public JwtSecurityToken GenerateAccessToken(CapstoneUser user)
{
List <Claim> claims = new List <Claim>
{
new Claim(JwtRegisteredClaimNames.Sub, user.UserName),
new Claim(JwtRegisteredClaimNames.Jti, Guid.NewGuid().ToString()),
new Claim(JwtRegisteredClaimNames.Iat, DateTime.UtcNow.ToString()),
new Claim(ClaimTypes.Name, user.Id.ToString()),
new Claim(ClaimTypes.NameIdentifier, user.Id.ToString())
};
if (user.Admin)
{
claims.Add(new Claim(ClaimTypes.Role, "Admin"));
}
else
{
claims.Add(new Claim(ClaimTypes.Role, "Student"));
}
SymmetricSecurityKey signingKey = new SymmetricSecurityKey(Encoding.UTF8.GetBytes(_configuration.GetValue <string>("SecurityKey")));
JwtSecurityToken token = new JwtSecurityToken(
issuer: "https://CapstonePortal.com",
audience: "https://CapstonePortal.com",
expires: DateTime.UtcNow.AddMinutes(30),
claims: claims,
signingCredentials: new SigningCredentials(signingKey, SecurityAlgorithms.HmacSha256)
);
return(token);
}
public async Task <IActionResult> Login([FromBody][Required] LoginUser loginUser)
{
if (!ModelState.IsValid)
{
return(BadRequest(ModelState));
}
CapstoneUser user = await _userManager.FindByNameAsync(loginUser.UserName);
if (user == null)
{
return(BadRequest("User not found"));
}
bool result = await _userManager.CheckPasswordAsync(user, loginUser.Password);
if (!result)
{
return(Unauthorized());
}
JwtSecurityToken token = _tokenService.GenerateAccessToken(user);
string refreshToken = _tokenService.GenerateRefreshToken();
user.RefreshToken = refreshToken;
await _userManager.UpdateAsync(user);
return(Ok(new
{
access_token = new JwtSecurityTokenHandler().WriteToken(token),
refresh_token = refreshToken,
expiration = token.ValidTo,
id = user.Id,
roles = token.Claims.Where(c => c.Type == ClaimTypes.Role).Select(c => c.Value).ToList()
}));
}
public async Task <IActionResult> Revoke()
{
CapstoneUser user = await _userManager.FindByIdAsync(User.Identity.Name);
if (user == null)
{
return(BadRequest());
}
user.RefreshToken = null;
await _userManager.UpdateAsync(user);
return(Ok("Revoked"));
}
private async Task LoadAsync(CapstoneUser user)
{
var userName = await _userManager.GetUserNameAsync(user);
var phoneNumber = await _userManager.GetPhoneNumberAsync(user);
Username = userName;
Input = new InputModel
{
PhoneNumber = phoneNumber
};
}
public async Task <IActionResult> OnPostAsync(string returnUrl = null)
{
returnUrl = returnUrl ?? Url.Content("~/");
ExternalLogins = (await _signInManager.GetExternalAuthenticationSchemesAsync()).ToList();
if (ModelState.IsValid)
{
var user = new CapstoneUser {
UserName = Input.Email, Email = Input.Email
};
user.AuthoredItems = new Author {
Id = user.Id, Name = Input.UserName
};
var result = await _userManager.CreateAsync(user, Input.Password);
if (result.Succeeded)
{
_logger.LogInformation("User created a new account with password.");
await _userManager.AddToRoleAsync(user, "stdUser");
var code = await _userManager.GenerateEmailConfirmationTokenAsync(user);
code = WebEncoders.Base64UrlEncode(Encoding.UTF8.GetBytes(code));
var callbackUrl = Url.Page(
"/Account/ConfirmEmail",
pageHandler: null,
values: new { area = "Identity", userId = user.Id, code = code, returnUrl = returnUrl },
protocol: Request.Scheme);
await _emailSender.SendEmailAsync(Input.Email, "Confirm your email",
$"Please confirm your account by <a href='{HtmlEncoder.Default.Encode(callbackUrl)}'>clicking here</a>.");
if (_userManager.Options.SignIn.RequireConfirmedAccount)
{
return(RedirectToPage("RegisterConfirmation", new { email = Input.Email, returnUrl = returnUrl }));
}
else
{
await _signInManager.SignInAsync(user, isPersistent : false);
return(LocalRedirect(returnUrl));
}
}
foreach (var error in result.Errors)
{
ModelState.AddModelError(string.Empty, error.Description);
}
}
// If we got this far, something failed, redisplay form
return(Page());
}
public async Task <IActionResult> Register([FromBody][Required] RegisterUser registerUser)
{
if (registerUser.Admin)
{
ModelState.Remove("Program");
}
if (!ModelState.IsValid)
{
return(BadRequest(ModelState));
}
if (_userManager.Users.Any(u => u.UserName == registerUser.UserName))
{
return(BadRequest("Username not available"));
}
if (_userManager.Users.Any(u => u.Email == registerUser.Email))
{
return(BadRequest("E-mail not available"));
}
CapstoneUser user = new CapstoneUser {
UserName = registerUser.UserName, Admin = registerUser.Admin, Email = registerUser.Email
};
IdentityResult result = await _userManager.CreateAsync(user, registerUser.Password);
if (result.Succeeded)
{
if (!registerUser.Admin)
{
await _studentService.CreateAsync(new Student { User = user, FirstName = registerUser.FirstName, LastName = registerUser.LastName, Program = registerUser.Program });
}
return(Ok(new
{
id = user.Id
}));
}
else
{
foreach (IdentityError error in result.Errors)
{
ModelState.AddModelError("User Create Error", error.Description);
}
return(BadRequest(ModelState));
}
}
public async Task <IActionResult> DeleteStudent([FromRoute] int studentId)
{
if (!ModelState.IsValid)
{
return(BadRequest(ModelState));
}
Student student = await _studentService.GetByIdAsync(studentId);
CapstoneUser user = student.User;
if (student == null)
{
return(BadRequest("Student not found"));
}
await _studentService.DeleteAsync(student);
await _userManager.DeleteAsync(user);
return(Ok());
}
public async Task <IActionResult> Refresh([FromBody][Required] RefreshToken tokens)
{
if (!ModelState.IsValid)
{
return(BadRequest(ModelState));
}
ClaimsPrincipal principal = new ClaimsPrincipal();
//To prevent 500, in case a non-JWT string is provided in access_token
try
{
principal = _tokenService.GetPrincipalFromExpiredToken(tokens.Access_Token);
}
catch
{
return(Unauthorized());
}
string userid = principal.Identity.Name;
CapstoneUser user = await _userManager.FindByIdAsync(userid);
if (user == null || user.RefreshToken != tokens.Refresh_Token)
{
return(Unauthorized());
}
JwtSecurityToken newToken = _tokenService.GenerateAccessToken(user);
string newRefreshToken = _tokenService.GenerateRefreshToken();
user.RefreshToken = newRefreshToken;
await _userManager.UpdateAsync(user);
return(Ok(new
{
access_token = new JwtSecurityTokenHandler().WriteToken(newToken),
refresh_token = newRefreshToken,
expiration = newToken.ValidTo,
id = user.Id,
roles = newToken.Claims.Where(c => c.Type == ClaimTypes.Role).Select(c => c.Value).ToList()
}));
}
public static void Main(string[] args)
{
IHost host = CreateHostBuilder(args).Build();
IServiceProvider sp = host.Services.CreateScope().ServiceProvider;
using (CapstoneDBContext Context = sp.GetServices <CapstoneDBContext>().First())
{
Context.Database.Migrate();
UserManager <CapstoneUser> userManager =
sp.GetService(typeof(UserManager <CapstoneUser>)) as UserManager <CapstoneUser>;
RoleManager <CapstoneRole> roleManager =
sp.GetService(typeof(RoleManager <CapstoneRole>)) as RoleManager <CapstoneRole>;
IConfiguration configuration = ((IConfiguration)sp.GetService(typeof(IConfiguration)));
//string s = configuration.GetSection("Role").Value;
List <string> emailsList = new List <string>();
for (int i = 0; configuration.GetSection($"Email{i}").Value != null; i++)
{
emailsList.Add(configuration.GetSection($"Email{i}").Value);
}
List <string> rolesList = new List <string>();
for (int i = 0; configuration.GetSection($"Role{i}").Value != null; i++)
{
rolesList.Add(configuration.GetSection($"Role{i}").Value);
}
if (roleManager.Roles.Count() == 0)
{
foreach (string s in rolesList)
{
CapstoneRole role = new CapstoneRole(s);
roleManager.CreateAsync(role).GetAwaiter().GetResult();
}
}
if (userManager.Users.Count() == 0)
{
for (int i = 0; configuration.GetSection($"Email{i}").Value != null; i++)
{
string email = configuration.GetSection($"Email{i}").Value;
CapstoneUser user = new CapstoneUser(email);
user.Email = email;
Author author = new Author {
Id = user.Id, Name = email
};
user.AuthoredItems = author;
user.EmailConfirmed = true;
userManager.CreateAsync(user, configuration.GetSection("DefaultPass").Value).GetAwaiter().GetResult();
}
}
if (userManager.Users.Count() == 3 && roleManager.Roles.Count() == 3)
{
userManager.AddToRolesAsync(userManager.Users.ToList()[0], rolesList).GetAwaiter().GetResult();
rolesList.Remove("Admin");
userManager.AddToRolesAsync(userManager.Users.ToList()[1], rolesList).GetAwaiter().GetResult();
rolesList.Remove("Moderator");
userManager.AddToRolesAsync(userManager.Users.ToList()[2], rolesList).GetAwaiter().GetResult();
}
}
host.Run();
}
