protected string BuildJwtToken(SecurityUserAuth authUser)
        {
            SymmetricSecurityKey key = new SymmetricSecurityKey(
                Encoding.UTF8.GetBytes(_settings.Key));

            // Create standard JWT claims
            List <System.Security.Claims.Claim> jwtClaims = new List <System.Security.Claims.Claim>
            {
                new System.Security.Claims.Claim(JwtRegisteredClaimNames.Sub, authUser.UserName),
                new System.Security.Claims.Claim(JwtRegisteredClaimNames.Jti, Guid.NewGuid().ToString())
            };

            // Add custom claims
            foreach (var claim in authUser.Claims)
            {
                jwtClaims.Add(new System.Security.Claims.Claim(claim.ClaimType, claim.ClaimValue));
            }

            // Create the JwtSecurityToken object
            var token = new JwtSecurityToken(
                issuer: _settings.Issuer,
                audience: _settings.Audience,
                claims: jwtClaims,
                notBefore: DateTime.UtcNow,
                expires: DateTime.UtcNow.AddMinutes(
                    _settings.MinutesToExpiration),
                signingCredentials: new SigningCredentials(key,
                                                           SecurityAlgorithms.HmacSha256)
                );

            // Create a string representation of the Jwt token
            return(new JwtSecurityTokenHandler().WriteToken(token));;
        }
        public SecurityUserAuth ValidateUser(User user)
        {
            SecurityUserAuth ret      = new SecurityUserAuth();
            User             authUser = null;

            using (var db = new BTAContext())
            {
                // Attempt to validate user
                authUser = db.User.FirstOrDefault(u => u.UserName.ToLower() == user.UserName.ToLower() && u.Password == user.Password);
                if (authUser != null)
                {
                    db.Entry(authUser).Collection(x => x.UserClaim).Load();
                    foreach (var uc in authUser.UserClaim)
                    {
                        db.Entry(uc).Reference(x => x.Claim).Load();
                    }
                }
            }

            if (authUser != null)
            {
                // Build User Security Object
                ret = BuildUserAuthObject(authUser);
            }

            return(ret);
        }
Beispiel #3
0
        public IActionResult Login([FromBody] User user)
        {
            IActionResult    ret  = null;
            SecurityUserAuth auth = new SecurityUserAuth();
            SecurityManager  mgr  = new SecurityManager(_settings, DatabasePath);

            auth = mgr.ValidateUser(user);
            if (auth.IsAuthenticated)
            {
                ret = StatusCode(StatusCodes.Status200OK, auth);
            }
            else
            {
                ret = StatusCode(StatusCodes.Status404NotFound, "Invalid User Name/Password.");
            }

            return(ret);
        }
        protected SecurityUserAuth BuildUserAuthObject(User authUser)
        {
            SecurityUserAuth ret    = new SecurityUserAuth();
            List <UserClaim> claims = new List <UserClaim>();

            // Set User Properties
            ret.UserName        = authUser.UserName;
            ret.IsAuthenticated = true;
            ret.BearerToken     = new Guid().ToString();

            // Get all claims for this user
            ret.Claims = authUser.UserClaim.Select(x => new ClaimViewModel()
            {
                ClaimId = x.ClaimId, ClaimType = x.Claim.ClaimType, ClaimValue = x.Claim.ClaimValue
            }).ToList();

            // Set JWT bearer token
            ret.BearerToken = BuildJwtToken(ret);

            return(ret);
        }