public AuthenticateResponse Authenticate(AuthenticateRequest model, string ipAddress) { var Users = _userBs.GetAll(); var user = Users.SingleOrDefault(x => x.Username == model.Username && x.Password == model.Password); // return null if user not found if (user == null) { return(null); } var Usermodal = new WebApi.Models.User() { Username = user.Username, Id = user.Id, Password = user.Password, FirstName = user.FirstName, LastName = user.LastName }; // authentication successful so generate jwt token var token = GenerateJwtToken(Usermodal); var refreshToken = refreshTokenGenerator.generateRefreshToken(ipAddress); user.RefreshTokens.Add(new DAL.Models.RefreshToken() { Token = refreshToken.Token, Expires = refreshToken.Expires, IsExpired = refreshToken.IsExpired, Created = refreshToken.Created, CreatedByIp = refreshToken.CreatedByIp, Revoked = refreshToken.Revoked, RevokedByIp = refreshToken.RevokedByIp, ReplacedByToken = refreshToken.ReplacedByToken, IsActive = refreshToken.IsActive, UserId = user.Id }); var success = _userBs.Update(user); //System.Threading.Thread.Sleep(2000); var xxx = _session?.GetString(user?.Username); // first tokens //_session.SetString(user.Username, refreshToken.Token); //if (UsersRefreshTokens.ContainsKey(user.Username)) //{ // UsersRefreshTokens[user.Username] = refreshToken.Token; //} //else //{ // UsersRefreshTokens.Add(user.Username, refreshToken.Token); //} return(new AuthenticateResponse(Usermodal, token, refreshToken.Token)); }
public UserReturnModel Create(User appUser) { return new UserReturnModel { Url = _urlHelper.Link("GetUserById", new {id = appUser.Id}), Id = appUser.Id, UserName = appUser.UserName, FullName = string.Format("{0} {1}", appUser.FirstName, appUser.LastName), Email = appUser.Email, EmailConfirmed = appUser.EmailConfirmed, Level = appUser.Level, JoinDate = appUser.JoinDate, Roles = _appUserManager.GetRolesAsync(appUser.Id).Result, Claims = _appUserManager.GetClaimsAsync(appUser.Id).Result }; }
public static IEnumerable<Claim> GetClaims(User user) { var claims = new List<Claim>(); var daysInWork = (DateTime.Now.Date - user.JoinDate).TotalDays; if (daysInWork > 90) { claims.Add(CreateClaim("FTE", "1")); } else { claims.Add(CreateClaim("FTE", "0")); } return claims; }
// overload method public AuthenticateResponse Authenticate(string userName, Claim[] claims, string ipAddress, RefreshCred refreshCred) { var key = Encoding.ASCII.GetBytes(_appSettings.Secret); var jwtSecurityToken = new JwtSecurityToken( claims: claims, expires: DateTime.UtcNow.AddMinutes(5), signingCredentials: new SigningCredentials(new SymmetricSecurityKey(key), SecurityAlgorithms.HmacSha256Signature) ); var Users = _userBs.GetAll(); var user = Users.SingleOrDefault(x => x.Username == userName); // return null if user not found if (user == null) { return(null); } var Usermodal = new WebApi.Models.User() { Username = user.Username, Id = user.Id, Password = user.Password, FirstName = user.FirstName, LastName = user.LastName }; var token = GenerateJwtToken(Usermodal, claims); // var token = new JwtSecurityTokenHandler().WriteToken(jwtSecurityToken); var refreshToken = user.RefreshTokens.Single(x => x.Token.Trim().Equals(refreshCred.RefreshToken.Trim())); // this is to change the expired and active conditions // pending using automapper var refrshtokenMod = new Models.RefreshToken() { Revoked = DateTime.UtcNow, Expires = (DateTime)refreshToken.Expires, }; var newrefreshToken = refreshTokenGenerator.generateRefreshToken(ipAddress); // subsequesnt tokens _session.SetString(user.Username, newrefreshToken.Token); refreshToken.Expires = refrshtokenMod.Expires; refreshToken.Revoked = DateTime.UtcNow; refreshToken.RevokedByIp = ipAddress; refreshToken.ReplacedByToken = newrefreshToken.Token; refreshToken.IsActive = refrshtokenMod.IsActive; user.RefreshTokens.Add(new DAL.Models.RefreshToken() { Token = newrefreshToken.Token, Expires = newrefreshToken.Expires, IsExpired = newrefreshToken.IsExpired, Created = newrefreshToken.Created, CreatedByIp = newrefreshToken.CreatedByIp, Revoked = newrefreshToken.Revoked, RevokedByIp = newrefreshToken.RevokedByIp, ReplacedByToken = newrefreshToken.ReplacedByToken, IsActive = newrefreshToken.IsActive, UserId = user.Id }); var success = _userBs.Update(user); return(new AuthenticateResponse(Usermodal, token, newrefreshToken.Token)); }