public async Task <IHttpActionResult> Post([FromBody] UserLoginModel model) { IUserRepository userRepository = _uow.GetRepository <IUserRepository>(); string hash = Md5Tool.CreateUtf8Hash(model.Password); dynamic user = await userRepository.GetQueryable().AsNoTracking().Include(x => x.UserRoles.Select(y => y.Role)).Where(x => x.UserName == model.UserName && x.Password == hash).Select(x => new { x.UserName, Roles = x.UserRoles.Select(y => y.Role.Name) }).FirstOrDefaultAsync(); if (user != null) { string secretKey = ConfigurationManager.AppSettings["SecretKey"]; double tokenExpiration = double.Parse(ConfigurationManager.AppSettings["TokenExpirationMinutes"]); string token = new CustomJwtAuthorizationProvider().GenerateToken(secretKey, user.UserName, user.Roles, tokenExpiration); return(Ok(new { access_token = token, token_type = "bearer", expires_in = TimeSpan.FromMinutes(tokenExpiration).TotalSeconds })); } return(Unauthorized()); }
public override void OnAuthorization(HttpActionContext actionContext) { AuthenticationHeaderValue authRequest = actionContext.Request.Headers.Authorization; if (authRequest != null && authRequest.Scheme.Equals("basic", StringComparison.OrdinalIgnoreCase)) { string token = authRequest.Parameter; if (!string.IsNullOrEmpty(token)) { string decodedToken = Encoding.UTF8.GetString(Convert.FromBase64String(token)); string username = decodedToken.Substring(0, decodedToken.IndexOf(":", StringComparison.Ordinal)); string password = decodedToken.Substring(decodedToken.IndexOf(":", StringComparison.Ordinal) + 1); if (!string.IsNullOrEmpty(username) && !string.IsNullOrEmpty(password)) { IUserRepository userRepository = _uow.GetRepository <IUserRepository>(); string hash = Md5Tool.CreateUtf8Hash(password); dynamic user = userRepository.GetQueryable().AsNoTracking().Include(x => x.UserRoles.Select(y => y.Role)).Where(x => x.UserName == username && x.Password == hash).Select(x => new { x.UserName, Roles = x.UserRoles.Select(y => y.Role.Name) }).FirstOrDefault(); if (user != null) { IList <Claim> claims = new List <Claim> { new Claim(ClaimTypes.Name, user.UserName), new Claim(ClaimTypes.NameIdentifier, user.UserName) }; AuthorizeAttribute authorizeAttribute = actionContext.ActionDescriptor .GetCustomAttributes <AuthorizeAttribute>(true) .FirstOrDefault(); if (authorizeAttribute != null) { string[] roles = authorizeAttribute.Roles.Split(','); foreach (string role in roles) { if (user.Roles.Contains(role)) { claims.Add(new Claim(ClaimTypes.Role, role)); } } } actionContext.RequestContext.Principal = new ClaimsPrincipal(new ClaimsIdentity(claims, "Basic")); } } } } //actionContext.Response = new HttpResponseMessage(HttpStatusCode.Unauthorized); base.OnAuthorization(actionContext); }
public async Task <IHttpActionResult> Register([FromBody] UserRegisterModel model) { IUserRepository userRepository = _uow.GetRepository <IUserRepository>(); User user = new User { UserName = model.UserName, Email = model.Email, Password = Md5Tool.CreateUtf8Hash(model.Password) }; userRepository.Add(user); await _uow.CommitAsync(); return(Ok()); }
public override async Task GrantResourceOwnerCredentials(OAuthGrantResourceOwnerCredentialsContext context) { context.OwinContext.Response.Headers.Add("Access-Control-Allow-Origin", new[] { "*" }); IUserRepository userRepository = _uow.GetRepository <IUserRepository>(); string hash = Md5Tool.CreateUtf8Hash(context.Password); dynamic user = await userRepository.GetQueryable().AsNoTracking().Include(x => x.UserRoles.Select(y => y.Role)).Where(x => x.UserName == context.UserName && x.Password == hash).Select(x => new { x.UserName, Roles = x.UserRoles.Select(y => y.Role.Name) }).FirstOrDefaultAsync(); if (user != null) { ClaimsIdentity identity = new ClaimsIdentity(context.Options.AuthenticationType); //identity.AddClaim(new Claim("sub", user.UserName)); identity.AddClaim(new Claim(ClaimTypes.Name, user.UserName)); identity.AddClaim(new Claim(ClaimTypes.NameIdentifier, user.UserName)); foreach (string role in user.Roles) { identity.AddClaim(new Claim(ClaimTypes.Role, role)); } AuthenticationTicket ticket = new AuthenticationTicket(identity, new AuthenticationProperties { AllowRefresh = true, IsPersistent = true, IssuedUtc = DateTimeOffset.Now, ExpiresUtc = DateTimeOffset.Now.AddMinutes(double.Parse(ConfigurationManager.AppSettings["TokenExpirationMinutes"])) }); context.Validated(ticket); } else { context.Rejected(); //context.SetError("invalid_grant", "The user name or password is incorrect."); } }
public void InitializeDatabase(SchoolExpressDbContext context) { if (!context.Database.Exists()) { return; } IList <AuthorizeAttribute> authorizeAttributes = Assembly.GetExecutingAssembly().GetTypes() .Where(type => typeof(ApiController).IsAssignableFrom(type)) .SelectMany(type => type.GetMethods()) .Where(method => method.IsPublic && method.IsDefined(typeof(AuthorizeAttribute), true)) .Select(m => m.GetCustomAttributes(typeof(AuthorizeAttribute), true).First() as AuthorizeAttribute).ToList(); string[] controllerRoles = authorizeAttributes.Select(a => a.Roles).Distinct().ToArray(); DbSet <User> userDbSet = context.Set <User>(); User user = userDbSet.FirstOrDefault(x => x.UserName == "admin"); if (user == null) { user = new User { UserName = "******", Email = "*****@*****.**", Password = Md5Tool.CreateUtf8Hash("admin123") }; userDbSet.Add(user); context.SaveChanges(); } DbSet <Role> roleDbSet = context.Set <Role>(); DbSet <UserRole> userRoleDbSet = context.Set <UserRole>(); string[] existingRoles = userRoleDbSet.AsNoTracking().Include(x => x.Role).Where(x => x.UserId == user.Id).Select(x => x.Role.Name).ToArray(); foreach (string roleName in controllerRoles) { bool exist = false; Role role = new Role { Name = roleName }; foreach (string existingRole in existingRoles) { if (existingRole == roleName) { exist = true; break; } } if (!exist) { roleDbSet.Add(role); context.SaveChanges(); context.Entry(role).State = EntityState.Detached; } if (!existingRoles.Contains(roleName)) { //int roleId = roleDbSet.AsNoTracking().Where(x => x.Name == roleName).Select(x => x.Id).First(); UserRole userRole = new UserRole { UserId = user.Id, RoleId = role.Id }; userRoleDbSet.Add(userRole); context.SaveChanges(); context.Entry(userRole).State = EntityState.Detached; } } foreach (string existingRoleName in existingRoles) { bool exist = false; foreach (string roleName in controllerRoles) { if (existingRoleName == roleName) { exist = true; break; } } if (!exist) { Role role = roleDbSet.AsNoTracking().FirstOrDefault(x => x.Name == existingRoleName); if (role != null) { UserRole userRole = new UserRole { UserId = user.Id, RoleId = role.Id }; userRoleDbSet.Attach(userRole); userRoleDbSet.Remove(userRole); context.SaveChanges(); context.Entry(userRole).State = EntityState.Detached; roleDbSet.Attach(role); roleDbSet.Remove(role); context.SaveChanges(); context.Entry(role).State = EntityState.Detached; } } } }