public async Task Invoke(HttpContext context, IPermissionsCache permissionsCache, IAuthRepository authRepo)
{
string serial = context.Request.Headers[BeepClaimTypes.PermissionsSerial];
int environmentId = Convert.ToInt32(context.Request.Headers[BeepClaimTypes.EnvironmentId]);
int userId = Convert.ToInt32(context.User.FindFirst(ClaimTypes.NameIdentifier)?.Value);
if (!string.IsNullOrEmpty(serial) && serial.ToLower() != "updating" &&
environmentId > 0 && userId > 0)
{
PermissionsChacheResult chacheResult = permissionsCache.SerialsMatch(userId, environmentId, serial);
switch (chacheResult)
{
case PermissionsChacheResult.DoNotMatch:
context.Response.AddCustomHeader("permissions_changed", "true");
break;
case PermissionsChacheResult.NotCached:
IEnumerable <Permission> userPermissions = authRepo.GetAllUserPermissions(userId).Result;
permissionsCache.AddEntriesForUser(userId, userPermissions);
break;
}
}
await _next(context);
}
public async Task <IActionResult> Login(UserForLoginDto user)
{
User userFromRepo = await _userManager.FindByNameAsync(user.Username);
if (userFromRepo == null)
{
return(Unauthorized());
}
SignInResult signInResult = await _signInManager.CheckPasswordSignInAsync(userFromRepo, user.Password, false);
if (!signInResult.Succeeded)
{
return(Unauthorized(EvalLoginFailedReason(signInResult)));
}
var mappedUser = _mapper.Map <UserForTokenDto>(userFromRepo);
var defaultPermission = await _authRepo.GetDefaultPermissions(userFromRepo.Id);
var settings = await GetUserSettings(userFromRepo.Id, user.Cameras);
_permissionsCache.AddEntriesForUser(userFromRepo.Id,
await _authRepo.GetAllUserPermissions(userFromRepo.Id));
string refreshToken = await CreateRefreshToken(userFromRepo.Id);
return(Ok(new
{
identityToken = await CreateIdentityToken(userFromRepo, _tokenLifeTime),
permissionsToken = BuildPermissionToken(defaultPermission, _tokenLifeTime),
refreshToken,
mappedUser,
settings
}));
}
public async Task <IActionResult> Login(UserForLoginDto user)
{
var tokenLifeTimeSeconds = Convert.ToInt32(_appSettings["TokenLifeTime"]);
User userFromRepo = await _userManager.FindByNameAsync(user.Username);
if (userFromRepo == null)
{
return(Unauthorized());
}
SignInResult signInResult = await _signInManager.CheckPasswordSignInAsync(userFromRepo, user.Password, false);
if (!signInResult.Succeeded)
{
return(Unauthorized(new { signInResult.IsLockedOut, signInResult.IsNotAllowed }));
}
var mappedUser = _mapper.Map <UserForTokenDto>(userFromRepo);
List <Claim> identityClaims = await BuildIdentityClaims(userFromRepo);
var defaultPermission = await _authRepo.GetDefaultPermissions(userFromRepo.Id);
List <Claim> permissionClaims = BuildPermissionClaims(defaultPermission);
var settings = await GetSettings(userFromRepo.Id, user.Cameras);
_permissionsCache.AddEntriesForUser(userFromRepo.Id,
await _authRepo.GetAllUserPermissions(userFromRepo.Id));
return(Ok(new
{
identityToken = JwtHelper.CreateToken(identityClaims.ToArray(), _tokenSecretKey, DateTime.Now.AddSeconds(tokenLifeTimeSeconds)),
permissionsToken = JwtHelper.CreateToken(permissionClaims.ToArray(), _tokenSecretKey, DateTime.Now.AddSeconds(tokenLifeTimeSeconds)),
mappedUser,
settings
}));
}
public override Task TokenValidated(TokenValidatedContext context)
{
string serial = context.Request.Headers["PermissionsSerial"];
int environmentId = Convert.ToInt32(context.Request.Headers["EnvironmentId"]);
int userId = Convert.ToInt32(context.Principal.FindFirst(ClaimTypes.NameIdentifier).Value);
PermissionsChacheResult chacheResult = _cache.SerialsMatch(userId, environmentId, serial);
if (chacheResult == PermissionsChacheResult.NotCached)
{
IEnumerable <Permission> userPermissions = _authRepo.GetAllUserPermissions(userId).Result;
_cache.AddEntriesForUser(userId, userPermissions);
}
return(Task.CompletedTask);
}
public async Task <IActionResult> Login(UserForLoginDto user)
{
User userFromRepo = await _userManager.FindByNameAsync(user.Username);
if (userFromRepo == null)
{
return(Unauthorized());
}
SignInResult signInResult = await _signInManager.CheckPasswordSignInAsync(userFromRepo, user.Password, false);
if (!signInResult.Succeeded)
{
return(Unauthorized(new { signInResult.IsLockedOut, signInResult.IsNotAllowed }));
}
var mappedUser = _mapper.Map <UserForTokenDto>(userFromRepo);
var identityClaims = new List <Claim>()
{
new Claim(ClaimTypes.NameIdentifier, userFromRepo.Id.ToString()),
new Claim(ClaimTypes.Name, userFromRepo.UserName)
};
IList <string> roles = await _userManager.GetRolesAsync(userFromRepo);
identityClaims.AddRange(roles.Select(r => new Claim(ClaimTypes.Role, r)));
var defaultPermission = await _authRepo.GetDefaultPermissions(userFromRepo.Id);
List <Claim> permissionClaims = BuildPermissionClaims(defaultPermission);
var settings = await GetSettings(userFromRepo.Id, user.Cameras);
_permissionsCache.AddEntriesForUser(userFromRepo.Id,
await _authRepo.GetAllUserPermissions(userFromRepo.Id));
return(Ok(new
{
identityToken = JwtHelper.CreateToken(identityClaims.ToArray(), _tokenSecretKey, DateTime.Now.AddSeconds(_tokenLifeTimeSeconds)),
permissionsToken = JwtHelper.CreateToken(permissionClaims.ToArray(), _tokenSecretKey, DateTime.Now.AddSeconds(_tokenLifeTimeSeconds)),
mappedUser,
settings
}));
}