public DataAccessResponse <string> CreateUser(Dto.ApplicationUser userDto, string password, bool isAuthor) { var resp = new DataAccessResponse <string> { ResponseCode = ResponseCode.Fail }; bool userExists = true; if (string.IsNullOrEmpty(userDto.Email)) { userExists = _db.Users.Any(u => u.UserName == userDto.UserName); } else { userExists = _db.Users.Any(u => u.UserName == userDto.UserName || u.Email == userDto.Email); } if (userExists) { resp.ResponseMessage = ErrorMessage.UserExists; return(resp); } var userModel = new ApplicationUser { NameSurname = userDto.NameSurname, Email = userDto.Email ?? "", EmailConfirmed = userDto.EmailConfirmed, PhoneNumber = userDto.PhoneNumber, UserName = userDto.UserName, Status = userDto.Status, TwoFactorEnabled = userDto.ContactPermission, // contact permission field matched with twoFactorEnabled column PasswordHash = HashPassword(password), SecurityStamp = Guid.NewGuid().ToString() }; var newUser = _db.Users.Add(userModel); //if (isAuthor) //{ // var role = new IdentityUserRole // { // UserId = newUser.Id, // RoleId = DatabaseKey.ApplicationRoleId.Author // }; // newUser.Roles.Add(role); //} _db.SaveChanges(); resp.ResponseCode = ResponseCode.Success; resp.ResponseData = newUser.Id; return(resp); }
public async Task <ResponseBase> Register(ApplicationUser userDto, string password) { var resp = new ResponseBase { Type = ResponseType.Fail }; var userByName = await _userManager.FindByNameAsync(userDto.UserName); if (userByName != null) { resp.ErrorCode = ErrorCode.UserExists; return(resp); } var userByEmail = await _userManager.FindByEmailAsync(userDto.Email); if (userByEmail != null) { resp.ErrorCode = ErrorCode.UserExists; return(resp); } var userModel = new Dal.Entities.Identity.ApplicationUser { Id = userDto.Id, Email = userDto.Email ?? "", EmailConfirmed = userDto.EmailConfirmed, UserName = userDto.UserName, NameSurname = userDto.NameSurname, PasswordHash = HashPassword(password), SecurityStamp = Guid.NewGuid().ToString(), CreatedAt = userDto.CreatedAt }; await _userManager.CreateAsync(userModel); userDto.Id = userModel.Id; if (userDto.Id == null) { //not expected resp.ErrorCode = ErrorCode.ApplicationException; _logger.LogError(string.Format("New user {0} cannot be registered.", userDto.Email)); return(resp); } //log user registration _logger.LogInformation(string.Format("New user {0} has registered.", userDto.Id)); resp.Type = ResponseType.Success; return(resp); }
public async Task <DataResponse <string> > GetToken(ApplicationUser userDto, string password) { var resp = new DataResponse <string> { Type = ResponseType.Fail }; Dal.Entities.Identity.ApplicationUser user; if (userDto.UserName.Contains("@")) // login via email { user = await _userManager.FindByEmailAsync(userDto.Email); } else // login via username { user = await _userManager.FindByNameAsync(userDto.UserName); } if (user == null) { resp.ErrorCode = ErrorCode.UserNotFound; resp.Type = ResponseType.RecordNotFound; return(resp); } var isPasswordValid = await _userManager.CheckPasswordAsync(user, password); if (!isPasswordValid) { resp.ErrorCode = ErrorCode.IncorrectUsernameOrPassword; return(resp); } //get user roles var roles = await _userManager.GetRolesAsync(user); //get user claims var claims = await _userManager.GetClaimsAsync(user); userDto.Email = user.Email; userDto.PhoneNumber = user.PhoneNumber; userDto.Id = user.Id; userDto.Roles = roles; userDto.Claims = claims.ToDictionary(p => p.Type, p => p.Value); var token = GenerateToken(userDto); resp.Data = token; resp.Type = ResponseType.Success; return(resp); }
public int Edit(Dto.ApplicationUser user) { var userModel = _db.Users.Single(u => u.Id == user.Id); userModel.NameSurname = user.NameSurname; //userModel.Email = user.Email; //userModel.PhoneNumber = user.PhoneNumber; //userModel.Status = user.Status; _db.Entry(userModel).State = System.Data.Entity.EntityState.Modified; return(_db.SaveChanges()); }
private string GenerateToken(ApplicationUser user) { var handler = new JwtSecurityTokenHandler(); List <Claim> claims = new List <Claim>(); foreach (var userRole in user.Roles) { var roleIdentifierClaim = new Claim(ClaimTypes.Role, userRole, ClaimValueTypes.String); claims.Add(roleIdentifierClaim); } var nameIdentifierClaim = new Claim(ClaimTypes.NameIdentifier, user.Id.ToString(), ClaimValueTypes.String); var emailClaim = new Claim(ClaimTypes.Email, user.Email, ClaimValueTypes.String); var phoneClaim = new Claim(ClaimTypes.MobilePhone, user.PhoneNumber ?? "", ClaimValueTypes.String); claims.Add(new Claim("id", user.Id.ToString())); claims.Add(new Claim("username", user.UserName)); claims.Add(nameIdentifierClaim); claims.Add(emailClaim); claims.Add(phoneClaim); foreach (var userClaim in user.Claims) { var id = GetClaimId(userClaim.Value); claims.Add(new Claim(string.Format(":{0}:", id), id)); } ClaimsIdentity identity = new ClaimsIdentity(new GenericIdentity(user.Email, "Token"), claims); var securityToken = handler.CreateToken(new SecurityTokenDescriptor { Issuer = JwtTokenConstants.Issuer, Audience = JwtTokenConstants.Audience, SigningCredentials = JwtTokenConstants.SigningCredentials, Subject = identity, Expires = DateTime.Now.Add(JwtTokenConstants.TokenExpirationTime), NotBefore = DateTime.Now }); return(handler.WriteToken(securityToken)); }
public Dto.ApplicationUser GetUserInfo(string userId) { var query = _db.Users.FirstOrDefault(u => u.Id == userId); if (query == null) { return(null); } var user = new Dto.ApplicationUser { Id = userId, NameSurname = query.NameSurname, Email = query.Email, UserName = query.UserName, PhoneNumber = query.PhoneNumber }; return(user); }