public async Task <IActionResult> Login(
[FromForm] RegisterModel signInData,
[FromServices] SignInManager <ApplicationUser> signInManager,
[FromServices] UserManager <ApplicationUser> userManager
)
{
ThrowIfRegisterModelInvalid(signInData);
// var user = new ApplicationUser { UserName = signInData.username, Email = signInData.email };
// await userManager.CreateAsync(user, signInData.password);
var user = await userManager.FindByEmailAsync(signInData.email);
if (user == null || user.Id == null)
{
throw new Exception("user invalid");
}
var result = await signInManager.PasswordSignInAsync(user, signInData.password, true, false);
if (!result.Succeeded)
{
throw new Exception("login invalid");
}
var principal = await signInManager.CreateUserPrincipalAsync(user);
var jwt = JWT.Generate(principal.Claims, JWTConfig.Key, "http://localhost", DateTime.Today.AddHours(1));
return(Ok(jwt));
}
public void TestGenerate()
{
var claims = new List <Claim> {
new Claim("test", "1"),
new Claim("test", "2"),
};
var expires = new DateTime().AddHours(1);
var token = JWT.Generate(claims, JWTConfig.Key, "test", expires);
Assert.True(!string.IsNullOrEmpty(token));
}
public async Task TestAddPermissionsToUserAndAuthorizeRouteWithPermissions()
{
var roleName = "testing_role";
var client = _testServer.CreateClient();
var userManager = _testServer.Host.Services.GetService(typeof(UserManager <ApplicationUser>)) as UserManager <ApplicationUser>;
var signInManager = _testServer.Host.Services.GetService(typeof(SignInManager <ApplicationUser>)) as SignInManager <ApplicationUser>;
var roleManager = _testServer.Host.Services.GetService(typeof(RoleManager <ApplicationRole>)) as RoleManager <ApplicationRole>;
// await new InitializeIdentity(roleManager, userManager).RegisterPermissions(typeof(PermissionsTest)).SeedClaimsAsync(roleName);
await InitializeIdentity.SeedPermissions <PermissionsTest>(roleManager).SeedAsync(roleName);
var user = new ApplicationUser {
Email = "*****@*****.**",
UserName = "******"
};
var password = "******";
var createdUser = await userManager.CreateAsync(user, password);
if (!createdUser.Succeeded)
{
throw new Exception("error on create user");
}
var addToRole = await userManager.AddToRoleAsync(user, roleName);
if (!addToRole.Succeeded)
{
throw new Exception("error on add user to role");
}
var principal = await signInManager.CreateUserPrincipalAsync(user);
var token = JWT.Generate(principal.Claims, JWTConfig.Key, JWTConfig.Issuer, DateTime.Now.AddHours(1));
var read = new JwtSecurityTokenHandler().CanReadToken(token);
if (!read)
{
throw new Exception("token generated is invalid");
}
client.DefaultRequestHeaders.Authorization = new AuthenticationHeaderValue(JwtBearerDefaults.AuthenticationScheme, token);
var response = await client.GetAsync("/auth_roles");
response.EnsureSuccessStatusCode();
var result = await response.Content.ReadAsStringAsync();
Assert.Equal("authorized!", result);
}
public async Task TestUserAuthorized()
{
// Create Services
var client = _testServer.CreateClient();
var userManager = _testServer.Host.Services.GetService(typeof(UserManager <ApplicationUser>)) as UserManager <ApplicationUser>;
var signInManager = _testServer.Host.Services.GetService(typeof(SignInManager <ApplicationUser>)) as SignInManager <ApplicationUser>;
// create user
var user = new ApplicationUser {
Email = "*****@*****.**",
UserName = "******"
};
var password = "******";
var createdUser = await userManager.CreateAsync(user, password);
if (!createdUser.Succeeded)
{
throw new Exception("error on create user");
}
// create claims
var principal = await signInManager.CreateUserPrincipalAsync(user);
// generate token and validate then
var token = JWT.Generate(principal.Claims, JWTConfig.Key, JWTConfig.Issuer, DateTime.Now.AddHours(1));
var read = new JwtSecurityTokenHandler().CanReadToken(token);
if (!read)
{
throw new Exception("token generated is invalid");
}
// set token to request header
client.DefaultRequestHeaders.Authorization = new AuthenticationHeaderValue(JwtBearerDefaults.AuthenticationScheme, token);
// send request
var response = await client.GetAsync("/auth");
response.EnsureSuccessStatusCode();
// get response of request
var result = await response.Content.ReadAsStringAsync();
Assert.Equal("authorized!", result);
}
public async Task <IActionResult> SignInAsync([FromBody] InSignInDTO signInDTO)
{
var user = await _manager.UserRepository
.GetAsync(signInDTO.Username, false);
if (user == null)
{
return(Unauthorized());
}
var signInResult = await _manager.UserRepository
.SignInAsync(user, signInDTO.Password);
if (!signInResult.Succeeded)
{
return(Unauthorized());
}
var jwt = JWT.Generate(user, _configuration);
return(Ok(jwt));
}
