// This method gets called by the runtime. Use this method to configure the HTTP request pipeline.
public void Configure(IApplicationBuilder app, IHostingEnvironment env, ILoggerFactory loggerFactory,
ExamAceContext context, UserManager <User> userManager, RoleManager <IdentityRole> roleManager)
{
if (env.IsDevelopment())
{
app.UseDeveloperExceptionPage();
}
else
{
app.UseExceptionHandler("/Home/Error");
}
app.UseCors("CorsPolicy");
loggerFactory.AddConsole(Configuration.GetSection("Logging"));
loggerFactory.AddDebug();
ApiDbSeedData.Seed(userManager, roleManager).Wait();
app.UseStaticFiles();
app.UseSpaStaticFiles();
app.UseMiddleware <TokenProviderMiddleware>();
app.UseMiddleware <RefreshTokenProviderMiddleware>();
app.UseAuthentication();
app.UseMvc(routes =>
{
routes.MapRoute(
name: "default",
template: "{controller}/{action=Index}/{id?}");
});
app.UseSpa(spa =>
{
spa.Options.SourcePath = "ClientApp";
if (env.IsDevelopment())
{
spa.UseProxyToSpaDevelopmentServer("http://localhost:4200");
}
});
}
// This method gets called by the runtime. Use this method to configure the HTTP request pipeline.
public void Configure(IApplicationBuilder app, IHostingEnvironment env, ILoggerFactory loggerFactory,
ExamAceContext context, UserManager <User> userManager, RoleManager <IdentityRole> roleManager)
{
if (env.IsDevelopment())
{
app.UseDeveloperExceptionPage();
}
app.UseCors("CorsPolicy");
loggerFactory.AddConsole(Configuration.GetSection("Logging"));
loggerFactory.AddDebug();
app.UseStaticFiles();
app.UseSpaStaticFiles();
app.UseMiddleware <TokenProviderMiddleware>();
app.UseMiddleware <RefreshTokenProviderMiddleware>();
app.UseAuthentication();
app.UseMvc();
}
public static LoginResponseData Execute(User user, ExamAceContext db, RefreshToken refreshToken = null)
{
var options = GetOptions();
var now = DateTime.UtcNow;
var claims = new List <Claim>()
{
new Claim(JwtRegisteredClaimNames.NameId, user.Id),
new Claim(JwtRegisteredClaimNames.Jti, user.Id.ToString()),
new Claim(JwtRegisteredClaimNames.Iat, new DateTimeOffset(now).ToUniversalTime().ToUnixTimeSeconds().ToString(), ClaimValueTypes.Integer64),
new Claim(JwtRegisteredClaimNames.Sub, user.UserName),
};
var userClaims = db.UserClaims.Where(i => i.UserId == user.Id);
foreach (var userClaim in userClaims)
{
claims.Add(new Claim(userClaim.ClaimType, userClaim.ClaimValue));
}
var userRoles = db.UserRoles.Where(i => i.UserId == user.Id);
foreach (var userRole in userRoles)
{
var role = db.Roles.Single(i => i.Id == userRole.RoleId);
claims.Add(new Claim(Extensions.RoleClaimType, role.Name));
}
if (refreshToken == null)
{
refreshToken = new RefreshToken()
{
UserId = user.Id,
Token = Guid.NewGuid().ToString("N")
};
db.InsertNew(refreshToken);
}
refreshToken.IssuedUtc = now;
refreshToken.ExpiresUtc = now.Add(options.Expiration);
db.SaveChanges();
var jwt = new JwtSecurityToken(
issuer: options.Issuer,
audience: options.Audience,
claims: claims.ToArray(),
notBefore: now,
expires: now.Add(options.Expiration),
signingCredentials: options.SigningCredentials);
var encodedJwt = new JwtSecurityTokenHandler().WriteToken(jwt);
var response = new LoginResponseData
{
Access_token = encodedJwt,
Refresh_token = refreshToken.Token,
Expires_in = (int)options.Expiration.TotalSeconds,
UserName = user.UserName,
FirstName = user.FirstName,
LastName = user.LastName,
IsAdmin = claims.Any(i => i.Type == Extensions.RoleClaimType && i.Value == Extensions.AdminRole)
};
return(response);
}
