public async Task <IActionResult> Login( [HttpTrigger(AuthorizationLevel.Function, "post", Route = "AccountFunctionApi")] HttpRequest req, ExecutionContext context) { var content = await new StreamReader(req.Body).ReadToEndAsync(); UserLogin userLogin = JsonSerializer.Deserialize <UserLogin>(content); string responseMessage = string.Empty; Users userDb = db.ValidateUserLogin(userLogin.Email, userLogin.Password); if (userDb != null) { UserJWT user = new UserJWT() { Id = userDb.Id, Name = userDb.Name, Surname = userDb.Surname, Surname2 = userDb.Surname2, Email = userDb.Email, IdRole = userDb.IdRole, Rol = userDb.IdRoleNavigation.Name, }; responseMessage = GenerarTokenJWT(user, context); } else { responseMessage = string.Empty; } return(new OkObjectResult(responseMessage)); }
private static bool ValidateToken(string token, out UserJWT user) { user = null; var simplePrinciple = GetPrincipal(token); var identity = simplePrinciple?.Identity as ClaimsIdentity; if (identity == null) { return(false); } if (!identity.IsAuthenticated) { return(false); } try { user.Username = identity.FindFirst("Username")?.Value; user.Password = identity.FindFirst("Password")?.Value; user.SirketKodu = identity.FindFirst("SirketKodu")?.Value; } catch (Exception) { return(false); } // More validate to check whether username exists in system return(true); }
public async Task <IActionResult> Register( [HttpTrigger(AuthorizationLevel.Function, "post", Route = "AccountFunctionApi/Register")] HttpRequest req, ExecutionContext context) { var content = await new StreamReader(req.Body).ReadToEndAsync(); Users user = JsonSerializer.Deserialize <Users>(content); user.IdRole = 2; string responseMessage = String.Empty; Users userDb = db.CreateUser(user); if (userDb != null) { UserJWT userJwt = new UserJWT() { Id = userDb.Id, Name = userDb.Name, Surname = userDb.Surname, Surname2 = userDb.Surname2, Email = userDb.Email, IdRole = userDb.IdRole, Rol = "Client", }; responseMessage = GenerarTokenJWT(userJwt, context); } else { responseMessage = String.Empty; } return(new OkObjectResult(responseMessage)); }
public bool CheckJWT(UserJWT jwt) { string username, password; username = jwt.Username; password = jwt.Password; User user = CheckCreedientals(new LoginFormData() { Username = username, Password = password }); if (user == null) { throw new Exception("\"Username\" or \"Şirket Kodu\" is invalid!"); } else { if (user.SirketKodu == jwt.SirketKodu) { return(true); } else { throw new Exception("Şirket kodu hatalı!"); } } }
public ActionResult Login(String email, string password, string returnUrl) { string content = "{\"Email\":\"" + email + "\",\"Password\":\"" + password + "\"}"; string responseBody = this._clientService.PostResponse(this._configuration["AppSettings:ApiRest"] + "api/AccountApi", content).GetAwaiter().GetResult(); JwtSecurityTokenHandler hand = new JwtSecurityTokenHandler(); if (!string.IsNullOrEmpty(responseBody)) { var tokenS = hand.ReadJwtToken(responseBody); if (responseBody != null) { if (string.IsNullOrEmpty(HttpContext.Session.GetString("User"))) { UserJWT userJWT = JsonConvert.DeserializeObject <UserJWT>(tokenS.Payload["UserJwt"].ToString()); UserDto userDto = new UserDto(); userDto.Email = userJWT.Email; userDto.IdRole = userJWT.IdRole; userDto.Name = userJWT.Name; userDto.Surname = userJWT.Surname; userDto.Surname2 = userJWT.Surname2; userDto.Id = userJWT.Id; HttpContext.Session.SetString("User", JsonConvert.SerializeObject(userDto)); HttpContext.Session.SetString("Jwt", JsonConvert.SerializeObject(responseBody)); HttpContext.Session.SetString("UserName", userDto.Name); } return(RedirectToAction("Index", "Home")); } } ModelState.AddModelError("", "Login incorrecto"); return(View()); }
public IDataResult <AccessToken> CreateAccessToken(UserJWT user) { var claims = _userService.GetClaims(user); var accessToken = _tokenHelper.CreateToken(user, claims); return(new SuccessDataResult <AccessToken>(accessToken, Messages.AccessTokenCreated)); }
public IActionResult Delete(UserJWT user) { var result = _userJwtManager.Delete(user); if (result.Success) { return(Ok(result)); } return(BadRequest(result)); }
private IEnumerable <Claim> SetClaims(UserJWT user, List <OperationClaim> operationClaims) { var claims = new List <Claim>(); claims.AddNameIdentifier(user.Id.ToString()); claims.AddEmail(user.Email); claims.AddName($"{user.FirstName} {user.LastName}"); claims.AddRoles(operationClaims.Select(c => c.Name).ToArray()); return(claims); }
public IResult Update(UserJWT user) { var result = _userDal.GetAll(x => x.Email == user.Email); if (result.Any()) { return(new ErrorResult()); } _userDal.Update(user); return(new SuccessResult()); }
public JwtSecurityToken CreateJwtSecurityToken(TokenOptions tokenOptions, UserJWT user, SigningCredentials signingCredentials, List <OperationClaim> operationClaims) { var jwt = new JwtSecurityToken( issuer: tokenOptions.Issuer, audience: tokenOptions.Audience, expires: _accessTokenExpiration, notBefore: DateTime.Now, claims: SetClaims(user, operationClaims), signingCredentials: signingCredentials ); return(jwt); }
public AccessToken CreateToken(UserJWT user, List <OperationClaim> operationClaims) { _accessTokenExpiration = DateTime.Now.AddMinutes(_tokenOptions.AccessTokenExpiration); var securityKey = SecurityKeyHelper.CreateSecurityKey(_tokenOptions.SecurityKey); var signingCredentials = SigningCredentialsHelper.CreateSigningCredentials(securityKey); var jwt = CreateJwtSecurityToken(_tokenOptions, user, signingCredentials, operationClaims); var jwtSecurityTokenHandler = new JwtSecurityTokenHandler(); var token = jwtSecurityTokenHandler.WriteToken(jwt); return(new AccessToken { Token = token, Expiration = _accessTokenExpiration }); }
public static ClaimsPrincipal ValidateTokenWithRoleAsync(AuthenticationHeaderValue value, string context, string role) { if (value?.Scheme != "Bearer") { return(null); } var configFile = new ConfigurationBuilder() .SetBasePath(context) .AddJsonFile("local.settings.json", optional: true, reloadOnChange: true) .AddEnvironmentVariables() .Build(); var validationParameter = new TokenValidationParameters { RequireSignedTokens = true, ValidAudience = configFile["JWT:Audience"], ValidateAudience = true, ValidIssuer = configFile["JWT:Issuer"], ValidateIssuer = true, ValidateIssuerSigningKey = true, ValidateLifetime = true, IssuerSigningKey = new SymmetricSecurityKey( Encoding.UTF8.GetBytes(configFile["JWT:SecretKey"])) }; ClaimsPrincipal result = null; try { var handler = new JwtSecurityTokenHandler(); result = handler.ValidateToken(value.Parameter, validationParameter, out var token); string userJwtString = result.Claims.FirstOrDefault(c => c.Type == "UserJwt").Value; UserJWT userJwt = JsonSerializer.Deserialize <UserJWT>(userJwtString); if (userJwt.Rol != role) { return(null); } } catch (SecurityTokenException ex) { return(null); } return(result); }
public IDataResult <UserJWT> Register(UserForRegisterDto userForRegisterDto, string password) { byte[] passwordHash, passwordSalt; HashingHelper.CreatePasswordHash(password, out passwordHash, out passwordSalt); var user = new UserJWT { Email = userForRegisterDto.Email, FirstName = userForRegisterDto.FirstName, LastName = userForRegisterDto.LastName, PasswordHash = passwordHash, PasswordSalt = passwordSalt, Status = true }; _userService.Add(user); return(new SuccessDataResult <UserJWT>(user, Messages.UserRegistered)); }
public async Task <IActionResult> Register([Bind("Name,Surname,Surname2,IdCard,Email,Birthday,Password")] UserDto user) { if (ModelState.IsValid) { user.IdRole = 2; string responseBody = await this._clientService.GetResponse(this._configuration["AppSettings:ApiRest"] + "api/AccountApi"); List <UserDto> list = JsonConvert.DeserializeObject <List <UserDto> >(responseBody); if (list.FirstOrDefault(elem => elem.Email == user.Email) != null) { ModelState.AddModelError("ErrorEmail", "The Email already exists"); return(View(user)); } string responseBody2 = await this._clientService.PostResponse(this._configuration["AppSettings:ApiRest"] + "api/AccountApi/Register", JsonConvert.SerializeObject(user)); JwtSecurityTokenHandler hand = new JwtSecurityTokenHandler(); if (!string.IsNullOrEmpty(responseBody2)) { var tokenS = hand.ReadJwtToken(responseBody2); if (responseBody2 != null) { if (string.IsNullOrEmpty(HttpContext.Session.GetString("User"))) { UserJWT userJWT = JsonConvert.DeserializeObject <UserJWT>(tokenS.Payload["UserJwt"].ToString()); UserDto userDto = new UserDto(); userDto.Email = userJWT.Email; userDto.IdRole = userJWT.IdRole; userDto.Name = userJWT.Name; userDto.Surname = userJWT.Surname; userDto.Surname2 = userJWT.Surname2; userDto.Id = userJWT.Id; HttpContext.Session.SetString("User", JsonConvert.SerializeObject(userDto)); HttpContext.Session.SetString("Jwt", JsonConvert.SerializeObject(responseBody2)); HttpContext.Session.SetString("UserName", user.Name); } return(RedirectToAction("Index", "Home")); } } } return(View(user)); }
private string GenerarTokenJWT(UserJWT userJwt, ExecutionContext context) { var config = new ConfigurationBuilder() .SetBasePath(context.FunctionAppDirectory) .AddJsonFile("local.settings.json", optional: true, reloadOnChange: true) .AddEnvironmentVariables() .Build(); var _symmetricSecurityKey = new SymmetricSecurityKey( Encoding.UTF8.GetBytes(config["JWT:SecretKey"]) ); var _signingCredentials = new SigningCredentials( _symmetricSecurityKey, SecurityAlgorithms.HmacSha256 ); var header = new JwtHeader(_signingCredentials); var claims = new[] { new Claim(JwtRegisteredClaimNames.Jti, Guid.NewGuid().ToString()), new Claim(JwtRegisteredClaimNames.NameId, userJwt.Id.ToString()), new Claim("Name", userJwt.Name), new Claim("Surname", userJwt.Surname != null?userJwt.Surname:""), new Claim("UserJwt", JsonSerializer.Serialize(userJwt)), new Claim(ClaimTypes.Role, userJwt.Rol) }; var payload = new JwtPayload( issuer: config["JWT:Issuer"], audience: config["JWT:Audience"], claims: claims, notBefore: DateTime.UtcNow, expires: DateTime.UtcNow.AddHours(5) ); var token = new JwtSecurityToken( header, payload ); return(new JwtSecurityTokenHandler().WriteToken(token)); }
public ResponseObject <CheckLoginCreedientalsJWTResponse> CheckUserCreedientalsByJWT(UserJWT jwt) { ResponseObject <CheckLoginCreedientalsJWTResponse> response = new ResponseObject <CheckLoginCreedientalsJWTResponse>(); try { bool jwtAuthorization = CheckJWT(jwt); CheckLoginCreedientalsJWTResponse checkResult = new CheckLoginCreedientalsJWTResponse() { IsAppropriate = jwtAuthorization }; response.Explanation = "Success"; response.IsSuccess = true; response.StatusCode = "200"; response.Object = checkResult; } catch (Exception ex) { response.IsSuccess = false; response.StatusCode = "400"; response.Explanation = ex.Message; } return(response); }
public void Add(UserJWT user) { _userDal.Add(user); }
public List <OperationClaim> GetClaims(UserJWT user) { return(_userDal.GetClaims(user)); }
public IResult Delete(UserJWT user) { _userDal.Delete(user); return(new SuccessResult()); }