private ClaimsIdentity GetIdentity(string username, string password)
        {
            AuthData person =
                _context.AuthorizeDatas.FirstOrDefault(ad => ad.Login == username && ad.Password == password);

            if (person == null)
            {
                return(null);
            }

            PeerReviewUser user   = _context.Users.First(u => u.Login == username);
            var            claims = new List <Claim>
            {
                new Claim(ClaimsIdentity.DefaultNameClaimType, user.Id.ToString())
                //TODO: implement role system
                //new Claim(ClaimsIdentity.DefaultRoleClaimType, person.Role.ToString())
            };
            var claimsIdentity =
                new ClaimsIdentity(
                    claims,
                    "Token",
                    ClaimsIdentity.DefaultNameClaimType,
                    ClaimsIdentity.DefaultRoleClaimType);

            return(claimsIdentity);
        }
        public UserToken LogIn(AuthData authData)
        {
            ClaimsIdentity identity = GetIdentity(authData.Login, authData.Password);

            if (identity == null)
            {
                throw new AuthenticationException("Invalid login or password");
            }

            PeerReviewUser user = _context.Users.First(u => u.Login == authData.Login);

            var jwt = new JwtSecurityToken(
                AuthOptions.Issuer,
                AuthOptions.Audience,
                notBefore: DateTime.UtcNow,
                claims: identity.Claims,
                expires: DateTime.UtcNow.Add(TimeSpan.FromMinutes(AuthOptions.Lifetime)),
                signingCredentials: new SigningCredentials(AuthOptions.GetSymmetricSecurityKey(),
                                                           SecurityAlgorithms.HmacSha256));
            string encodedJwt = new JwtSecurityTokenHandler().WriteToken(jwt);

            return(new UserToken
            {
                AccessToken = encodedJwt,
                UserId = user.Id
            });
        }
Example #3
0
        public void Update(PeerReviewUser peerReviewUser, Guid executorId)
        {
            //TODO: check if executorId is admin
            if (peerReviewUser.Id != executorId)
            {
                throw new PermissionDeniedException(executorId, "On PeerReviewUserService.Update");
            }

            //TODO: validate fields
            _context.Users.Update(peerReviewUser);
            _context.SaveChanges();
        }
        public UserToken RegisterMember(RegistrationData data)
        {
            if (IsUsernameAvailable(data.Login) == false)
            {
                throw new DuplicateNameException(data.Login);
            }

            PeerReviewUser peerReviewUser = data.ToUser();

            _context.Users.Add(peerReviewUser);

            var authData = new AuthData {
                Login = data.Login, Password = data.Password
            };

            _context.AuthorizeDatas.Add(authData);
            _context.SaveChanges();

            return(LogIn(authData));
        }
Example #5
0
        public void Update([FromBody] PeerReviewUser peerReviewUser)
        {
            Guid userId = Guid.Parse(User.Identity.Name);

            _peerReviewUserService.Update(peerReviewUser, userId);
        }
Example #6
0
        public void GetUser_NotFound()
        {
            PeerReviewUser user = UserService.Get(Guid.NewGuid());

            Assert.IsNull(user);
        }