public async Task<ActionResult> Index()
{
if (this.User.Identity.IsAuthenticated)
{
var manager = new UserManager<ApplicationUser>(new UserStore<ApplicationUser>(this.db));
var appUser = await manager.FindByIdAsync(this.User.Identity.GetUserId());
IQueryable<Game> games = from membership in db.GameMemberships
where membership.ApplicationUserID == appUser.Id
join game in db.Games on membership.GameID equals game.ID
select game;
var adminRole = await db.Roles.FirstOrDefaultAsync(role => role.Name == "Admin");
this.ViewBag.Games = await games.ToListAsync();
this.ViewBag.Claims = await manager.GetClaimsAsync(appUser.Id);
this.ViewBag.Roles = await manager.GetRolesAsync(appUser.Id);
}
return View();
}
protected async override System.Threading.Tasks.Task<HttpResponseMessage> SendAsync(HttpRequestMessage request, System.Threading.CancellationToken cancellationToken)
{
var query = request.RequestUri.ParseQueryString();
if (query.AllKeys.Any(x => x == "token"))
{
var jwt = ((JwtSecurityToken)new JwtSecurityTokenHandler().ReadToken(query.GetValues("token")[0]));
var userId = jwt.Claims.FirstOrDefault(x => x.Type.Equals("nameid")).Value;
if (userId != null)
using (var context = DatabaseContext.Create())
using (var userManager = new UserManager(new UserStore<User>(context)))
{
User currentUser = null;
if ((currentUser = await userManager.FindByIdAsync(userId)) != null)
{
var identity = await currentUser.GenerateUserIdentityAsync(userManager, OAuthDefaults.AuthenticationType);
var principal = new GenericPrincipal(identity, (await userManager.GetRolesAsync(currentUser.Id)).ToArray());
Thread.CurrentPrincipal = principal;
HttpContext.Current.User = principal;
}
}
}
return await base.SendAsync(request, cancellationToken);
}
public async Task<List<string>> GetRoles(string userId)
{
var db = new DataContext();
var userMan = new UserManager<MyUser>(new UserStore<MyUser>(db));
var roles = await userMan.GetRolesAsync(userId);
return roles.ToList();
}
public async Task<ClaimsIdentity> GenerateUserIdentityAsync(UserManager<ApplicationUser> manager)
{
// Note the authenticationType must match the one defined in CookieAuthenticationOptions.AuthenticationType
var userIdentity = await manager.CreateIdentityAsync(this, DefaultAuthenticationTypes.ApplicationCookie);
var properties = this.GetType().GetProperties();
foreach (var property in properties)
{
if (property.GetValue(this) != null && property.Name != "PasswordHash")
userIdentity.AddClaim(new Claim(property.Name, property.GetValue(this).ToString()));
}
var roles = await manager.GetRolesAsync(Id);
foreach (var role in roles)
{
userIdentity.AddClaim(new Claim(ClaimTypes.Role, role));
}
return userIdentity;
}
public async Task <ActionResult> Edit([Bind(Include = "Email,Id")] EditUserViewModel editUser, params string[] selectedRole)
{
if (ModelState.IsValid)
{
var user = await UserManager.FindByIdAsync(editUser.Id);
if (user == null)
{
return(HttpNotFound());
}
user.Email = editUser.Email;
var userRoles = await UserManager.GetRolesAsync(user.Id);
selectedRole = selectedRole ?? new string[] { };
var result = await UserManager.AddUserToRolesAsync(user.Id, selectedRole.Except(userRoles).ToList <string>());
if (!result.Succeeded)
{
ModelState.AddModelError("", result.Errors.First());
return(View());
}
result = await UserManager.RemoveUserFromRolesAsync(user.Id, userRoles.Except(selectedRole).ToList <string>());
if (!result.Succeeded)
{
ModelState.AddModelError("", result.Errors.First());
return(View());
}
return(RedirectToAction("Index"));
}
ModelState.AddModelError("", "Something failed.");
return(View());
}
public async Task <IActionResult> Login([FromBody] LoginModel loginModel)
{
var user = await _userManager.FindByNameAsync(loginModel.UserName);
if (user != null && await _userManager.CheckPasswordAsync(user, loginModel.Password))
{
var userRoles = await _userManager.GetRolesAsync(user);
var authClaims = new List <Claim>
{
new Claim(ClaimTypes.Name, user.UserName),
new Claim(JwtRegisteredClaimNames.Jti, Guid.NewGuid().ToString())
};
foreach (var userRole in userRoles)
{
authClaims.Add(new Claim(ClaimTypes.Role, userRole));
}
var authSigninKey = new SymmetricSecurityKey(Encoding.UTF8.GetBytes(_configuration["JWT:Secret"]));
var token = new JwtSecurityToken(
issuer: _configuration["JWT:ValidIssuer"],
audience: _configuration["JWT:ValidAudience"],
expires: DateTime.Now.AddHours(7),
claims: authClaims,
signingCredentials: new SigningCredentials(authSigninKey, SecurityAlgorithms.HmacSha256)
);
return(Ok(new
{
token = new JwtSecurityTokenHandler().WriteToken(token)
}));
}
return(Unauthorized());
}
private async Task <string> GenerateJSONWebToken(IdentityUser user)
{
var securityKey = new SymmetricSecurityKey(Encoding.UTF8.GetBytes(_config["Jwt:Key"]));
var credentials = new SigningCredentials(securityKey, SecurityAlgorithms.HmacSha256);
var claims = new List <Claim>
{
new Claim(JwtRegisteredClaimNames.Sub, user.Email),
new Claim(JwtRegisteredClaimNames.Jti, Guid.NewGuid().ToString()),
new Claim(ClaimTypes.NameIdentifier, user.Id)
};
var roles = await _userManager.GetRolesAsync(user);
claims.AddRange(roles.Select(r => new Claim(ClaimsIdentity.DefaultRoleClaimType, r)));
var token = new JwtSecurityToken(_config["Jwt:Issuer"]
, _config["Jwt:Issuer"],
claims,
null,
expires: DateTime.Now.AddHours(5),
signingCredentials: credentials
);
return(new JwtSecurityTokenHandler().WriteToken(token));
}
public async Task <ActionResult> RemoveUser(string id)
{
if (id == null)
{
return(new HttpStatusCodeResult(HttpStatusCode.BadRequest));
}
var user = await UserManager.FindByIdAsync(id);
var logins = user.Logins;
var rolesforUser = await UserManager.GetRolesAsync(id);
using (var transaction = context.Database.BeginTransaction())
{
//IdentityResult result = IdentityResult.Success;
foreach (var login in logins)
{
await UserManager.RemoveLoginAsync(login.UserId,
new UserLoginInfo(login.LoginProvider, login.ProviderKey));
}
if (rolesforUser.Any())
{
foreach (var item in rolesforUser.ToList())
{
var result = await UserManager.RemoveFromRoleAsync(user.Id, item);
}
}
await UserManager.DeleteAsync(user);
transaction.Commit();
}
//return RedirectToAction("UsersIndex");
return(Json(new { success = true }, JsonRequestBehavior.AllowGet));
}
public async Task <IActionResult> Index()
{
User user = await _userManager.GetUserAsync(User);
var roles = await _userManager.GetRolesAsync(user);
List <Certification> certifications = _db.Certifications.ToList();
if (roles.Contains("admin"))
{
return(View(certifications));
}
List <string> userCertificationsList = _db.UserCertifications
.Where(e => e.UserId == user.Id)
.Select(e => e.CertificationId)
.ToList();
List <Certification> certificationsByUser = certifications
.Where(e => userCertificationsList.Contains(e.Id))
.ToList();
return(View(certificationsByUser));
}
public string CreateToken(User user)
{
var roles = _userManager.GetRolesAsync(user).Result;
// var fullName = _context.userMoreInfos.FirstOrDefault(t => t.id == user.Id).FullName;
var claims = new List <Claim>()
{
//new Claim(JwtRegisteredClaimNames.Sub, user.Id)
new Claim("id", user.Id.ToString()),
// new Claim("name", fullName),
new Claim("email", user.Email)
};
foreach (var role in roles)
{
claims.Add(new Claim("roles", role));
}
string jwtTokenSecretKey = this._configuration.GetValue <string>("SecretPhrase");
var signingKey = new SymmetricSecurityKey(Encoding.UTF8.GetBytes(jwtTokenSecretKey));
var signingCredentials = new SigningCredentials(signingKey, SecurityAlgorithms.HmacSha256);
var jwt = new JwtSecurityToken(
signingCredentials: signingCredentials,
claims: claims,
expires: DateTime.Now.AddYears(1));
return(new JwtSecurityTokenHandler().WriteToken(jwt));
}
private string CreateTokenJwt(DbUser user)
{
var roles = _userManager.GetRolesAsync(user).Result;
var claims = new List <Claim>()
{
//new Claim(JwtRegisteredClaimNames.Sub, user.Id)
new Claim("id", user.Id.ToString()),
new Claim("name", user.UserName)
};
foreach (var role in roles)
{
claims.Add(new Claim("roles", role));
}
var signingKey = new SymmetricSecurityKey(Encoding.UTF8.GetBytes("11-sdfasdf-22233222222"));
var signingCredentials = new SigningCredentials(signingKey, SecurityAlgorithms.HmacSha256);
var jwt = new JwtSecurityToken(
signingCredentials: signingCredentials,
claims: claims,
expires: DateTime.Now.AddHours(1));
return(new JwtSecurityTokenHandler().WriteToken(jwt));
}
public static async Task <JsonResponse> GenerateJwt(User user, string fullName, JwtIssuerOptions _jwtOptions, UserManager <User> _userManager)
{
var claims = new List <Claim>
{
new Claim(JwtRegisteredClaimNames.Sub, user.UserName),
new Claim(JwtRegisteredClaimNames.Jti, await _jwtOptions.JtiGenerator()),
new Claim(JwtRegisteredClaimNames.Iat, ToUnixEpochDate(_jwtOptions.IssuedAt).ToString(), ClaimValueTypes.Integer64)
};
var userRoles = await _userManager.GetRolesAsync(user);
foreach (var userRole in userRoles)
{
claims.Add(new Claim(ClaimTypes.Role, userRole));
}
// Create the JWT security token and encode it.
var jwt = new JwtSecurityToken(
issuer: _jwtOptions.Issuer,
audience: _jwtOptions.Audience,
claims: claims,
notBefore: _jwtOptions.NotBefore,
expires: _jwtOptions.Expiration,
signingCredentials: _jwtOptions.SigningCredentials);
var encodedJwt = new JwtSecurityTokenHandler().WriteToken(jwt);
var response = new JsonResponse
{
fullName = fullName,
id = user.Id,
token = encodedJwt,
expires_in = (int)_jwtOptions.ValidFor.TotalSeconds
};
return(response);
//return JsonConvert.SerializeObject(response, new JsonSerializerSettings { Formatting = Formatting.Indented });
}
public async Task <string> CreateAccessToken(User user)
{
var userId = user.Id.ToString();
var userName = user.UserName;
var claims = new List <Claim>
{
new Claim(ClaimTypes.NameIdentifier, userId),
new Claim(ClaimTypes.Name, userName)
};
var roles = await _userManager.GetRolesAsync(user);
foreach (var role in roles)
{
claims.Add(new Claim(ClaimTypes.Role, role));
}
var secret = _configuration.GetSection("Jwt").GetSection("Token").Get <String>();
var key = new SymmetricSecurityKey(Encoding.UTF8.GetBytes(secret));
var creds = new SigningCredentials(key, SecurityAlgorithms.HmacSha512Signature);
var tokenDescriptor = new SecurityTokenDescriptor
{
Subject = new ClaimsIdentity(claims),
Expires = DateTime.Now.AddMinutes(1),
SigningCredentials = creds
};
var tokenHandler = new JwtSecurityTokenHandler();
var token = tokenHandler.CreateToken(tokenDescriptor);
return(tokenHandler.WriteToken(token));
}
public async Task <List <Claim> > GetUserClaimsByIdAsync(string subjectid)
{
var user = await _userManager.FindByIdAsync(subjectid);
if (user != null)
{
var roles = await _userManager.GetRolesAsync(user);
var claims = new List <Claim>
{
new Claim(JwtClaimTypes.Email, user.Email),
new Claim(JwtClaimTypes.Subject, user.Id.ToString()),
new Claim(JwtClaimTypes.Name, user.UserName),
new Claim("AspNet.Identity.SecurityStamp", user.SecurityStamp)
};
if (roles.Any())
{
claims.AddRange(roles.Select(role => new Claim(JwtClaimTypes.Role, role)));
}
return(claims.ToList());
}
return(new List <Claim>());
}
public async Task <ActionResult> Edit(EditUserViewModel editUser, params string[] selectedRole)
{
if (ModelState.IsValid)
{
var user = await UserManager.FindByIdAsync(editUser.Id);
if (user == null)
{
return(HttpNotFound());
}
user.DateOfBirth = editUser.DateOfBirth;
user.FirstName = editUser.FirstName;
user.LastName = editUser.LastName;
user.Address = editUser.Address;
var userRoles = await UserManager.GetRolesAsync(user.Id);
selectedRole = selectedRole ?? new string[] { };
var result = await UserManager.AddToRolesAsync(user.Id, selectedRole.Except(userRoles).ToArray <string>());
if (!result.Succeeded)
{
ModelState.AddModelError("", result.Errors.First());
return(View());
}
result = await UserManager.RemoveFromRolesAsync(user.Id, userRoles.Except(selectedRole).ToArray <string>());
if (!result.Succeeded)
{
ModelState.AddModelError("", result.Errors.First());
return(View());
}
return(RedirectToAction("Index"));
}
ModelState.AddModelError("", "Something failed.");
return(View());
}
public async Task <UsuarioData> Handle(Ejecutar request, CancellationToken cancellationToken)
{
var usuario = await _userManager.FindByNameAsync(_usuarioSesion.ObtenerUsuarioSesion());
var resultadoRoles = await _userManager.GetRolesAsync(usuario);
var listaRoles = new List <string>(resultadoRoles);
var imagenPerfil = await _context.Documento.Where(x => x.ObjetoReferencia == new Guid(usuario.Id)).FirstOrDefaultAsync();
if (imagenPerfil != null)
{
var imagenCliente = new ImagenGeneral {
Data = Convert.ToBase64String(imagenPerfil.Contenido),
Extension = imagenPerfil.Extension,
Nombre = imagenPerfil.Nombre
};
return(new UsuarioData {
NombreCompleto = usuario.NombreCompleto,
Username = usuario.UserName,
Token = _jwtGenerador.CrearToken(usuario, listaRoles),
ImagenPerfil = imagenCliente,
Email = usuario.Email
});
}
else
{
return(new UsuarioData {
NombreCompleto = usuario.NombreCompleto,
Username = usuario.UserName,
Token = _jwtGenerador.CrearToken(usuario, listaRoles),
Email = usuario.Email
});
}
}
public async Task OnActionExecutionAsync(ActionExecutingContext context, ActionExecutionDelegate next)
{
if (context.HttpContext.Request.Headers.ContainsKey("Authorization"))
{
string username = context.HttpContext.User.GetUserName();
var user = await userManager.FindByNameAsync(username);
var role = (await userManager.GetRolesAsync(user)).FirstOrDefault();
var isInRole = context.HttpContext.User.IsInRole(role);
if (!isInRole)
{
context.Result = new StatusCodeResult(401);
}
else
{
await next();
}
}
else
{
await next();
}
}
// GET: StaffManagement/Edit/5
public async System.Threading.Tasks.Task <ActionResult> Edit(string id)
{
if (id == null)
{
return(new HttpStatusCodeResult(HttpStatusCode.BadRequest));
}
Staff staff = db.ApplicationUsers.Find(id);
if (staff == null)
{
return(HttpNotFound());
}
//create new instance of modify staff view model for edit
ViewBag.RoleNo = new SelectList(db.Roles, "Id", "Name");
ModifyStaffViewModel staffviewmodel = new ModifyStaffViewModel();
string oldRole = (await UserManager.GetRolesAsync(id)).Single();
//intakes current values available about user to modify, minus password due to hashed display and confidential
staffviewmodel.Roles = db.Roles.Select(r => new SelectListItem {
Text = r.Name, Value = r.Name, Selected = r.Name == oldRole
}).ToList();
staffviewmodel.Forename = staff.Forename;
staffviewmodel.Surname = staff.Surname;
staffviewmodel.Street = staff.Street;
staffviewmodel.Town = staff.Town;
staffviewmodel.City = staff.City;
staffviewmodel.DOB = staff.DOB;
staffviewmodel.Email = staff.Email;
staffviewmodel.Telnum = staff.PhoneNumber;
staffviewmodel.Role = staff.Role;
staffviewmodel.tempid = staff.Id;
return(View(staffviewmodel));
}
public async static Task <ClaimsIdentity> CreateUserClaims(
ClaimsIdentity identity,
UserManager <ApplicationUser> manager,
string userId
)
{
// Current User
var currentUser = await manager.FindByIdAsync(userId);
var roles = (List <string>) await manager.GetRolesAsync(userId);
// Your User Data
var jUser = JsonConvert.SerializeObject(new CurrentUser
{
UserId = currentUser.Id,
Name = currentUser.Name,
UserName = currentUser.Email,
Roles = roles ?? new List <string>()
});
identity.AddClaim(new Claim(ClaimTypes.UserData, jUser));
return(await Task.FromResult(identity));
}
public async Task <string> BuildToken(AppUser user)
{
var userRoles = await _userManager.GetRolesAsync(user);
//claim collection
var claims = new List <Claim>
{
new Claim(ClaimTypes.Name, user.UserName),
new Claim(JwtRegisteredClaimNames.Jti, Guid.NewGuid().ToString()),
};
foreach (var userRole in userRoles)
{
claims.Add(new Claim(ClaimTypes.Role, userRole));
}
var secretBytes = Encoding.UTF8.GetBytes(Constants.Secret);
var key = new SymmetricSecurityKey(secretBytes);
var algorithm = SecurityAlgorithms.HmacSha256;
var signingCredentials = new SigningCredentials(key, algorithm);
var token = new JwtSecurityToken(
Constants.Issuer,
Constants.Audiance,
claims,
notBefore: DateTime.Now,
expires: DateTime.Now.AddHours(1),
signingCredentials);
var tokenJson = new JwtSecurityTokenHandler().WriteToken(token);
return(tokenJson);
}
public async Task <JwtToken?> CreateToken(InputModel model)
{
IdentityUser?user = await _userManager.FindByEmailAsync(model.Email);
if (user != null)
{
if (await _userManager.CheckPasswordAsync(user, model.Password))
{
JwtSecurityTokenHandler?tokenHandler = new JwtSecurityTokenHandler();
byte[]? key = Encoding.ASCII.GetBytes(_configuration["Tokens:Key"]);
SecurityTokenDescriptor?tokenDescriptor = new SecurityTokenDescriptor
{
Subject = new ClaimsIdentity(new Claim[]
{
new Claim(ClaimTypes.Name, user.Id.ToString())
}),
Expires = DateTime.UtcNow.AddMonths(2),
SigningCredentials = new SigningCredentials(new SymmetricSecurityKey(key), SecurityAlgorithms.HmacSha256Signature)
};
foreach (string?role in await _userManager.GetRolesAsync(user))
{
tokenDescriptor.Subject.AddClaim(new Claim(ClaimTypes.Role, role));
}
SecurityToken?token = tokenHandler.CreateToken(tokenDescriptor);
return(new JwtToken
{
Token = tokenHandler.WriteToken(token),
Expiration = token.ValidTo,
});
}
}
return(null);
}
private async Task <Token> generateJwtToken(User user)
{
var userRoles = await userManager.GetRolesAsync(user);
var country = northwindContext.Employees.Find(user.EmployeeID).Country.ToString();
var authClaims = new List <Claim>
{
new Claim(ClaimTypes.Name, user.UserName),
new Claim(JwtRegisteredClaimNames.Jti, Guid.NewGuid().ToString()),
new Claim(ClaimTypes.Country, country)
};
foreach (var userRole in userRoles)
{
authClaims.Add(new Claim(ClaimTypes.Role, userRole));
}
var authSigningKey = new SymmetricSecurityKey(Encoding.UTF8.GetBytes(_configuration["JWT:Secret"]));
var createToken = new JwtSecurityToken(
issuer: _configuration["JWT:ValidIssuer"],
audience: _configuration["JWT:ValidAudience"],
expires: DateTime.UtcNow.AddMinutes(30),
claims: authClaims,
signingCredentials: new SigningCredentials(authSigningKey, SecurityAlgorithms.HmacSha256)
);
Token token = new Token()
{
Payload = new JwtSecurityTokenHandler().WriteToken(createToken),
Expires = DateTime.UtcNow.AddMinutes(30)
};
return(token);
}
public async Task <SignedInViewModel> SignIn(string email, string password)
{
try
{
var user = await _userManager.FindByEmailAsync(email);
if (user == null)
{
throw new Exception("Wrong password or email.");
}
var result = await _signInManager.CheckPasswordSignInAsync(user, password, false);
if (!result.Succeeded || result.IsLockedOut || result.IsNotAllowed)
{
return(null);
}
var userRoles = await _userManager.GetRolesAsync(user);
return(new SignedInViewModel
{
Email = user.Email,
IdentityUserId = user.Id,
UserName = user.NormalizedUserName,
Roles = userRoles?.Select(role => new IdentityRoleViewModel(role)).ToArray(),
Message = "Success",
JwtToken = JwtTokenUtility.CreateJwtToken(user.NormalizedUserName, user.Email, userRoles?.ToArray())
});
}
catch (Exception ex)
{
_logger.LogError(ex);
return(null);
}
}
//// GET: ApplicationUsers/Details/5
//public async Task<ActionResult> Details(string id)
//{
// if (id == null)
// {
// return new HttpStatusCodeResult(HttpStatusCode.BadRequest);
// }
// ApplicationUser applicationUser = await db.ApplicationUsers.FindAsync(id);
// if (applicationUser == null)
// {
// return HttpNotFound();
// }
// return View(applicationUser);
//}
//// GET: ApplicationUsers/Create
//public ActionResult Create()
//{
// return View();
//}
//// POST: ApplicationUsers/Create
//// To protect from overposting attacks, please enable the specific properties you want to bind to, for
//// more details see http://go.microsoft.com/fwlink/?LinkId=317598.
//[HttpPost]
//[ValidateAntiForgeryToken]
//public async Task<ActionResult> Create([Bind(Include = "Id,FirstName,LastName,Address,City,State,ZipCode,Email,EmailConfirmed,PasswordHash,SecurityStamp,PhoneNumber,PhoneNumberConfirmed,TwoFactorEnabled,LockoutEndDateUtc,LockoutEnabled,AccessFailedCount,UserName")] ApplicationUser applicationUser)
//{
// if (ModelState.IsValid)
// {
// db.ApplicationUsers.Add(applicationUser);
// await db.SaveChangesAsync();
// return RedirectToAction("Index");
// }
// return View(applicationUser);
//}
// GET: ApplicationUsers/Edit/5
public async Task <ActionResult> Edit(string id)
{
if (id == null)
{
return(new HttpStatusCodeResult(HttpStatusCode.BadRequest));
}
ApplicationUser applicationUser = await UserManager.FindByIdAsync(id);
if (applicationUser == null)
{
return(HttpNotFound());
}
var userRoles = await UserManager.GetRolesAsync(applicationUser.Id);
applicationUser.RolesList = RoleManager.Roles.ToList().Select(r => new SelectListItem
{
Selected = userRoles.Contains(r.Name),
Text = r.Name,
Value = r.Name
});
return(View(applicationUser));
}
public async Task <bool> ResetPassword(ResetPasswordDto input)
{
if (_abpSession.UserId == null)
{
throw new UserFriendlyException("请登录后再进行操作!");
}
long currentUserId = _abpSession.UserId.Value;
var currentUser = await _userManager.GetUserByIdAsync(currentUserId);
var loginAsync = await _logInManager.LoginAsync(currentUser.UserName, input.AdminPassword, shouldLockout : false);
if (loginAsync.Result != AbpLoginResultType.Success)
{
throw new UserFriendlyException("管理员密码错误,操作失败!");
}
if (currentUser.IsDeleted || !currentUser.IsActive)
{
return(false);
}
var roles = await _userManager.GetRolesAsync(currentUser);
if (!roles.Contains(StaticRoleNames.Tenants.Admin))
{
throw new UserFriendlyException("只有管理员才能进行该操作!");
}
var user = await _userManager.GetUserByIdAsync(input.UserId);
if (user != null)
{
user.Password = _passwordHasher.HashPassword(user, input.NewPassword);
CurrentUnitOfWork.SaveChanges();
}
return(true);
}
public async Task <IActionResult> Login([FromBody] LoginRequestDto model)
{
var user = _userManager.Users.SingleOrDefault(r => r.Email == model.UserName && r.Active);
if (user == null)
{
ModelState.AddModelError("notExists", "Usuario y/o contraseña incorrectos.");
return(BadRequest(ModelState));
}
user.RoleNames = (await _userManager.GetRolesAsync(user)).FirstOrDefault();
var result = await _signInManager.PasswordSignInAsync(model.UserName, model.Password, true, false);
if (!result.Succeeded)
{
ModelState.AddModelError("notExists", "Usuario y/o contraseña incorrectos.");
return(BadRequest(ModelState));
}
else
{
var jsonWebToken = _tokenService.GenerateJwtToken(model.UserName, user);
var requestedAt = DateTime.UtcNow;
var returnModel = _mapper.Map <LoggedInUserDto>(user);
returnModel.LastLoginDate = user.LastLoginDate;
user.LastLoginDate = requestedAt;
await _userManager.UpdateAsync(user);
returnModel.Token = jsonWebToken.Token;
returnModel.Expires = jsonWebToken.Expiration - requestedAt.Ticks;
return(Ok(returnModel));
}
}
public async Task <IActionResult> Modify(string id, string FullName, string NewPwd, string Area, string Role)
{
var user = await UserManager.FindByIdAsync(id);
user.FullName = FullName;
var claims = (await UserManager.GetClaimsAsync(user)).Select(x => x.Value);
foreach (var x in claims)
{
await UserManager.RemoveClaimAsync(user, new System.Security.Claims.Claim("管辖片区", x));
}
if (!string.IsNullOrEmpty(Area))
{
foreach (var x in Area.TrimEnd(' ').TrimEnd(',').Split(','))
{
await UserManager.AddClaimAsync(user, new System.Security.Claims.Claim("管辖片区", x));
}
}
if (!string.IsNullOrEmpty(NewPwd))
{
var token = await UserManager.GeneratePasswordResetTokenAsync(user);
await UserManager.ResetPasswordAsync(user, token, NewPwd);
}
await UserManager.AddClaimAsync(user, new System.Security.Claims.Claim("管辖片区", string.Empty));
var role = await UserManager.GetRolesAsync(user);
await UserManager.RemoveFromRoleAsync(user, role.First());
await UserManager.AddToRoleAsync(user, Role);
DB.SaveChanges();
return(RedirectToAction("Profile", "Account", new { id = id }));
}
public async Task <string> CreateToken(AppUser user)
{
var claims = new List <Claim> {
new Claim(JwtRegisteredClaimNames.NameId, user.Id.ToString()),
new Claim(JwtRegisteredClaimNames.UniqueName, user.UserName),
};
var roles = await _userManager.GetRolesAsync(user);
claims.AddRange(roles.Select(role => new Claim(ClaimTypes.Role, role)));
var creds = new SigningCredentials(_key, SecurityAlgorithms.HmacSha512Signature);
var tokenDescriptor = new SecurityTokenDescriptor
{
Subject = new ClaimsIdentity(claims),
Expires = DateTime.Now.AddDays(7),
SigningCredentials = creds,
};
var tokenHandler = new JwtSecurityTokenHandler();
var token = tokenHandler.CreateToken(tokenDescriptor);
return(tokenHandler.WriteToken(token));
}
public async Task <bool> ResetPassword(ResetPasswordDto input)
{
if (_abpSession.UserId == null)
{
throw new UserFriendlyException("Please log in before attemping to reset password.");
}
long currentUserId = _abpSession.UserId.Value;
var currentUser = await _userManager.GetUserByIdAsync(currentUserId);
var loginAsync = await _logInManager.LoginAsync(currentUser.UserName, input.AdminPassword, shouldLockout : false);
if (loginAsync.Result != AbpLoginResultType.Success)
{
throw new UserFriendlyException("Your 'Admin Password' did not match the one on record. Please try again.");
}
if (currentUser.IsDeleted || !currentUser.IsActive)
{
return(false);
}
var roles = await _userManager.GetRolesAsync(currentUser);
if (!roles.Contains(StaticRoleNames.Tenants.Admin))
{
throw new UserFriendlyException("Only administrators may reset passwords.");
}
var user = await _userManager.GetUserByIdAsync(input.UserId);
if (user != null)
{
user.Password = _passwordHasher.HashPassword(user, input.NewPassword);
CurrentUnitOfWork.SaveChanges();
}
return(true);
}
public async Task <TokenViewModel> GenerationAccessToken(UserDbEntity user)
{
var roles = await _userManager.GetRolesAsync(user);
var claims = new List <Claim>()
{
new Claim(JwtRegisteredClaimNames.Sub, user.Name),
new Claim(ClaimTypes.Sid, user.Id),
new Claim(JwtRegisteredClaimNames.Email, user.Email),
new Claim(JwtRegisteredClaimNames.Jti, Guid.NewGuid().ToString())
};
if (roles.Any())
{
claims.Add(new Claim(ClaimTypes.Role, string.Join(",", roles)));
}
var key = new SymmetricSecurityKey(Encoding.UTF8.GetBytes(_jwtOptions.SigningKey));
var credentials = new SigningCredentials(key, SecurityAlgorithms.HmacSha256);
var expires = DateTime.Now.AddHours(1);
var accessToken = new JwtSecurityToken(issuer: _jwtOptions.Issuer,
audience: _jwtOptions.Site,
claims: claims,
expires: expires,
signingCredentials: credentials);
return(new TokenViewModel()
{
ExpireAt = expires,
Token = new JwtSecurityTokenHandler().WriteToken(accessToken)
});
}
public async Task <IActionResult> Login(LoginVM model)
{
if (ModelState.IsValid)
{
var result = await _signInManager.PasswordSignInAsync(model.UserNameSurname, model.Password, model.RememberMe, false);
if (result.Succeeded)
{
var user = await _userManager.FindByNameAsync(model.UserNameSurname);
var roles = await _userManager.GetRolesAsync(user);
if (roles.Contains("director"))
{
return(RedirectToAction("Index", "DirectorCabinet"));
}
if (roles.Contains("employee"))
{
return(RedirectToAction("Index", "Employee"));
}
if (roles.Contains("owner"))
{
return(RedirectToAction("Index", "Owner"));
}
return(View(model));
}
else
{
ModelState.AddModelError("", "Неправильний логін і (або) пароль.");
}
}
return(View(model));
}
public async Task <IActionResult> LoginAsync([FromBody] LoginModel model)
{
var hasCompany = false;
ApplicationUser user = await _userManager.FindByNameAsync(model.Username);
if (user != null && await _userManager.CheckPasswordAsync(user, model.Password))
{
IEnumerable <string> roles = await _userManager.GetRolesAsync(user);
List <Claim> authClaims = new List <Claim>
{
new Claim(JwtRegisteredClaimNames.Sub, user.UserName),
new Claim(JwtRegisteredClaimNames.Jti, Guid.NewGuid().ToString())
};
var authSigningKey = new SymmetricSecurityKey(Encoding.UTF8.GetBytes(Vars.TheSecretKey));
AddRolesToClaims(authClaims, roles);
var token = new JwtSecurityToken(
issuer: "http://e-bill.uz",
audience: "http://e-bill.uz",
expires: DateTime.Now.AddHours(3),
claims: authClaims,
signingCredentials: new SigningCredentials(authSigningKey, SecurityAlgorithms.HmacSha256)
);
return(Ok(new
{
token = new JwtSecurityTokenHandler().WriteToken(token),
expiration = token.ValidTo,
userName = String.Format("{0} {1} {2}", user.LastName, user.FirstName, user.FatherName),
}));;
}
return(Unauthorized());
}
/// <summary>
/// Метод генерации JWT токена, который действует, как Acess-токен
/// </summary>
/// <param name="user">Пользователь</param>
/// <returns></returns>
private async Task <string> GenerateJWT(User user)
{
// Далее делаем привязки
// Ищем роли пользователя
var userRoles = await _userManager.GetRolesAsync(user); // Ищет по айди пользователя
// Необходимо сделать привязки токена к пользователю
var claims = new List <Claim>
{
new Claim(ClaimsIdentity.DefaultNameClaimType, user.Email), // Логин к токену
};
// Добавляем список ролей
foreach (var item in userRoles)
{
claims.Add(new Claim(ClaimsIdentity.DefaultRoleClaimType, item));
}
// Делаем привязки
ClaimsIdentity claimsIdentity =
new ClaimsIdentity(claims, "Token", ClaimsIdentity.DefaultNameClaimType,
ClaimsIdentity.DefaultRoleClaimType);
// После этого создаем JWT Acess токен
var now = DateTime.UtcNow;
// создаем JWT-токен
var jwt = new JwtSecurityToken(
issuer: AuthOptions.ISSUER,
audience: AuthOptions.AUDIENCE,
notBefore: now,
claims: claimsIdentity.Claims, // Привязки
expires: now.Add(TimeSpan.FromMinutes(AuthOptions.LIFETIME)),
signingCredentials: new SigningCredentials(AuthOptions.GetSymmetricSecurityKey(), SecurityAlgorithms.HmacSha256));
return(new JwtSecurityTokenHandler().WriteToken(jwt)); // Возвращаем JWT - acess токен
}
//
// GET: /Users/Edit/1
public async Task <ActionResult> Edit(string id)
{
if (!Security.IsValid("/Admin/Users"))
{
return(Redirect("~/"));
}
if (id == null)
{
return(new HttpStatusCodeResult(HttpStatusCode.BadRequest));
}
var user = await UserManager.FindByIdAsync(id);
if (user == null)
{
return(HttpNotFound());
}
var userRoles = await UserManager.GetRolesAsync(user.Id);
return(View(new EditUserViewModel()
{
Id = user.Id,
Email = user.Email,
UserName = user.UserName,
FirstName = user.FirstName,
LastName = user.LastName,
MemberID = user.MemberID,
RolesList = RoleManager.Roles.ToList().Select(x => new SelectListItem()
{
Selected = userRoles.Contains(x.Name),
Text = x.Name,
Value = x.Name
})
}));
}
public async Task<ActionResult> DeleteConfirmed(string id) {
var roleStore = new RoleStore<IdentityRole>(db);
var roleManager = new RoleManager<IdentityRole>(roleStore);
var userStore = new UserStore<ApplicationUser>(db);
var userManager = new UserManager<ApplicationUser>(userStore);
if (ModelState.IsValid) {
if (id == null) {
return new HttpStatusCodeResult(HttpStatusCode.BadRequest);
}
var user = await userManager.FindByIdAsync(id);
// ev. 3parts inloggningar
var logins = user.Logins;
foreach (var login in logins.ToList()) {
await userManager.RemoveLoginAsync(login.UserId, new UserLoginInfo(login.LoginProvider, login.ProviderKey));
}
var rolesForUser = await userManager.GetRolesAsync(id);
if (rolesForUser.Count() > 0) {
foreach (var item in rolesForUser.ToList()) {
// item should be the name of the role
var result = await userManager.RemoveFromRoleAsync(user.Id, item);
}
}
if (user.Documents.Count() > 0) {
foreach (var doc in user.Documents.ToList()) {
db.Documents.Remove(doc);
}
}
await userManager.DeleteAsync(user);
return RedirectToAction("Index");
}
else {
return View();
}
}
//
// GET: /Users/Details/5
public async Task<ActionResult> Details(string id)
{
ApplicationDbContext db = new ApplicationDbContext();
var userStore = new UserStore<ApplicationUser>(db);
var roleStore = new RoleStore<ApplicationRole>(db);
var userManager = new UserManager<ApplicationUser>(userStore);
var roleManager = new RoleManager<ApplicationRole>(roleStore);
if (id == null)
{
return new HttpStatusCodeResult(HttpStatusCode.BadRequest);
}
var user = await userManager.FindByIdAsync(id);
ViewBag.RoleNames = await userManager.GetRolesAsync(user.Id);
return View(user);
}
