public async Task <IActionResult> Login(
[HttpTrigger(AuthorizationLevel.Function, "post", Route = "AccountFunctionApi")] HttpRequest req,
ExecutionContext context)
{
var content = await new StreamReader(req.Body).ReadToEndAsync();
UserLogin userLogin = JsonSerializer.Deserialize <UserLogin>(content);
string responseMessage = string.Empty;
Users userDb = db.ValidateUserLogin(userLogin.Email, userLogin.Password);
if (userDb != null)
{
UserJWT user = new UserJWT()
{
Id = userDb.Id,
Name = userDb.Name,
Surname = userDb.Surname,
Surname2 = userDb.Surname2,
Email = userDb.Email,
IdRole = userDb.IdRole,
Rol = userDb.IdRoleNavigation.Name,
};
responseMessage = GenerarTokenJWT(user, context);
}
else
{
responseMessage = string.Empty;
}
return(new OkObjectResult(responseMessage));
}
private static bool ValidateToken(string token, out UserJWT user)
{
user = null;
var simplePrinciple = GetPrincipal(token);
var identity = simplePrinciple?.Identity as ClaimsIdentity;
if (identity == null)
{
return(false);
}
if (!identity.IsAuthenticated)
{
return(false);
}
try
{
user.Username = identity.FindFirst("Username")?.Value;
user.Password = identity.FindFirst("Password")?.Value;
user.SirketKodu = identity.FindFirst("SirketKodu")?.Value;
}
catch (Exception)
{
return(false);
}
// More validate to check whether username exists in system
return(true);
}
public async Task <IActionResult> Register(
[HttpTrigger(AuthorizationLevel.Function, "post", Route = "AccountFunctionApi/Register")] HttpRequest req,
ExecutionContext context)
{
var content = await new StreamReader(req.Body).ReadToEndAsync();
Users user = JsonSerializer.Deserialize <Users>(content);
user.IdRole = 2;
string responseMessage = String.Empty;
Users userDb = db.CreateUser(user);
if (userDb != null)
{
UserJWT userJwt = new UserJWT()
{
Id = userDb.Id,
Name = userDb.Name,
Surname = userDb.Surname,
Surname2 = userDb.Surname2,
Email = userDb.Email,
IdRole = userDb.IdRole,
Rol = "Client",
};
responseMessage = GenerarTokenJWT(userJwt, context);
}
else
{
responseMessage = String.Empty;
}
return(new OkObjectResult(responseMessage));
}
public bool CheckJWT(UserJWT jwt)
{
string username, password;
username = jwt.Username;
password = jwt.Password;
User user = CheckCreedientals(new LoginFormData()
{
Username = username, Password = password
});
if (user == null)
{
throw new Exception("\"Username\" or \"Şirket Kodu\" is invalid!");
}
else
{
if (user.SirketKodu == jwt.SirketKodu)
{
return(true);
}
else
{
throw new Exception("Şirket kodu hatalı!");
}
}
}
public ActionResult Login(String email, string password, string returnUrl)
{
string content = "{\"Email\":\"" + email + "\",\"Password\":\"" + password + "\"}";
string responseBody = this._clientService.PostResponse(this._configuration["AppSettings:ApiRest"] + "api/AccountApi", content).GetAwaiter().GetResult();
JwtSecurityTokenHandler hand = new JwtSecurityTokenHandler();
if (!string.IsNullOrEmpty(responseBody))
{
var tokenS = hand.ReadJwtToken(responseBody);
if (responseBody != null)
{
if (string.IsNullOrEmpty(HttpContext.Session.GetString("User")))
{
UserJWT userJWT = JsonConvert.DeserializeObject <UserJWT>(tokenS.Payload["UserJwt"].ToString());
UserDto userDto = new UserDto();
userDto.Email = userJWT.Email;
userDto.IdRole = userJWT.IdRole;
userDto.Name = userJWT.Name;
userDto.Surname = userJWT.Surname;
userDto.Surname2 = userJWT.Surname2;
userDto.Id = userJWT.Id;
HttpContext.Session.SetString("User", JsonConvert.SerializeObject(userDto));
HttpContext.Session.SetString("Jwt", JsonConvert.SerializeObject(responseBody));
HttpContext.Session.SetString("UserName", userDto.Name);
}
return(RedirectToAction("Index", "Home"));
}
}
ModelState.AddModelError("", "Login incorrecto");
return(View());
}
public IDataResult <AccessToken> CreateAccessToken(UserJWT user)
{
var claims = _userService.GetClaims(user);
var accessToken = _tokenHelper.CreateToken(user, claims);
return(new SuccessDataResult <AccessToken>(accessToken, Messages.AccessTokenCreated));
}
public IActionResult Delete(UserJWT user)
{
var result = _userJwtManager.Delete(user);
if (result.Success)
{
return(Ok(result));
}
return(BadRequest(result));
}
private IEnumerable <Claim> SetClaims(UserJWT user, List <OperationClaim> operationClaims)
{
var claims = new List <Claim>();
claims.AddNameIdentifier(user.Id.ToString());
claims.AddEmail(user.Email);
claims.AddName($"{user.FirstName} {user.LastName}");
claims.AddRoles(operationClaims.Select(c => c.Name).ToArray());
return(claims);
}
public IResult Update(UserJWT user)
{
var result = _userDal.GetAll(x => x.Email == user.Email);
if (result.Any())
{
return(new ErrorResult());
}
_userDal.Update(user);
return(new SuccessResult());
}
public JwtSecurityToken CreateJwtSecurityToken(TokenOptions tokenOptions, UserJWT user,
SigningCredentials signingCredentials, List <OperationClaim> operationClaims)
{
var jwt = new JwtSecurityToken(
issuer: tokenOptions.Issuer,
audience: tokenOptions.Audience,
expires: _accessTokenExpiration,
notBefore: DateTime.Now,
claims: SetClaims(user, operationClaims),
signingCredentials: signingCredentials
);
return(jwt);
}
public AccessToken CreateToken(UserJWT user, List <OperationClaim> operationClaims)
{
_accessTokenExpiration = DateTime.Now.AddMinutes(_tokenOptions.AccessTokenExpiration);
var securityKey = SecurityKeyHelper.CreateSecurityKey(_tokenOptions.SecurityKey);
var signingCredentials = SigningCredentialsHelper.CreateSigningCredentials(securityKey);
var jwt = CreateJwtSecurityToken(_tokenOptions, user, signingCredentials, operationClaims);
var jwtSecurityTokenHandler = new JwtSecurityTokenHandler();
var token = jwtSecurityTokenHandler.WriteToken(jwt);
return(new AccessToken
{
Token = token,
Expiration = _accessTokenExpiration
});
}
public static ClaimsPrincipal ValidateTokenWithRoleAsync(AuthenticationHeaderValue value, string context, string role)
{
if (value?.Scheme != "Bearer")
{
return(null);
}
var configFile = new ConfigurationBuilder()
.SetBasePath(context)
.AddJsonFile("local.settings.json", optional: true, reloadOnChange: true)
.AddEnvironmentVariables()
.Build();
var validationParameter = new TokenValidationParameters
{
RequireSignedTokens = true,
ValidAudience = configFile["JWT:Audience"],
ValidateAudience = true,
ValidIssuer = configFile["JWT:Issuer"],
ValidateIssuer = true,
ValidateIssuerSigningKey = true,
ValidateLifetime = true,
IssuerSigningKey = new SymmetricSecurityKey(
Encoding.UTF8.GetBytes(configFile["JWT:SecretKey"]))
};
ClaimsPrincipal result = null;
try
{
var handler = new JwtSecurityTokenHandler();
result = handler.ValidateToken(value.Parameter, validationParameter, out var token);
string userJwtString = result.Claims.FirstOrDefault(c => c.Type == "UserJwt").Value;
UserJWT userJwt = JsonSerializer.Deserialize <UserJWT>(userJwtString);
if (userJwt.Rol != role)
{
return(null);
}
}
catch (SecurityTokenException ex)
{
return(null);
}
return(result);
}
public IDataResult <UserJWT> Register(UserForRegisterDto userForRegisterDto, string password)
{
byte[] passwordHash, passwordSalt;
HashingHelper.CreatePasswordHash(password, out passwordHash, out passwordSalt);
var user = new UserJWT
{
Email = userForRegisterDto.Email,
FirstName = userForRegisterDto.FirstName,
LastName = userForRegisterDto.LastName,
PasswordHash = passwordHash,
PasswordSalt = passwordSalt,
Status = true
};
_userService.Add(user);
return(new SuccessDataResult <UserJWT>(user, Messages.UserRegistered));
}
public async Task <IActionResult> Register([Bind("Name,Surname,Surname2,IdCard,Email,Birthday,Password")] UserDto user)
{
if (ModelState.IsValid)
{
user.IdRole = 2;
string responseBody = await this._clientService.GetResponse(this._configuration["AppSettings:ApiRest"] + "api/AccountApi");
List <UserDto> list = JsonConvert.DeserializeObject <List <UserDto> >(responseBody);
if (list.FirstOrDefault(elem => elem.Email == user.Email) != null)
{
ModelState.AddModelError("ErrorEmail", "The Email already exists");
return(View(user));
}
string responseBody2 = await this._clientService.PostResponse(this._configuration["AppSettings:ApiRest"] + "api/AccountApi/Register", JsonConvert.SerializeObject(user));
JwtSecurityTokenHandler hand = new JwtSecurityTokenHandler();
if (!string.IsNullOrEmpty(responseBody2))
{
var tokenS = hand.ReadJwtToken(responseBody2);
if (responseBody2 != null)
{
if (string.IsNullOrEmpty(HttpContext.Session.GetString("User")))
{
UserJWT userJWT = JsonConvert.DeserializeObject <UserJWT>(tokenS.Payload["UserJwt"].ToString());
UserDto userDto = new UserDto();
userDto.Email = userJWT.Email;
userDto.IdRole = userJWT.IdRole;
userDto.Name = userJWT.Name;
userDto.Surname = userJWT.Surname;
userDto.Surname2 = userJWT.Surname2;
userDto.Id = userJWT.Id;
HttpContext.Session.SetString("User", JsonConvert.SerializeObject(userDto));
HttpContext.Session.SetString("Jwt", JsonConvert.SerializeObject(responseBody2));
HttpContext.Session.SetString("UserName", user.Name);
}
return(RedirectToAction("Index", "Home"));
}
}
}
return(View(user));
}
private string GenerarTokenJWT(UserJWT userJwt, ExecutionContext context)
{
var config = new ConfigurationBuilder()
.SetBasePath(context.FunctionAppDirectory)
.AddJsonFile("local.settings.json", optional: true, reloadOnChange: true)
.AddEnvironmentVariables()
.Build();
var _symmetricSecurityKey = new SymmetricSecurityKey(
Encoding.UTF8.GetBytes(config["JWT:SecretKey"])
);
var _signingCredentials = new SigningCredentials(
_symmetricSecurityKey, SecurityAlgorithms.HmacSha256
);
var header = new JwtHeader(_signingCredentials);
var claims = new[] {
new Claim(JwtRegisteredClaimNames.Jti, Guid.NewGuid().ToString()),
new Claim(JwtRegisteredClaimNames.NameId, userJwt.Id.ToString()),
new Claim("Name", userJwt.Name),
new Claim("Surname", userJwt.Surname != null?userJwt.Surname:""),
new Claim("UserJwt", JsonSerializer.Serialize(userJwt)),
new Claim(ClaimTypes.Role, userJwt.Rol)
};
var payload = new JwtPayload(
issuer: config["JWT:Issuer"],
audience: config["JWT:Audience"],
claims: claims,
notBefore: DateTime.UtcNow,
expires: DateTime.UtcNow.AddHours(5)
);
var token = new JwtSecurityToken(
header,
payload
);
return(new JwtSecurityTokenHandler().WriteToken(token));
}
public ResponseObject <CheckLoginCreedientalsJWTResponse> CheckUserCreedientalsByJWT(UserJWT jwt)
{
ResponseObject <CheckLoginCreedientalsJWTResponse> response = new ResponseObject <CheckLoginCreedientalsJWTResponse>();
try
{
bool jwtAuthorization = CheckJWT(jwt);
CheckLoginCreedientalsJWTResponse checkResult = new CheckLoginCreedientalsJWTResponse()
{
IsAppropriate = jwtAuthorization
};
response.Explanation = "Success";
response.IsSuccess = true;
response.StatusCode = "200";
response.Object = checkResult;
}
catch (Exception ex)
{
response.IsSuccess = false;
response.StatusCode = "400";
response.Explanation = ex.Message;
}
return(response);
}
public void Add(UserJWT user)
{
_userDal.Add(user);
}
public List <OperationClaim> GetClaims(UserJWT user)
{
return(_userDal.GetClaims(user));
}
public IResult Delete(UserJWT user)
{
_userDal.Delete(user);
return(new SuccessResult());
}
