public async Task <IHttpActionResult> CreateUser(CreateUserBinding newUser) { if (!ModelState.IsValid) { return(BadRequest(ModelState)); } var user = new IdentityUser(newUser.ClientId, newUser.UserName) { Email = newUser.Email, FirstName = newUser.FirstName, LastName = newUser.LastName, Level = 1, JoinDate = DateTime.Now.Date, }; var addUserResult = await JWTUserManager.CreateAsync(user, newUser.Password); if (!addUserResult.Succeeded) { return(GetErrorResult(addUserResult)); } var code = await JWTUserManager.GenerateEmailConfirmationTokenAsync(user.Id); var callbackUrl = new Uri(Url.Link("ConfirmEmailRoute", new { userId = user.Id, code = code })); await JWTUserManager.SendEmailAsync(user.Id, JWTAuthServerConstants.ConfirmMailSubject, string.Format(JWTAuthServerConstants.ConfirmMailBody, callbackUrl)); var locationHeader = new Uri(Url.Link("GetUserById", new { id = user.Id })); return(Created(locationHeader, EntityFactory.Create(user))); }
public async Task <IHttpActionResult> ChangePassword(ChangePasswordBinding changedPassword) { if (!ModelState.IsValid) { return(BadRequest(ModelState)); } var requestingUserId = User.Identity.GetUserId(); var result = await JWTUserManager.ChangePasswordAsync( User.Identity.GetUserId(), changedPassword.OldPassword, changedPassword.NewPassword); if (!result.Succeeded) { return(GetErrorResult(result)); } var changingUser = JWTUserManager.FindById(requestingUserId); var client = JWTClientManager.FindById(changingUser.ClientId); JWTMailer.Send(changingUser.Email, JWTAuthServerConstants.PasswordChangeMailSubject, string.Format(JWTAuthServerConstants.PasswordChangeMailBody, client.Name)); return(Ok()); }
public async Task <IHttpActionResult> ConfirmEmail(string userId = "", string code = "") { if (string.IsNullOrWhiteSpace(userId) || string.IsNullOrWhiteSpace(code)) { ModelState.AddModelError("", JWTAuthServerConstants.UserIdAndCode); return(BadRequest(ModelState)); } var result = await JWTUserManager.ConfirmEmailAsync(userId, code); if (result.Succeeded) { // Assigning the default user role when successfully confirming the email // so the user will have the default rights to access the API. await JWTUserManager.AddToRoleAsync(userId, ConfigurationManager.AppSettings["JWTServer.InitialUserRole"]); var confirmedUser = JWTUserManager.FindById(userId); var client = JWTClientManager.FindById(confirmedUser.ClientId); JWTMailer.Send(confirmedUser.Email, JWTAuthServerConstants.ConfirmResponseMailSubject, string.Format(JWTAuthServerConstants.ConfirmResponseMailBody, client.Name)); return(Ok()); } else { return(GetErrorResult(result)); } }
public async Task <IHttpActionResult> GetUserByName(string username) { var user = await JWTUserManager.FindByNameAsync(username); if (user != null) { return(Ok(EntityFactory.Create(user))); } return(NotFound()); }
public async Task <IHttpActionResult> AssignRolesToUser( [FromUri] string id, [FromBody] string[] rolesToAssign) { var user = await JWTUserManager.FindByIdAsync(id); if (user == null) { return(NotFound()); } var currentRoleSet = JWTRoleManager.Roles .Where(r => r.ClientId == user.ClientId || r.ClientId == null) .ToList(); var currentUserRolesList = await JWTUserManager.GetRolesAsync(user.Id); var currentUserRoles = currentUserRolesList.List; var nonExistingRoles = rolesToAssign.Except(currentRoleSet.Select(r => r.Name)).ToArray(); if (nonExistingRoles.Any()) { ModelState.AddModelError("", string.Format(JWTAuthServerConstants.RolesDontExist, string.Join(",", nonExistingRoles))); return(BadRequest(ModelState)); } var removeResult = await JWTUserManager.RemoveFromRolesAsync(user.Id, currentUserRoles.Select(r => r.Name).ToArray()); if (!removeResult.Succeeded) { ModelState.AddModelError("", JWTAuthServerConstants.RoleRemoveFailed); return(BadRequest(ModelState)); } var addResult = await JWTUserManager.AddToRolesAsync(user.Id, rolesToAssign); if (!addResult.Succeeded) { ModelState.AddModelError("", JWTAuthServerConstants.RoleAddFailed); return(BadRequest(ModelState)); } return(Ok()); }
private JObject GenerateLocalAccessTokenResponse(IdentityUser user) { var tokenExpiration = TimeSpan.FromHours(1); var identity = new ClaimsIdentity(OAuthDefaults.AuthenticationType); identity.AddClaim(new Claim(ClaimTypes.Name, user.UserName)); identity.AddClaim(new Claim(ClaimTypes.Email, user.Email)); //Get all assigned claims and add them var userClaims = JWTUserManager.GetClaims(user.Id); foreach (var userClaim in userClaims) { identity.AddClaim(new Claim(userClaim.Type, userClaim.Value)); } //Get all assigned roles and add them as claims var userRoles = JWTUserManager.GetRoles(user.Id); foreach (var userRole in userRoles) { identity.AddClaim(new Claim(ClaimTypes.Role, userRole)); } var props = new AuthenticationProperties() { IssuedUtc = DateTime.UtcNow, ExpiresUtc = DateTime.UtcNow.Add(tokenExpiration), }; var ticket = new AuthenticationTicket(identity, props); var accessToken = StartUpExtensions.OAuthBearerOptions.AccessTokenFormat.Protect(ticket); var tokenResponse = new JObject( new JProperty("userName", user.UserName) , new JProperty("access_token", accessToken) , new JProperty("token_type", "bearer") , new JProperty("expires_in", tokenExpiration.TotalSeconds.ToString()) , new JProperty(".issued", ticket.Properties.IssuedUtc.ToString()) , new JProperty(".expires", ticket.Properties.ExpiresUtc.ToString()) ); return(tokenResponse); }
public async Task <IHttpActionResult> DeleteUser(string id) { var appUser = await JWTUserManager.FindByIdAsync(id); if (appUser != null) { var result = await JWTUserManager.DeleteAsync(appUser); if (!result.Succeeded) { return(GetErrorResult(result)); } return(Ok()); } return(NotFound()); }
public async Task <IHttpActionResult> RegisterExternal(RegisterExternalBindingModel model) { if (!ModelState.IsValid) { return(BadRequest(ModelState)); } var verifiedAccessToken = await VerifyExternalAccessToken(model.Provider, model.ExternalAccessToken); if (verifiedAccessToken == null) { return(BadRequest("Invalid Provider or External Access Token")); } var user = await JWTUserLoginManager.FindUserByLoginAsync(new IdentityUserLogin() { LoginProvider = model.Provider, ProviderKey = verifiedAccessToken.user_id } ); var hasRegistered = user != null; if (hasRegistered) { return(BadRequest("External user is already registered")); } user = new IdentityUser(model.ClientId, model.UserName) { Email = model.EMail }; var result = await JWTUserManager.CreateAsync(user); if (!result.Succeeded) { return(GetErrorResult(result)); } var userRole = await JWTRoleManager.FindByNameAsync(IdentityConstants.User); if (userRole != null) { await JWTUserManager.AddToRoleAsync(user, userRole); } result = await JWTUserLoginManager.CreateAsync(new IdentityUserLogin() { UserId = user.Id , ClientId = user.ClientId , LoginProvider = model.Provider , ProviderKey = verifiedAccessToken.user_id } ); if (!result.Succeeded) { return(GetErrorResult(result)); } //generate access token response var accessTokenResponse = GenerateLocalAccessTokenResponse(user); return(Ok(accessTokenResponse)); }