diff --git a/src/Server/Controllers/AuthenticationController.cs b/src/Server/Controllers/AuthenticationController.cs index a8d2a3f..3e4bb5d 100755 --- a/src/Server/Controllers/AuthenticationController.cs +++ b/src/Server/Controllers/AuthenticationController.cs @@ -6,7 +6,6 @@ using Auth.DTO; using System.Web.Http; using System.IdentityModel.Tokens.Jwt; using Microsoft.IdentityModel.Tokens; -using System.Text; using System.Security.Claims; namespace Auth.Controllers { @@ -51,7 +50,7 @@ namespace Auth.Controllers { await _databaseService.SetAccount(test); string jwt = AuthJWT.GenereateJWTToken(test, request.StayLoggedIn); - AuthJWT.SignIn(Response, request.StayLoggedIn, jwt); + SignIn(Response, request.StayLoggedIn, jwt); return Ok(test); } @@ -75,68 +74,11 @@ namespace Auth.Controllers { } } - [Route("jwtlogin")] - [HttpPost] - public async Task Authenticate([FromBody] LoginRequest request) { - try { - Account? test = await _databaseService.GetAccount(request.UserName.ToLower()); - if (test != null) { - if (test.EmailVerified == true) { - if (test.FailedPasswordLock) { - if (test.CurrentPasswordAttempts >= test.PasswordAttempts) { - return BadRequest("Too many failed password attempts. Please reset your password"); - } - } - if (BCrypt.Net.BCrypt.Verify(request.Password, test.PasswordHash)) { - test.CurrentPasswordAttempts = 0; - await _databaseService.SetAccount(test); - - return Ok(AuthJWT.GenereateJWTToken(test, request.StayLoggedIn)); - } else { - test.CurrentPasswordAttempts += 1; - await _databaseService.SetAccount(test); - return BadRequest("Wrong Password"); - } - } else { - await SendVerify(new SendVerifyEmailRequest { - UserName = test.UserName - }); - return BadRequest("A new verify email has been sent. \n Note only 1 email send every 5 mintes"); - } - } - return BadRequest("Account Not Found"); - } catch (Exception ex) { - Console.WriteLine("Login Error: " + ex.Message); - return BadRequest("An internal server error has occured"); - } - } - - [Route("jwttryrenew")] - [HttpPost] - public IActionResult Refresh([FromBody] JWTRenewRequest request){ - try { - JwtSecurityTokenHandler handler = new JwtSecurityTokenHandler(); - ClaimsPrincipal claimsPrincipal = handler.ValidateToken(request.Token, AuthJWT.TokenParameters, out var validatedToken); - JwtSecurityToken jwt = (JwtSecurityToken)validatedToken; - if (jwt != null) { - if (jwt.ValidTo - DateTime.UtcNow < TimeSpan.FromDays(1)) { - var newJwt = AuthJWT.RenewJWTToken(claimsPrincipal); - return Ok(newJwt); - } - return BadRequest("Not ready to renew"); - } - return BadRequest("Malformed Token"); - } - catch (SecurityTokenException ex) { - return Unauthorized($"Token invalid: {ex.Message}"); - } - } - [Route("logout")] [HttpPost] public ActionResult Logout() { if (isLoggedIn()) { - AuthJWT.SignOut(Response); + SignOut(Response); return Ok(); } return BadRequest();