public async Task <ActionResult <TokenResponse> > Post(AuthRequest request)
{
var pHash = Sha256Manager.GetHash(Encoding.UTF8.GetBytes(request.Login + request.Password + "6998AD68-8F11-41B2-9627-CBC34C5E68C4"));
var user = await _postgresDbContext.Users.FirstOrDefaultAsync(u => u.Login.Equals(request.Login));
if (user != null)
{
if (!user.Password.SequenceEqual(pHash))
{
return(new ConflictResult());
}
}
else
{
user = new UserEntity
{
Login = request.Login,
Password = pHash,
Role = Roles.User
};
await _postgresDbContext.Users.AddAsync(user);
await _postgresDbContext.SaveChangesAsync();
}
var jwtSettings = new JwtSettings(DateTime.UtcNow);
_configuration.GetSection(nameof(JwtSettings))
.Bind(jwtSettings);
var claims = new[]
{
new Claim(nameof(UserEntity.Id), user.Id.ToString()),
new Claim(ClaimsIdentity.DefaultNameClaimType, user.Login),
new Claim(ClaimsIdentity.DefaultRoleClaimType, user.Role.ToString()),
new Claim(nameof(TokenResponse.Expires), jwtSettings.Expires.ToString())
};
var jwt = new JwtSecurityToken(
jwtSettings.Issuer,
jwtSettings.Audience,
notBefore: jwtSettings.Now.UtcDateTime,
claims: claims,
expires: jwtSettings.Expires.UtcDateTime,
signingCredentials: new SigningCredentials(jwtSettings.GetSymmetricSecurityKey(), SecurityAlgorithms.HmacSha256)
);
var result = new TokenResponse
{
Token = new JwtSecurityTokenHandler().WriteToken(jwt),
Expires = jwtSettings.Expires
};
return(new JsonResult(result));
}
public void ConfigureServices(IServiceCollection services)
{
services.AddServices();
var jwtSettings = new JwtSettings();
Configuration.GetSection("JwtSettings").Bind(jwtSettings);
services.AddAuthentication(JwtBearerDefaults.AuthenticationScheme)
.AddJwtBearer(options =>
{
options.RequireHttpsMetadata = false;
options.TokenValidationParameters = new TokenValidationParameters
{
ValidateIssuer = true,
ValidIssuer = jwtSettings.Issuer,
ValidateAudience = true,
ValidAudience = jwtSettings.Audience,
ValidateLifetime = true,
IssuerSigningKey = jwtSettings.GetSymmetricSecurityKey()
//LifetimeValidator = (before, expires, token, param) => { return expires > DateTime.UtcNow; },
};
});
services.AddMvc(o =>
{
o.MaxModelValidationErrors = 50;
o.ValueProviderFactories.Insert(0, new SnakeCaseValueProviderFactory());
})
.AddJsonOptions(o =>
{
o.SerializerSettings.Formatting = Formatting.Indented;
o.SerializerSettings.DefaultValueHandling = DefaultValueHandling.Include;
o.SerializerSettings.NullValueHandling = NullValueHandling.Ignore;
o.SerializerSettings.ContractResolver = new DefaultContractResolver
{
NamingStrategy = new SnakeCaseNamingStrategy()
};
});
}
public async Task <IActionResult> Token(AuthModel model)
{
var isValid = await ApiProvider.AuthorizeAsync(model, CancellationToken.None);
if (!isValid)
{
return(new UnauthorizedResult());
}
var jwtSettings = new JwtSettings(DateTime.UtcNow);
_configuration.GetSection("JwtSettings").Bind(jwtSettings);
jwtSettings.Claims = GetClaims(model);
var jwt = new JwtSecurityToken(jwtSettings.Issuer, jwtSettings.Audience, notBefore: jwtSettings.Now,
claims: jwtSettings.Claims,
expires: jwtSettings.Expires,
signingCredentials: new SigningCredentials(jwtSettings.GetSymmetricSecurityKey(), SecurityAlgorithms.HmacSha256)
);
var result = new TokenModel
{
Token = new JwtSecurityTokenHandler().WriteToken(jwt),
Expires = jwtSettings.Expires,
Login = model.Login,
Type = model.AuthType
};
return(new JsonResult(result));
}