Esempio n. 1
0
        public async Task <ActionResult> UpdateUserInfo(int id, [FromBody] UserProfileUpdateModel model)
        {
            return(await Execute(async operation =>
            {
                var portalPermissions = (PortalPermission)(UserPermissions.FirstOrDefault(item => item.PermissionGroupId == 1)?.Permissions ?? 0);
                if (UserId != id && (portalPermissions & PortalPermission.ManageUserProfiles) == 0)
                {
                    throw CommonExceptions.AccessDenied(operation, StatusCodes.Status403Forbidden);
                }

                var entity = model.ToEntity(id);
                await userService.UpdateUserProfile(operation, entity);
            }));
        }
        public async Task <ActionResult <UserAuthorizationModel> > VerifyAuthentication() => await Execute(async operation =>
        {
            var userId = AuthenticationUtils.GetUserId(User.Claims);
            if (userId == null)
            {
                throw CommonExceptions.AccessDenied(operation, StatusCodes.Status401Unauthorized);
            }

            if (!await authenticationService.IsUserActivated(operation, userId.Value))
            {
                throw CommonExceptions.AccessDenied(operation, StatusCodes.Status401Unauthorized, true);
            }

            return(new UserAuthorizationModel
            {
                Id = userId.Value,
                Permissions = AuthenticationUtils.GetUserPermissions(User.Claims)
            });
        });
        public async Task <RawJwtToken> RefreshToken(IOperation operation, string accessToken, string refreshToken)
        {
            var principal = GetClaimsPrincipalDataFromToken(operation, accessToken);
            var claims    = principal.Claims.ToList();
            var id        = AuthenticationUtils.GetUserId(claims) ?? throw CommonExceptions.FailedToReadAuthenticationDataFromClaims(operation);

            if (!await userDataStore.IsUserActivated(operation, id))
            {
                throw CommonExceptions.AccessDenied(operation, StatusCodes.Status401Unauthorized, true);
            }

            var refreshTokenId = await userDataStore.GetRefreshTokenId(operation, id, refreshToken);

            if (!refreshTokenId.HasValue)
            {
                throw CommonExceptions.RefreshTokensAreDifferent(operation);
            }

            var user = await userDataStore.GetUserIdentityClaimsById(operation, id);

            if (user == null)
            {
                throw CommonExceptions.AuthenticationFailed(operation);
            }

            var identity = GetIdentity(user);

            var token = new RawJwtToken
            {
                AccessToken  = GenerateAccessToken(identity.Claims.ToList()),
                RefreshToken = AuthenticationUtils.GenerateRefreshToken()
            };

            await userDataStore.UpdateRefreshToken(operation, refreshTokenId.Value, token.RefreshToken);

            return(token);
        }