public async Task <UserTokenDTO> VerifyUserWithIdentityAsync(VerifyUserWithIdentityDTO arg, string ip)
{
try
{
var user = await FindUser(arg.Identity);
if (user == null)
{
throw new EntityNotFoundException();
}
var lockDate = await userManager.GetLockoutEndDateAsync(user);
if (lockDate != null &&
lockDate.Value > DateTime.Now)
{
throw new AccountLockedException();
}
var result = await userManager.ChangePhoneNumberAsync(user, user.PhoneNumber, arg.Code);
if (result.Succeeded)
{
//change last code to insure security.
var confirmationToken =
await userManager.GenerateChangePhoneNumberTokenAsync(user, user.PhoneNumber);
var roles = await userManager.GetRolesAsync(user);
var refreshToken = jwtService.GenerateRefreshToken(ip);
if (user.RefreshTokens == null)
{
user.RefreshTokens = new List <RefreshToken>();
}
user.RefreshTokens.Add(refreshToken);
await db.SaveChangesAsync();
return(new UserTokenDTO(jwtService.GenerateAuthorizationToken(user, roles),
refreshToken.Token));
}
else
{
await userManager.AccessFailedAsync(user);
throw new ValidationException(result.Errors);
}
}
catch (System.Exception ex)
{
throw;
}
}
public async Task <ApiResponse> VerifyUserWithIdentity([FromBody] VerifyUserWithIdentityDTO arg)
{
try
{
var ip = httpService.IpAddress(Request, HttpContext);
var token = await userService.VerifyUserWithIdentityAsync(arg, ip);
httpService.SetCookie("refreshToken", token.RefreshToken, Response);
return(new ApiResponse(InfoMessages.UserVerified, token, HttpStatusCode.OK.ToInt()));
}
catch (ValidationException ex)
{
throw new ApiException(ex.Errors, ex.StatusCode);
}
catch (CustomException ex)
{
throw new ApiException(ex, ex.StatusCode);
}
catch (Exception ex)
{
throw new ApiException(ex);
}
}
