task <IActionResult> ChangePassword([FromBody] ChangePasswordModel model)
{
if (TenjinUtils.IsStringEmpty(AUTH_CODE) ||
TenjinUtils.IsStringEmpty(model?.OldPassword) ||
TenjinUtils.IsStringEmpty(model?.NewPassword) ||
model.NewPassword != model.ConfirmPassword)
{
return(BadRequest());
}
var user = await _service.GetByCode(AUTH_CODE);
if (!model.OldPassword.Equals(user.Password) && !model.OldPassword.VerifyRijndaelHash(user.Password))
{
return(BadRequest());
}
await _service.ChangePassword(user.Id, model.NewPassword);
return(Ok());
}
public async Task <IActionResult> Post([FromBody] LoginModel model)
{
if (TenjinUtils.IsStringEmpty(model?.Username) || TenjinUtils.IsStringEmpty(model?.Password))
{
await Logging("AUTH-TOKEN", model?.Username, "EMPTY");
return(BadRequest());
}
var user = await _service.Login(model.Username, model.Password);
if (user == null)
{
await Logging("AUTH-TOKEN", model?.Username, "NOT-FOUND");
return(BadRequest());
}
var response = await _token.GetTokenResponse(user);
await Logging("AUTH-TOKEN", model?.Username, "COMPLETED");
return(Ok(response));
}
public async Task <IActionResult> Renew()
{
if (!await _token.IsClientCorrect(User))
{
await Logging("AUTH-RENEW", AUTH_USERNAME, "CLIENT-INCORRECT");
return(Unauthorized());
}
var token = GetHeader(TenjinConstants.AUTHORIZATION_HEADER_NAME);
if (TenjinUtils.IsStringEmpty(token) || TenjinUtils.IsStringEmpty(AUTH_CODE))
{
await Logging("AUTH-RENEW", AUTH_USERNAME, "TOKEN-EMPTY");
return(Unauthorized());
}
var ticket = OAuthBearerUtils.Instance.Decode(token);
if (ticket?.Principal == null || ticket?.Properties?.ExpiresUtc < DateTime.UtcNow)
{
await Logging("AUTH-RENEW", AUTH_USERNAME, "EXPIRED");
return(Unauthorized());
}
var user = await _service.GetByCode(AUTH_CODE);
if (user == null)
{
await Logging("AUTH-RENEW", AUTH_USERNAME, "NOT-FOUND");
return(BadRequest());
}
var response = await _token.GetTokenResponse(user);
await Logging("AUTH-RENEW", AUTH_USERNAME, "COMPLETED");
return(Ok(response));
}