Esempio n. 1
0
        public IActionResult CreateLocation([FromBody] LocationResource LocationResource)
        {
            var location = mapper.Map <LocationResource, Location>(LocationResource);

            try {
                db.Locations.Add(location);
                db.SaveChanges();
                return(Ok(mapper.Map <Location, LocationResource>(location)));
            } catch {
                return(StatusCode(501));
            }
        }
Esempio n. 2
0
        public IActionResult CreateUser([FromBody] UserResource UserResource)
        {
            var user = mapper.Map <UserResource, User>(UserResource);

            byte[] salt = new byte[128 / 8];
            using (var rng = RandomNumberGenerator.Create()){
                rng.GetBytes(salt);
            }

            string hashed = Convert.ToBase64String(KeyDerivation.Pbkdf2(
                                                       password: user.Password,
                                                       salt: System.Text.Encoding.ASCII.GetBytes(user.Username),
                                                       prf: KeyDerivationPrf.HMACSHA1,
                                                       iterationCount: 10000,
                                                       numBytesRequested: 256 / 8));

            user.Password = hashed;
            db.Users.Add(user);
            db.SaveChanges();
            return(Ok(mapper.Map <User, UserResource>(user)));
        }
Esempio n. 3
0
        private async Task GenerateToken(HttpContext context)
        {
            var username = context.Request.Form["username"];
            var password = context.Request.Form["password"];


            User user = Login(username, password);

            if (user == null)
            {
                context.Response.StatusCode = 200;
                await context.Response.WriteAsync("{}");

                return;
            }

            LoginLog loginlog = new LoginLog();

            loginlog.Date      = DateTime.Now;
            loginlog.UserId    = user.Id;
            loginlog.IpAddress = context.Connection.RemoteIpAddress.ToString();

            db.LoginLogs.Add(loginlog);
            db.SaveChanges();

            var          now    = DateTime.UtcNow;
            List <Claim> claims = new List <Claim>();

            claims.Add(new Claim(JwtRegisteredClaimNames.Sub, username));
            claims.Add(new Claim(JwtRegisteredClaimNames.Jti, Guid.NewGuid().ToString()));
            claims.Add(new Claim(JwtRegisteredClaimNames.Iat, DateTimeOffset.UtcNow.ToUnixTimeSeconds().ToString(), ClaimValueTypes.Integer64));


            List <Role> Roles = new List <Role>();

            Roles = db.Roles.Where(r => r.UserId.Equals(user.Id)).ToList();


            foreach (Role r in Roles)
            {
                claims.Add(new Claim(ClaimTypes.Role, r.RoleName));
            }

            var jwt = new JwtSecurityToken(
                issuer: _options.Issuer,
                audience: _options.Audience,
                claims: claims,
                notBefore: now,
                expires: now.Add(_options.Expiration),
                signingCredentials: _options.SigningCredentials
                );



            var encodedJwt = new JwtSecurityTokenHandler().WriteToken(jwt);

            var response = new
            {
                token    = encodedJwt,
                expires_ = (int)_options.Expiration.TotalSeconds
            };

            context.Response.ContentType = "application/json";
            await context.Response.WriteAsync(JsonConvert.SerializeObject(response, new JsonSerializerSettings {
                Formatting = Formatting.Indented
            }));
        }