public override async Task <RegisterResponse> Register(RegisterRequest request, ServerCallContext context) { // Create the user var newUser = new User(Guid.NewGuid(), request.Username, request.Username, request.Password, request.Email, false); dbContext.Users.Add(newUser); // Create a social project whose project name is the new user Guid socialDomainId = SocialDomainId; var socialDomain = await dbContext.Domains.FirstAsync((domain) => domain.Id == socialDomainId); var newProject = new Project(Guid.NewGuid(), request.Username, socialDomain); dbContext.Projects.Add(newProject); // Assign the user into the project and grant admin role var projectAssignment = new UserProjectAssignment(Guid.NewGuid(), newUser, newProject, Identity.Domain.ValueObjects.UserRole.Admin); dbContext.UserProjectAssignments.Add(projectAssignment); // Assign the user into the social domain and grant member role var domainAssignment = new Identity.Domain.Entities.UserDomainAssignment(Guid.NewGuid(), newUser, socialDomain, Identity.Domain.ValueObjects.UserRole.Member); dbContext.UserDomainAssignments.Add(domainAssignment); // Save changes await dbContext.SaveChangesAsync(); // Return the scope (project scope) and token var token = jwtSettings.GenerateToken(new TokenClaims(false, true, newUser.Id.ToString(), socialDomainId.ToString(), newProject.Id.ToString(), projectAssignment.Id.ToString(), Shared.UserRole.Admin)); var scope = new Scope() { System = false, Role = Protos.Common.UserRole.Admin, DomainId = socialDomainId.ToString(), DomainName = socialDomain.Name, ProjectId = newProject.Id.ToString(), ProjectName = newProject.Name, UserProjectAssignmentId = projectAssignment.Id.ToString(), Social = true }; return(new RegisterResponse() { UserId = newUser.Id.ToString(), SocialProjectId = newProject.Id.ToString(), SocialDomainAssignmentId = domainAssignment.Id.ToString(), SocialProjectAssignmentId = projectAssignment.Id.ToString(), Scope = scope, Token = token, }); }
private string?Authenticate(User user, Scope scope) { if (scope.System) { if (!user.System) { return(null); } } // In gRPC there is no null value, the empty string means nothing else if (string.IsNullOrEmpty(scope.ProjectId)) { // disallow social domain login var domainIdGuid = Guid.Parse(scope.DomainId); if (domainIdGuid == Constants.SocialDomainId) { return(null); } // it's a domain scope, find whether the user has it var domain = user.Domains.FirstOrDefault(x => x.Domain.Id == domainIdGuid && (int)x.Role == (int)scope.Role); if (domain == null) { return(null); } } else { var project = user.Projects.FirstOrDefault(x => x.Project.Id == Guid.Parse(scope.ProjectId) && (int)x.Role == (int)scope.Role); if (project == null) { return(null); } } // auth successful. generate token according to token claims var claims = new TokenClaims(scope.System, scope.Social, user.Id.ToString(), scope.DomainId, scope.ProjectId, scope.UserProjectAssignmentId, (UserRole)scope.Role); return(jwtSettings.GenerateToken(claims)); }