public async Task <IActionResult> Register(UserRegisterDto data)
{
User user = await _userSVC.FindOneAsync(x => x.Username.ToLower().Equals(data.UserName.ToLower()));
if (user == null)
{
user = new User();
user.Username = data.UserName;
user.FirstName = data.FirstName;
user.LastName = data.LastName;
user.Password = data.Password.Encrypt();
//user.Token = randomTokenString();
//user.Active = false;
var res = await _userSVC.AddUserAsync(user);
//sendVerifyAccountUrl(data.UserName, data.Password, user.ResetToken);
response.Success = true;
response.Message = "لیک فعال سازی حساب کاربری شما به ایمل شما ارسال گرددید";
}
else
{
response.Success = false;
response.Message = "حساب کاربری واردشده در سامانه موجود می باشد";
}
ViewData["response"] = response;
return(View());
}
public async Task <IActionResult> Login(SaveLoginDto data)
{
User user = await _userSVC.FindOneAsync(x => x.Username.ToLower().Equals(data.UserName.ToLower()));
if (user != null)
{
//var d = data.Password.Encrypt();
if (data.Password.ToLower().Equals(user.Password.Decrypt().ToLower()))
{
response.Success = true;
var token = await CreateToken(user);
//response.Data = token;
HttpContext.Session.SetString("JWToken", token);
var userAccessUrls = (from u in await _userSVC.GetManyUsersAsync(x => x.Id == user.Id)
join ur in await _userRolesSVC.GetAllUserRolesAsync() on u.Id equals ur.UserId
join r in await _roleSVC.GetAllRolesAsync() on ur.RoleId equals r.Id
join ra in await _roleAccessSVC.GetAllRoleAccessAsync() on r.Id equals ra.RoleId
join al in await _accessLinkSVC.GetAllAccessLinksAsync() on ra.AccessLinkId equals al.Id
where u.Id == user.Id
select new AccessUrlViewModel
{
Link = $"/{al.Controller}/{al.Action}"
}).ToList();
HttpContext.Session.SetComplexData("UserAccessUrls", userAccessUrls);
//HttpContext.Request.Headers.Add("Authorization", $"Bearer {response.Token}");
//_httpContextAccessor.HttpContext.Response.Cookies.Append("access_token", response.Token, new CookieOptions { HttpOnly = true, Secure = true });
//return new JsonResult(response);
return(RedirectToAction("Index", "Home", new { area = "" }));
}
else
{
response.Success = false;
response.Message = "نام کاربری یا کلمه عبور اشتباه می باشد";
}
}
else
{
response.Success = false;
response.Message = "کاربری با مشخصات وارد شده یافت نشد";
}
//return new JsonResult(response);
ViewData["response"] = response;
return(View());
}
private async Task <string> CreateToken(User user)
{
List <Claim> claims = new List <Claim>
{
new Claim(ClaimTypes.NameIdentifier, user.Id.ToString()),
new Claim(ClaimTypes.Email, user.Username),
new Claim(ClaimTypes.Name, user.FirstName + " " + user.LastName),
//new Claim("FullName", user.FirstName+" "+user.LastName),
};
//########################
var userRoles = await _userRolesSVC.GetManyUserRolesAsync(r => r.UserId == user.Id);
var userRoleIds = userRoles.Select(s => s.RoleId);
var urIds = string.Join(',', userRoleIds);
claims.Add(new Claim(ClaimTypes.Role, urIds));
//var adminRole = userRoles.FirstOrDefault(x => x.RoleId == (decimal)EnumRole.ADMIN);
//if (adminRole != null)
//{
// claims.Add(new Claim(ClaimTypes.Role, adminRole.RoleId.ToString()));
//}
//else
//{
// userRoles.ToList().ForEach(ur =>
// {
// claims.Add(new Claim(ClaimTypes.Role, ur.RoleId.ToString()));
// });
// var roleAccess = await _roleAccessSVC.GetManyRoleAccessAsync(l => userRoleIds.Contains(l.RoleId));
// var accessLinkIds = roleAccess.Select(ss => ss.AccessLinkId);
// var accessLinks = await _accessLinkSVC.GetManyAccessLinksAsync(al => accessLinkIds.Contains(al.Id));
// accessLinks = accessLinks.Distinct();
// //List<Claim> claimLinks = new List<Claim>();
// //roleAccess.ToList().ForEach(al => {
// // claimLinks.Add(new Claim(ClaimTypes.Uri ,$"/{al.AccessLink.}/{}");
// //});
//}
//########################
SymmetricSecurityKey key = new SymmetricSecurityKey(
Encoding.UTF8.GetBytes(_configuration.GetSection("Jwt:Secret").Value)
);
SigningCredentials creds = new SigningCredentials(key, SecurityAlgorithms.HmacSha512Signature);
SecurityTokenDescriptor tokenDescriptor = new SecurityTokenDescriptor
{
Subject = new ClaimsIdentity(claims),
Issuer = _configuration.GetSection("Jwt:Issuer").Value,
Audience = _configuration.GetSection("Jwt:Audience").Value,
NotBefore = new DateTimeOffset(DateTime.Now).DateTime,
Expires = DateTime.Now.AddMinutes(30),
SigningCredentials = creds
};
JwtSecurityTokenHandler tokenHandler = new JwtSecurityTokenHandler();
SecurityToken token = tokenHandler.CreateToken(tokenDescriptor);
return(tokenHandler.WriteToken(token));
}
