public async Task ExecuteAsync(CancellationToken cancellationToken = default) { try { var users = await _userManager.Users.Select(x => x.UserName) .ToListAsync(cancellationToken); (await _employeesService.GetEmployeesPageAsync(0, int.MaxValue)) .Where(x => x.IsActive && !users.Contains(x.Sn.ToString())) .ToList().ForEach(employee => { var user = new IdentityUser { Role = IdentityUser.UserRole.Standard, Email = employee.Email, EmpId = employee.Sn, UserName = employee.Sn.ToString() }; const string password = "******"; //TODO try { _userManager.CreateAsync(user, password).Wait(cancellationToken); _logger.LogDebug($"User Added in startup:${user.Email} with empId={user.EmpId},role= {user.Role}"); } catch (Exception error) { _logger.LogError($"Failed to create an user({user.Email}) in startup, error:{error.Message}"); } }); } catch (Exception error) { _logger.LogError($"Failed to create users in startup, error:{error.Message}"); } }
private async Task <IdentityUser[]> FakeUsers(IEnumerable <EmployeeEntity> employees, string password = "******") { foreach (var employee in employees) { var user = new IdentityUser { Email = employee.Email, EmpId = employee.Sn, UserName = employee.Sn.ToString() }; await _userManager.CreateAsync(user, password); } return(await _dbContext.IdentityUsers.ToArrayAsync()); }
public async Task CreateUserAsync(string creatorUserName, UserRegistrationRequest userRegistrationRequest) { //check creator permissions var creator = await _userManager.FindByNameAsync(creatorUserName); if (creator == null) { throw new IllegalArgumentException(CreatorDontExistMsg); } //only manager or admin can create new user if (creator.Role != IdentityUser.UserRole.Admin && creator.Role != IdentityUser.UserRole.Manager) { throw new InvalidCredentialException(CreatorDontHavePermission); } //only admin can create new admin if (creator.Role != IdentityUser.UserRole.Admin && userRegistrationRequest.Role == IdentityUser.UserRole.Admin) { throw new InvalidCredentialException(CreatorDontHavePermissionAdminCanCreateAdmin); } //check if the user already exist if (await _userManager.FindByNameAsync(userRegistrationRequest.Username) != null) { throw new IllegalArgumentException(UserAlreadyExist); } //check if register by email or by empSn var emailValidator = new EmailValidator(); if ((await emailValidator.ValidateAsync(userRegistrationRequest.Username.Trim())).IsValid) { var email = userRegistrationRequest.Username.Trim(); //register by email - get employee's Sn userRegistrationRequest.Username = (await _dalService.CreateUnitOfWork().Employees .SingleOrDefaultAsync(x => x.IsActive && x.Email == email)).Sn.ToString(); } //check if the user have matching employee var emp = await _dalService.CreateUnitOfWork() .Employees.SingleOrDefaultAsync(x => x.Sn.ToString() == userRegistrationRequest.Username); if (emp == null) { throw new IllegalArgumentException(EmployeeNotExist); } var newUser = new IdentityUser { Role = userRegistrationRequest.Role, UserName = userRegistrationRequest.Username, EmpId = emp.Sn }; var createdUserResult = await _userManager.CreateAsync(newUser, userRegistrationRequest.Password); if (!createdUserResult.Succeeded) { throw new IllegalArgumentException(createdUserResult.Errors .Select(x => x.Description).Aggregate((s1, s2) => $"{s1},{s2}")); } //user created successfully }
private async Task <AuthenticationResult> GenerateAuthenticationResultForUser(IdentityUser user) { using var transaction = _dalService.CreateUnitOfWork(); var emp = await transaction.Employees.SingleOrDefaultAsync(x => x.Sn == user.EmpId); if (emp == null || !emp.IsActive) { throw new InvalidStateException("This user is inactive"); } //generate user's claims var claims = new List <Claim> { new Claim(JwtRegisteredClaimNames.Sub, user.UserName), new Claim(JwtRegisteredClaimNames.Jti, Guid.NewGuid().ToString()), new Claim(AuthenticationResult.UserIdClaimTag, user.Id.ToString()), new Claim(AuthenticationResult.UserRoleClaimTag, user.Role.ToString()), new Claim(AuthenticationResult.EmployeeSnClaimTag, emp.Sn.ToString()), }; if (emp.Email != null) { claims.Add(new Claim(JwtRegisteredClaimNames.Email, emp.Email)); } //Generate token and refresh token: //generate token var tokenDescriptor = new SecurityTokenDescriptor { Subject = new ClaimsIdentity(claims), Issuer = null, // Not required as no third-party is involved Audience = null, // Not required as no third-party is involved IssuedAt = DateTime.UtcNow, NotBefore = DateTime.UtcNow, Expires = DateTime.UtcNow.AddTicks(_jwtSettings.TokenLifetime.Ticks), SigningCredentials = new SigningCredentials(_jwtSettings.PrivateSigningSecretKey, SecurityAlgorithms.HmacSha256Signature) }; var jwtTokenHandler = new JwtSecurityTokenHandler(); var jwtToken = jwtTokenHandler.CreateJwtSecurityToken(tokenDescriptor); var token = jwtTokenHandler.WriteToken(jwtToken); //generate refresh token var refreshToken = new RefreshToken { //Key = Guid.NewGuid().ToString(),//TODO AUTO GENERATE JwtId = jwtToken.Id, UserId = user.Id, CreationDate = DateTime.UtcNow, ExpiryDate = DateTime.UtcNow.AddDays(_jwtSettings.RefreshTokenLifetimeDays) }; //save the refresh token and get the generated token's key refreshToken = await transaction.RefreshTokens.AddAsync(refreshToken); await transaction.CompleteAsync(); //generate success response return(new AuthenticationResult { Token = token, RefreshToken = refreshToken.Key, }); }