public bool ValidateRoles(ClaimsPrincipal User, string[] Roles) { SortedSet <string> UserRoles = null; UserRoles = new SortedSet <string>(RolesRepository.GetRolesOfUser(User.GetId()).Select(u => u.Name)); foreach (string Role in Roles) { if (!UserRoles.Contains(Role)) { return(false); } } return(true); }
public User GenerateToken(User user) { JwtSecurityTokenHandler tokenHandler = new JwtSecurityTokenHandler(); var key = Encoding.ASCII.GetBytes(options.Value.Secret); var Claims = new List <Claim> { new Claim(ClaimTypes.Name, user.Email.ToLower()), new Claim("Id", user.Id.ToString()), new Claim("DateIssued", DateTime.UtcNow.ToString()) }; if (options.Value.ValidateRolesFromToken) { List <Claim> RoleClaims = null, PermissionClaims = null; Task.WaitAll( Task.Run(() => { RoleClaims = new List <Claim>(from role in rolesRepository.GetRolesOfUser(user.Id) select new Claim(ClaimTypes.Role, role.Name)); }), Task.Run(() => { PermissionClaims = new List <Claim>( from permission in permissionsRepository.GetPermissionsOfUser(user.Id) select new Claim("Permission", permission.Name)); }) ); Claims.AddRange(RoleClaims); Claims.AddRange(PermissionClaims); } SecurityTokenDescriptor tokenDescriptor = new SecurityTokenDescriptor { Subject = new ClaimsIdentity(Claims), Expires = DateTime.UtcNow.AddMinutes(options.Value.TokenExpirationMinutes), SigningCredentials = new SigningCredentials(new SymmetricSecurityKey(key), SecurityAlgorithms.HmacSha256Signature) }; SecurityToken token = tokenHandler.CreateToken(tokenDescriptor); user.Token = tokenHandler.WriteToken(token); user.Password = null; return(user); }