private IServiceCollection TokenConfigurations(IServiceCollection services) { services.AddTransient <LoginService>(); var signingConfigurations = new SigningConfigurationsExtensions(); services.AddSingleton(signingConfigurations); var tokenConfigurations = new TokenConfigurationExtentions(); new ConfigureFromConfigurationOptions <TokenConfigurationExtentions>( Configuration.GetSection("TokenConfigurations")) .Configure(tokenConfigurations); services.AddSingleton(tokenConfigurations); services.AddAuthentication(authOptions => { authOptions.DefaultAuthenticateScheme = JwtBearerDefaults.AuthenticationScheme; authOptions.DefaultChallengeScheme = JwtBearerDefaults.AuthenticationScheme; }).AddJwtBearer(bearerOptions => { var paramsValidation = bearerOptions.TokenValidationParameters; paramsValidation.IssuerSigningKey = signingConfigurations.Key; paramsValidation.ValidAudience = tokenConfigurations.Audience; paramsValidation.ValidIssuer = tokenConfigurations.Issuer; paramsValidation.ValidateIssuerSigningKey = true; paramsValidation.ValidateLifetime = true; paramsValidation.ClockSkew = TimeSpan.Zero; }); // Ativa o uso do token como forma de autorizar o acesso // a recursos deste projeto services.AddAuthorization(auth => { auth.AddPolicy("Bearer", new AuthorizationPolicyBuilder() .AddAuthenticationSchemes(JwtBearerDefaults.AuthenticationScheme) .RequireAuthenticatedUser().Build()); }); services.AddCors(option => option.AddPolicy("Bearer", build => { build .AllowAnyOrigin() .AllowCredentials() .AllowAnyMethod() .AllowAnyHeader(); })); return(services); }
public object DoLogin( [FromBody] LoginModel userLogin, [FromServices] LoginService login, [FromServices] SigningConfigurationsExtensions signingConfigurations, [FromServices] TokenConfigurationExtentions tokenConfigurations) { bool credenciaisValidas = false; apiCredential = new ApiCredential(); if (userLogin == null || userLogin.Email == null) { apiCredential.authenticated = false; apiCredential.message = "User not found"; return(apiCredential); } var user = _userManager.FindByEmailAsync(userLogin.Email).Result; if (user == null) { apiCredential.authenticated = false; apiCredential.message = "User not found"; return(apiCredential); } apiCredential = login.Find(user, userLogin, $"{user.Prenom} {user.Nom}"); credenciaisValidas = (apiCredential != null); if (credenciaisValidas) { ClaimsIdentity identity = new ClaimsIdentity( new GenericIdentity(userLogin.Email, "Login"), new[] { new Claim(JwtRegisteredClaimNames.Jti, Guid.NewGuid().ToString("N")), new Claim(JwtRegisteredClaimNames.UniqueName, userLogin.Email) } ); DateTime dataCriacao = DateTime.Now; DateTime dataExpiracao = dataCriacao + TimeSpan.FromDays(10); var handler = new JwtSecurityTokenHandler(); var securityToken = handler.CreateToken(new SecurityTokenDescriptor { Issuer = tokenConfigurations.Issuer, Audience = tokenConfigurations.Audience, SigningCredentials = signingConfigurations.SigningCredentials, Subject = identity, NotBefore = dataCriacao, Expires = dataExpiracao }); var token = handler.WriteToken(securityToken); var approbateurs = _userManager.GetUsersInRoleAsync(_roleManager.FindByNameAsync("Approbateur").Result.Name).Result.ToList(); var conseillers = _userManager.GetUsersInRoleAsync(_roleManager.FindByNameAsync("Conseiller").Result.Name).Result.ToList(); var administrateurs = _userManager.GetUsersInRoleAsync(_roleManager.FindByNameAsync("Administrateur").Result.Name).Result.ToList(); apiCredential.isAdministrateur = administrateurs.Exists(x => x.Id == user.Id); apiCredential.isApprobateur = approbateurs.Exists(x => x.Id == user.Id); apiCredential.isConseiller = conseillers.Exists(x => x.Id == user.Id); apiCredential.userName = userLogin.Email; apiCredential.created = dataCriacao.ToString("yyyy-MM-dd HH:mm:ss"); apiCredential.expiration = dataExpiracao.ToString("yyyy-MM-dd HH:mm:ss"); apiCredential.Token = token; return(apiCredential); } else { apiCredential.authenticated = false; apiCredential.message = "User not found"; return(apiCredential); } }