public string GetToken(string username, string password)
{
var common = new Common();
var passwordResult = common.Decript(password, key);
var passwordSHA256 = common.GenerateSHA256(passwordResult);
var user = db.User.FirstOrDefault(x => x.Username == username &&
x.Password == passwordSHA256);
if (user == null)
{
return("Credenciales no validas !!!!");
}
var roles = db.UsersInRoles.Where(x => x.User.UserId == user.UserId)
.Select(x => x.Role.Name).ToArray();
var token = new TokenSecurityModel
{
DisplayName = string.Concat("Mr ", user.Username),
Expiration = DateTime.Now.AddMinutes(1),
Username = username,
Roles = roles,
id = Guid.NewGuid()
};
var tokenString = JsonConvert.SerializeObject(token);
var tokenBytes = Encoding.UTF8.GetBytes(common.Encrypt(tokenString, key));
return(Convert.ToBase64String(tokenBytes));
}
public TokenSecurityModel ValidateToken()
{
var requestToken = "R1lXbnJmTit5QTFITGdVWmJTUnRwMUFCTTVMWHVGNzAwTkZoUHZFVi9lNTRiME9BZFgxWi9JUVF5eXpsL0YrK3Q4U00vU1V2YUdzVEs4c25VVVlsYVZtcmRzRmxPZ0c1NXZTYUR0NWdDYkRCUXRhY3g1Ty95dWUyV2F2bnQvVTJ6eUx4QytwY2NzNURXeHFNb0JpL1FUMkZObHREZC9yYkRyUEdsb2dZVzkyNGR6TW11V2o5MVhRVSswV2VKU1M2YU9Mb0xEREM3emVYSXoxVVAvdWNFeERCdDQ1VEVNZlRGRDhrN3k5MTcycEVUdmY5cWdKdEhuUERHTjMrdVhheQ=="; //HttpContext.Current.Request["__TOKEN_SECURITY__"];
if (string.IsNullOrEmpty(requestToken))
{
throw new Exception("Token invalido");
}
byte[] tokenBytes = Convert.FromBase64String(requestToken);
string tokenUTF8 = Encoding.UTF8.GetString(tokenBytes);
string tokenJSON = new Common().Decript(tokenUTF8, key);
TokenSecurityModel tokenSecurityModel = JsonConvert.DeserializeObject <TokenSecurityModel>(tokenJSON);
if (tokenSecurityModel == null)
{
throw new Exception("Token invalido");
}
if (tokenSecurityModel.Expiration <= DateTime.Now)
{
throw new Exception("Token expirado");
}
return(tokenSecurityModel);
}
/// <summary>
/// Permite realizar la validación del token
/// </summary>
/// <returns></returns>
public TokenSecurityModel ValidateToken()
{
var requestToken = HttpContext.Current.Request.Headers["__TOKEN_SECURITY__"];
if (string.IsNullOrEmpty(requestToken))
{
throw new Exception("Token Invalido");
}
//Obtiene los bytes desde el base64 generado en el token
byte[] TokenBytes = Convert.FromBase64String(requestToken);
//obtengo la codificación UTF8 del token
string TokenUTF8Hash = Encoding.UTF8.GetString(TokenBytes);
//se obtiene el Json de la codificación
string tokenJSON = new Common().Decrypt(TokenUTF8Hash, key);
//se obtiene el TOKEN
TokenSecurityModel tokenSecurityModel =
JsonConvert.DeserializeObject <TokenSecurityModel>(tokenJSON);
if (tokenSecurityModel == null)
{
throw new Exception("Token Invalido");
}
if (tokenSecurityModel.Expiration <= DateTime.Now)
{
throw new Exception("Token Expirado");
}
//se obtiene el token con la información genrada
return(tokenSecurityModel);
}
/// <summary>
/// Creates the user.
/// </summary>
/// <param name="username">The username.</param>
/// <param name="password">The password.</param>
/// <returns></returns>
public ResponseModel CreateUser(string username, string password)
{
try
{
if (string.IsNullOrWhiteSpace(username))
{
throw new ArgumentNullException("username");
}
if (string.IsNullOrWhiteSpace(password))
{
throw new ArgumentNullException("password");
}
TokenSecurityModel token = ValidateToken();
if (!token.Roles.Any(x => x == "admin"))
{
throw new Exception("No tiene permisos");
}
//Validar que no exista el usuario,
if (db.User.Any(x => x.Username == username))
{
return new ResponseModel {
Message = "Usuario Existente"
}
}
;
//El parámetro password llega encryptado con el algoritmo Rindjael
var common = new Common();
var passwordResult = common.Decrypt(password, key);
var passwordSHA256 = common.GenerateSHA256(passwordResult);
db.User.Add(new User
{
DateCreate = DateTime.Now,
DateUpdate = DateTime.Now,
FailedAttempts = 0,
Username = username,
Password = passwordSHA256,
UserId = Guid.NewGuid()
});
db.SaveChanges();
return(new ResponseModel {
Message = "Usuario agregado con exito"
});
}
catch (Exception ex)
{
return(new ResponseModel {
Message = ex.Message, Exception = ex, IsError = true
});
}
}
public string GetToken(string username, string password)
{
var common = new Common();
var passwordResult = common.Decrypt(password, key);
var passwordSHA256 = common.GenerateSHA256(passwordResult);
var user = db.User.FirstOrDefault(x => x.Username == username && x.Password == passwordSHA256);
if (user == null)
{
return("Credenciales no validas");
}
//Obtener los nombre de los roles autorizados por el usuario
var roles = db.UsersInRoles.Where(x => x.User.UserId == user.UserId)
.Select(x => x.Role.Name).ToArray();
//se establece la entidad del token con un tiempo de expiración fijo de 1 minuto
var token = new TokenSecurityModel
{
DisplayName = string.Concat("Mr ", user.Username),
Expiration = DateTime.Now.AddHours(1),
Username = user.Username,
Roles = roles,
id = Guid.NewGuid()
};
#region Comments
//Se serializa a formato JSON (Javascript Serialization Object Notation) el token
/*
* {
* 'DisplayName': 'Mr svargas',
* 'Expiration' : '1246843218798654', // UTC del Fecha y Hora
* 'Username': '******'
* 'Roles': [{'admin', 'sadmin', 'operador'}]
* }
*/
#endregion
var tokenString = JsonConvert.SerializeObject(token);
//Se cifra y se codifica a UTF 8 el resultado obteniendo los bytes de la codificación
var tokenBytes = Encoding.UTF8.GetBytes(common.Encrypt(tokenString, key));
//Se retorna la codificación a Base64 para su transporte por HTTP
return(Convert.ToBase64String(tokenBytes));
}
