public JwtSecurityToken GenerateAccessToken(CapstoneUser user) { List <Claim> claims = new List <Claim> { new Claim(JwtRegisteredClaimNames.Sub, user.UserName), new Claim(JwtRegisteredClaimNames.Jti, Guid.NewGuid().ToString()), new Claim(JwtRegisteredClaimNames.Iat, DateTime.UtcNow.ToString()), new Claim(ClaimTypes.Name, user.Id.ToString()), new Claim(ClaimTypes.NameIdentifier, user.Id.ToString()) }; if (user.Admin) { claims.Add(new Claim(ClaimTypes.Role, "Admin")); } else { claims.Add(new Claim(ClaimTypes.Role, "Student")); } SymmetricSecurityKey signingKey = new SymmetricSecurityKey(Encoding.UTF8.GetBytes(_configuration.GetValue <string>("SecurityKey"))); JwtSecurityToken token = new JwtSecurityToken( issuer: "https://CapstonePortal.com", audience: "https://CapstonePortal.com", expires: DateTime.UtcNow.AddMinutes(30), claims: claims, signingCredentials: new SigningCredentials(signingKey, SecurityAlgorithms.HmacSha256) ); return(token); }
public async Task <IActionResult> Login([FromBody][Required] LoginUser loginUser) { if (!ModelState.IsValid) { return(BadRequest(ModelState)); } CapstoneUser user = await _userManager.FindByNameAsync(loginUser.UserName); if (user == null) { return(BadRequest("User not found")); } bool result = await _userManager.CheckPasswordAsync(user, loginUser.Password); if (!result) { return(Unauthorized()); } JwtSecurityToken token = _tokenService.GenerateAccessToken(user); string refreshToken = _tokenService.GenerateRefreshToken(); user.RefreshToken = refreshToken; await _userManager.UpdateAsync(user); return(Ok(new { access_token = new JwtSecurityTokenHandler().WriteToken(token), refresh_token = refreshToken, expiration = token.ValidTo, id = user.Id, roles = token.Claims.Where(c => c.Type == ClaimTypes.Role).Select(c => c.Value).ToList() })); }
public async Task <IActionResult> Revoke() { CapstoneUser user = await _userManager.FindByIdAsync(User.Identity.Name); if (user == null) { return(BadRequest()); } user.RefreshToken = null; await _userManager.UpdateAsync(user); return(Ok("Revoked")); }
private async Task LoadAsync(CapstoneUser user) { var userName = await _userManager.GetUserNameAsync(user); var phoneNumber = await _userManager.GetPhoneNumberAsync(user); Username = userName; Input = new InputModel { PhoneNumber = phoneNumber }; }
public async Task <IActionResult> OnPostAsync(string returnUrl = null) { returnUrl = returnUrl ?? Url.Content("~/"); ExternalLogins = (await _signInManager.GetExternalAuthenticationSchemesAsync()).ToList(); if (ModelState.IsValid) { var user = new CapstoneUser { UserName = Input.Email, Email = Input.Email }; user.AuthoredItems = new Author { Id = user.Id, Name = Input.UserName }; var result = await _userManager.CreateAsync(user, Input.Password); if (result.Succeeded) { _logger.LogInformation("User created a new account with password."); await _userManager.AddToRoleAsync(user, "stdUser"); var code = await _userManager.GenerateEmailConfirmationTokenAsync(user); code = WebEncoders.Base64UrlEncode(Encoding.UTF8.GetBytes(code)); var callbackUrl = Url.Page( "/Account/ConfirmEmail", pageHandler: null, values: new { area = "Identity", userId = user.Id, code = code, returnUrl = returnUrl }, protocol: Request.Scheme); await _emailSender.SendEmailAsync(Input.Email, "Confirm your email", $"Please confirm your account by <a href='{HtmlEncoder.Default.Encode(callbackUrl)}'>clicking here</a>."); if (_userManager.Options.SignIn.RequireConfirmedAccount) { return(RedirectToPage("RegisterConfirmation", new { email = Input.Email, returnUrl = returnUrl })); } else { await _signInManager.SignInAsync(user, isPersistent : false); return(LocalRedirect(returnUrl)); } } foreach (var error in result.Errors) { ModelState.AddModelError(string.Empty, error.Description); } } // If we got this far, something failed, redisplay form return(Page()); }
public async Task <IActionResult> Register([FromBody][Required] RegisterUser registerUser) { if (registerUser.Admin) { ModelState.Remove("Program"); } if (!ModelState.IsValid) { return(BadRequest(ModelState)); } if (_userManager.Users.Any(u => u.UserName == registerUser.UserName)) { return(BadRequest("Username not available")); } if (_userManager.Users.Any(u => u.Email == registerUser.Email)) { return(BadRequest("E-mail not available")); } CapstoneUser user = new CapstoneUser { UserName = registerUser.UserName, Admin = registerUser.Admin, Email = registerUser.Email }; IdentityResult result = await _userManager.CreateAsync(user, registerUser.Password); if (result.Succeeded) { if (!registerUser.Admin) { await _studentService.CreateAsync(new Student { User = user, FirstName = registerUser.FirstName, LastName = registerUser.LastName, Program = registerUser.Program }); } return(Ok(new { id = user.Id })); } else { foreach (IdentityError error in result.Errors) { ModelState.AddModelError("User Create Error", error.Description); } return(BadRequest(ModelState)); } }
public async Task <IActionResult> DeleteStudent([FromRoute] int studentId) { if (!ModelState.IsValid) { return(BadRequest(ModelState)); } Student student = await _studentService.GetByIdAsync(studentId); CapstoneUser user = student.User; if (student == null) { return(BadRequest("Student not found")); } await _studentService.DeleteAsync(student); await _userManager.DeleteAsync(user); return(Ok()); }
public async Task <IActionResult> Refresh([FromBody][Required] RefreshToken tokens) { if (!ModelState.IsValid) { return(BadRequest(ModelState)); } ClaimsPrincipal principal = new ClaimsPrincipal(); //To prevent 500, in case a non-JWT string is provided in access_token try { principal = _tokenService.GetPrincipalFromExpiredToken(tokens.Access_Token); } catch { return(Unauthorized()); } string userid = principal.Identity.Name; CapstoneUser user = await _userManager.FindByIdAsync(userid); if (user == null || user.RefreshToken != tokens.Refresh_Token) { return(Unauthorized()); } JwtSecurityToken newToken = _tokenService.GenerateAccessToken(user); string newRefreshToken = _tokenService.GenerateRefreshToken(); user.RefreshToken = newRefreshToken; await _userManager.UpdateAsync(user); return(Ok(new { access_token = new JwtSecurityTokenHandler().WriteToken(newToken), refresh_token = newRefreshToken, expiration = newToken.ValidTo, id = user.Id, roles = newToken.Claims.Where(c => c.Type == ClaimTypes.Role).Select(c => c.Value).ToList() })); }
public static void Main(string[] args) { IHost host = CreateHostBuilder(args).Build(); IServiceProvider sp = host.Services.CreateScope().ServiceProvider; using (CapstoneDBContext Context = sp.GetServices <CapstoneDBContext>().First()) { Context.Database.Migrate(); UserManager <CapstoneUser> userManager = sp.GetService(typeof(UserManager <CapstoneUser>)) as UserManager <CapstoneUser>; RoleManager <CapstoneRole> roleManager = sp.GetService(typeof(RoleManager <CapstoneRole>)) as RoleManager <CapstoneRole>; IConfiguration configuration = ((IConfiguration)sp.GetService(typeof(IConfiguration))); //string s = configuration.GetSection("Role").Value; List <string> emailsList = new List <string>(); for (int i = 0; configuration.GetSection($"Email{i}").Value != null; i++) { emailsList.Add(configuration.GetSection($"Email{i}").Value); } List <string> rolesList = new List <string>(); for (int i = 0; configuration.GetSection($"Role{i}").Value != null; i++) { rolesList.Add(configuration.GetSection($"Role{i}").Value); } if (roleManager.Roles.Count() == 0) { foreach (string s in rolesList) { CapstoneRole role = new CapstoneRole(s); roleManager.CreateAsync(role).GetAwaiter().GetResult(); } } if (userManager.Users.Count() == 0) { for (int i = 0; configuration.GetSection($"Email{i}").Value != null; i++) { string email = configuration.GetSection($"Email{i}").Value; CapstoneUser user = new CapstoneUser(email); user.Email = email; Author author = new Author { Id = user.Id, Name = email }; user.AuthoredItems = author; user.EmailConfirmed = true; userManager.CreateAsync(user, configuration.GetSection("DefaultPass").Value).GetAwaiter().GetResult(); } } if (userManager.Users.Count() == 3 && roleManager.Roles.Count() == 3) { userManager.AddToRolesAsync(userManager.Users.ToList()[0], rolesList).GetAwaiter().GetResult(); rolesList.Remove("Admin"); userManager.AddToRolesAsync(userManager.Users.ToList()[1], rolesList).GetAwaiter().GetResult(); rolesList.Remove("Moderator"); userManager.AddToRolesAsync(userManager.Users.ToList()[2], rolesList).GetAwaiter().GetResult(); } } host.Run(); }