public static string GenerateToken(UserIdentityDto user, int expireDays = 1, int expireHours = 0)
{
var symmetricKey = Convert.FromBase64String(Secret);
var tokenHandler = new JwtSecurityTokenHandler();
var now = DateTime.UtcNow;
var tokenDescriptor = new SecurityTokenDescriptor
{
Subject = new ClaimsIdentity(new[]
{
new Claim("Id", user.Id.ToString()),
new Claim("EmailConfirmed", user.EmailConfirmed.ToString()),
new Claim(ClaimTypes.Email, user.Email),
new Claim(ClaimTypes.Name, user.FirstName + " " + user.LastName),
new Claim(ClaimTypes.Role, user.Role)
}),
Expires = now.AddDays(expireDays).AddHours(expireHours),
SigningCredentials = new SigningCredentials(new SymmetricSecurityKey(symmetricKey), SecurityAlgorithms.HmacSha256Signature)
};
var stoken = tokenHandler.CreateToken(tokenDescriptor);
var token = tokenHandler.WriteToken(stoken);
return(token);
}
public async Task <HttpResponseMessage> SendEmailConfirmLinkAsync([FromBody] EmailDto emailModel, string emailConfirmLink)
{
try
{
if (emailConfirmLink == null)
{
return(Request.CreateErrorResponse(HttpStatusCode.BadRequest, "Email confirmation link not found"));
}
if (ModelState.IsValid)
{
UserIdentityDto user = await userService.GetByEmailAsync(emailModel.Email);
if (user == null)
{
return(Request.CreateErrorResponse(HttpStatusCode.NoContent, "User not found"));
}
if (user.EmailConfirmed)
{
return(Request.CreateErrorResponse(HttpStatusCode.Forbidden, "Email already confirmed"));
}
string token = JwtManager.GenerateToken(user, 0, 1);
await EmailService.SendConfirmPasswordEmail(user.Email, token, emailConfirmLink);
return(Request.CreateResponse(HttpStatusCode.OK, "Token successfully sent"));
}
return(Request.CreateErrorResponse(HttpStatusCode.BadRequest, "Email is not valid"));
}
catch (EntityException e)
{
return(Request.CreateErrorResponse(HttpStatusCode.BadRequest, e));
}
}
public async Task <HttpResponseMessage> ConfirmEmailAsync(string token)
{
try
{
if (JwtAuthenticationAttribute.ValidateToken(token, out string userEmail))
{
UserIdentityDto user = await userService.GetByEmailAsync(userEmail);
if (user == null)
{
return(Request.CreateErrorResponse(HttpStatusCode.NoContent, "User not found"));
}
if (await userService.ConfirmEmailByIdAsync(user.Id))
{
return(Request.CreateResponse(HttpStatusCode.OK, "Email confirmed"));
}
return(Request.CreateErrorResponse(HttpStatusCode.BadRequest, "Confirmation error"));
}
return(Request.CreateErrorResponse(HttpStatusCode.BadRequest, "Token no longer valid"));
}
catch (EntityException e)
{
return(Request.CreateErrorResponse(HttpStatusCode.InternalServerError, e));
}
}
public async ThreadTask.Task <IEnumerable <UserIdentityDto> > GetUsersNotInGroupAsync(int groupId)
{
Group group = await db.Groups.GetAsync(groupId);
if (group == null)
{
return(null);
}
var usersNotInGroup = await db.Users.GetUsersNotInGroupAsync(groupId);
if (usersNotInGroup == null)
{
return(null);
}
var usersNotInGroupList = new List <UserIdentityDto>();
foreach (var user in usersNotInGroup)
{
var rdDto = new UserIdentityDto(user.Email,
null,
user.Id,
user.FirstName,
user.LastName,
user.Role.Name,
user.Blocked,
user.Email_Confirmed);
if (!usersNotInGroupList.Contains(rdDto))
{
usersNotInGroupList.Add(rdDto);
}
}
return(usersNotInGroupList);
}
public async ThreadTask.Task GetUserByEmail_ShouldReturnNull()
{
uowMock.SetupGet(u => u.Users).Returns(userRepositoryMock.Object);
uowMock.Setup(u => u.Users.GetByEmailAsync(It.IsAny <string>())).ReturnsAsync((User)null);
//arrange
string userEmail = "*****@*****.**";
//act
UserIdentityDto result = await userService.GetByEmailAsync(userEmail);
//assert
Assert.IsNull(result);
}
public UserIdentityDto GetUserByIdentity(string identity)
{
UserIdentity user = _userRepository.GetUserByIdentity(identity);
if (user != null)
{
UserIdentityDto userDto = new UserIdentityDto();
userDto.Id = user.Id;
userDto.Identification = user.Identification;
userDto.UserType = user.UserType;
return(userDto);
}
return(null);
}
public async Task <IActionResult> Register([FromBody] UserIdentityDto request)
{
var authResponse = await _identityService.RegisterAsync(request.Email, request.Password);
if (!authResponse.IsSuccess)
{
return(this.BadRequest(new IdentityFailedResponse
{
Errors = authResponse.Errors
}));
}
return(this.Ok(new IdentitySuccessResponse
{
Token = authResponse.Token
}));
}
public async ThreadTask.Task GetUserByEmail_ShouldReturnUserByEmail()
{
//arrange
string userEmail = "*****@*****.**";
uowMock.SetupGet(u => u.Users).Returns(userRepositoryMock.Object);
uowMock.Setup(u => u.Users.GetByEmailAsync(It.IsAny <string>())).ReturnsAsync(new User()
{
Email = userEmail, Role = new Role()
});
//act
UserIdentityDto result = await userService.GetByEmailAsync(userEmail);
//assert
Assert.IsNotNull(result);
Assert.AreEqual(userEmail, result.Email);
Assert.AreSame(result.GetType(), typeof(UserIdentityDto));
}
protected async Task <IPrincipal> AuthenticateJwtTokenAsync(string token)
{
if (ValidateToken(token, out string email, out string userrole))
{
UserIdentityDto userDTO = await userService.GetByEmailAsync(email);
var claims = new List <Claim>
{
new Claim(ClaimTypes.Role, userrole),
new Claim("Id", userDTO.Id.ToString()),
new Claim(ClaimTypes.Name, userDTO.FirstName)
};
var identity = new ClaimsIdentity(claims, "Jwt");
IPrincipal user = new ClaimsPrincipal(identity);
return(await Task.FromResult(user));
}
return(await Task.FromResult <IPrincipal>(null));
}
public UserIdentityDto AuthenticateIndividualCustomer(string identity, string password)
{
var repository = new SIRepository();
var customerRepository = new SICustomerRepository();
var userRepository = new SIUserRepository();
var hashProvider = new SIHashProvider();
IDtoCreator <UserIdentity, UserIdentityDto> identityCreator = new UserIdentityDtoCreator();
hashProvider.HashString = (x) => x;
customerRepository.GetCustomerByIdentityString = (x) => _customers.SingleOrDefault(c => c.Identification == x);
//act
UserServices userServices = new UserServices(customerRepository, repository, null, hashProvider, identityCreator);
UserIdentityDto result = userServices.AuthenticateUser(identity, password);
//assert
PexAssert.Case(identity == _customers[0].Identification && password == _customers[0].Password)
.Implies(() => result.Email == _customers[0].Email);
return(result);
}
void EndGetCurrentUser(IAsyncResult e)
{
UserIdentityDto userIdentity = UserService.EndGetCurrentUser(e);
//there is a logged user
if (userIdentity != null)
{
Dispatcher.BeginInvoke(() =>
{
//load the referential data
ReferentialDataViewModel vm = App.Current.Resources["Referential"] as ReferentialDataViewModel;
vm.LoadData();
LogoutButton.Visibility = System.Windows.Visibility.Visible;
CustomerHome customer = new CustomerHome();
customer.DataContext = new CustomerViewModel(userIdentity.Id);
MainContent.Content = customer;
});
}
else
{
OpenLoginPage();
}
}
public AuthenticationDataDto(string token, UserIdentityDto user)
{
Token = token;
User = user;
}
