public async void SignIn(HttpContext httpContext, UserRolesClaims profile, bool isPersistent)
{
ClaimsIdentity identity = new ClaimsIdentity(GetUserClaims(profile),
CookieAuthenticationDefaults.AuthenticationScheme);
ClaimsPrincipal principal = new ClaimsPrincipal(identity);
await httpContext.SignInAsync(CookieAuthenticationDefaults.AuthenticationScheme,
principal,
new AuthenticationProperties
{
AllowRefresh = true,
IsPersistent = isPersistent
});
}
private IEnumerable <Claim> GetUserClaims(UserRolesClaims user)
{
List <Claim> claims = new List <Claim>();
claims.Add(new Claim(BlogClaimTypes.UserType, user.User.UserType ?? ""));
claims.Add(new Claim(BlogClaimTypes.Id, user.User.Id.ToString()));
claims.Add(new Claim(BlogClaimTypes.SupervisorId,
string.IsNullOrEmpty(user.User.SupervisorId) ? user.User.Id.ToString() : user.User.SupervisorId.ToString()));
claims.Add(new Claim(BlogClaimTypes.GroupEmails, string.Join(",", user.GroupEmails)));
claims.Add(new Claim(BlogClaimTypes.FullName, $"{user.User.FirstName} {user.User.LastName}"));
claims.Add(new Claim(ClaimTypes.Name, user.User.UserName));
claims.Add(new Claim(ClaimTypes.Email, user.User.Email));
claims.Add(new Claim(ClaimTypes.NameIdentifier, user.User.Email));
claims.AddRange(GetUserRoleClaims(user));
return(claims);
}
private IEnumerable <Claim> GetUserRoleClaims(UserRolesClaims user)
{
List <Claim> claims = new List <Claim>();
foreach (var c in user.UserClaims)
{
claims.Add(new Claim(c.ClaimType, c.ClaimValue));
}
foreach (var r in user.Roles)
{
foreach (var c in r.Claims)
{
claims.Add(new Claim(ClaimTypes.Role, c));
}
}
return(claims);
}
private UserRolesClaims GetProfile(BlogUser user)
{
var profile = new UserRolesClaims();
var userRoles = _context.UserRoles.Where(x => x.UserId == user.Id).Select(x => x.RoleId);
var roles = (from role in _context.Roles
where userRoles.Contains(role.Id)
join claim in _context.RoleClaims on role.Id equals claim.RoleId into RoleClaims
from rc in RoleClaims.DefaultIfEmpty()
select new
{
Role = role,
Claims = rc
}).ToLookup(x => x.Role)
.Select(x => new { Role = x.Key, Claims = x.Select(c => c.Claims).Where(c => c != null).ToList() });
var userClaims = _context.UserClaims.Where(x => x.UserId == user.Id);
var groupUserEmails = _context.Users.Where(x =>
user.SupervisorId == null ?
x.SupervisorId == user.Id :
(x.SupervisorId == user.SupervisorId || x.Id == user.SupervisorId) && x.Id != user.Id).Select(x => x.Email);
var roleClaims = new List <RoleClaims>();
foreach (var r in roles)
{
var roleClaim = new RoleClaims();
roleClaim.Role = _mapper.Map <Role>(r.Role);
roleClaim.Claims = r.Claims.Select(x => x.ClaimValue);
roleClaims.Add(roleClaim);
}
profile.User = _mapper.Map <User>(user);
profile.UserClaims = _mapper.Map <IEnumerable <UserClaim> >(userClaims);
profile.Roles = roleClaims;
profile.GroupEmails = groupUserEmails;
return(profile);
}
public UserRolesClaims GetProfile(string email, string password)
{
var profile = new UserRolesClaims();
var user = _context.Users.FirstOrDefault(x => x.Email == email);
_context.Entry(user).State = Microsoft.EntityFrameworkCore.EntityState.Detached;
if (user != null)
{
var verifyPass = _passwordHasher.VerifyHashedPassword(user, user.PasswordHash, password);
if (verifyPass == PasswordVerificationResult.Success)
{
profile = GetProfile(user);
}
else
{
profile.Error = "Password was wrong";
}
return(profile);
}
profile.Error = "The email is not exist";
return(profile);
}
