// This method gets called by the runtime. Use this method to configure the HTTP request pipeline. public void Configure(IApplicationBuilder app, IHostingEnvironment env, ILoggerFactory loggerFactory, ExamAceContext context, UserManager <User> userManager, RoleManager <IdentityRole> roleManager) { if (env.IsDevelopment()) { app.UseDeveloperExceptionPage(); } else { app.UseExceptionHandler("/Home/Error"); } app.UseCors("CorsPolicy"); loggerFactory.AddConsole(Configuration.GetSection("Logging")); loggerFactory.AddDebug(); ApiDbSeedData.Seed(userManager, roleManager).Wait(); app.UseStaticFiles(); app.UseSpaStaticFiles(); app.UseMiddleware <TokenProviderMiddleware>(); app.UseMiddleware <RefreshTokenProviderMiddleware>(); app.UseAuthentication(); app.UseMvc(routes => { routes.MapRoute( name: "default", template: "{controller}/{action=Index}/{id?}"); }); app.UseSpa(spa => { spa.Options.SourcePath = "ClientApp"; if (env.IsDevelopment()) { spa.UseProxyToSpaDevelopmentServer("http://localhost:4200"); } }); }
// This method gets called by the runtime. Use this method to configure the HTTP request pipeline. public void Configure(IApplicationBuilder app, IHostingEnvironment env, ILoggerFactory loggerFactory, ExamAceContext context, UserManager <User> userManager, RoleManager <IdentityRole> roleManager) { if (env.IsDevelopment()) { app.UseDeveloperExceptionPage(); } app.UseCors("CorsPolicy"); loggerFactory.AddConsole(Configuration.GetSection("Logging")); loggerFactory.AddDebug(); app.UseStaticFiles(); app.UseSpaStaticFiles(); app.UseMiddleware <TokenProviderMiddleware>(); app.UseMiddleware <RefreshTokenProviderMiddleware>(); app.UseAuthentication(); app.UseMvc(); }
public static LoginResponseData Execute(User user, ExamAceContext db, RefreshToken refreshToken = null) { var options = GetOptions(); var now = DateTime.UtcNow; var claims = new List <Claim>() { new Claim(JwtRegisteredClaimNames.NameId, user.Id), new Claim(JwtRegisteredClaimNames.Jti, user.Id.ToString()), new Claim(JwtRegisteredClaimNames.Iat, new DateTimeOffset(now).ToUniversalTime().ToUnixTimeSeconds().ToString(), ClaimValueTypes.Integer64), new Claim(JwtRegisteredClaimNames.Sub, user.UserName), }; var userClaims = db.UserClaims.Where(i => i.UserId == user.Id); foreach (var userClaim in userClaims) { claims.Add(new Claim(userClaim.ClaimType, userClaim.ClaimValue)); } var userRoles = db.UserRoles.Where(i => i.UserId == user.Id); foreach (var userRole in userRoles) { var role = db.Roles.Single(i => i.Id == userRole.RoleId); claims.Add(new Claim(Extensions.RoleClaimType, role.Name)); } if (refreshToken == null) { refreshToken = new RefreshToken() { UserId = user.Id, Token = Guid.NewGuid().ToString("N") }; db.InsertNew(refreshToken); } refreshToken.IssuedUtc = now; refreshToken.ExpiresUtc = now.Add(options.Expiration); db.SaveChanges(); var jwt = new JwtSecurityToken( issuer: options.Issuer, audience: options.Audience, claims: claims.ToArray(), notBefore: now, expires: now.Add(options.Expiration), signingCredentials: options.SigningCredentials); var encodedJwt = new JwtSecurityTokenHandler().WriteToken(jwt); var response = new LoginResponseData { Access_token = encodedJwt, Refresh_token = refreshToken.Token, Expires_in = (int)options.Expiration.TotalSeconds, UserName = user.UserName, FirstName = user.FirstName, LastName = user.LastName, IsAdmin = claims.Any(i => i.Type == Extensions.RoleClaimType && i.Value == Extensions.AdminRole) }; return(response); }