public static UserDto ToDto(this UserWithPasswordHash model) { var dto = (model as User).ToDto(); dto.PasswordHash = model.PasswordHash; return(dto); }
public async Task <IActionResult> Migrate([FromBody] MigrationModel model) { if (model.Membership == null) { throw ErtisAuthException.ValidationError(new[] { "membership is required" }); } if (model.User == null) { throw ErtisAuthException.ValidationError(new[] { "user is required" }); } if (!this.Request.Headers.ContainsKey("ConnectionString")) { throw ErtisAuthException.ValidationError(new[] { "ConnectionString must be post in header" }); } var connectionString = this.Request.Headers["ConnectionString"]; var membership = new Membership { Name = model.Membership.Name, ExpiresIn = model.Membership.ExpiresIn, RefreshTokenExpiresIn = model.Membership.RefreshTokenExpiresIn, HashAlgorithm = model.Membership.HashAlgorithm, DefaultEncoding = model.Membership.DefaultEncoding, SecretKey = model.Membership.SecretKey, }; var user = new UserWithPasswordHash { Username = model.User.Username, EmailAddress = model.User.EmailAddress, FirstName = model.User.FirstName, LastName = model.User.LastName, PasswordHash = model.User.Password, Role = model.User.Role, Forbidden = model.User.Forbidden, Permissions = model.User.Permissions }; Application application = null; if (model.Application != null) { application = new Application { Name = model.Application.Name, Role = model.Application.Role }; } this.Request.HttpContext.Items.Add("SysUtilizer", "migration"); var migrationResult = await this.migrationService.MigrateAsync(connectionString, membership, user, application); return(this.Ok(migrationResult)); }
public async ValueTask <dynamic> MigrateAsync(string connectionString, Membership _membership, UserWithPasswordHash _user, Application _application) { // Validation var databaseInformation = Ertis.MongoDB.Helpers.ConnectionStringHelper.ParseConnectionString(connectionString); var connectionString1 = Ertis.MongoDB.Helpers.ConnectionStringHelper.GenerateConnectionString(this.databaseSettings); var connectionString2 = Ertis.MongoDB.Helpers.ConnectionStringHelper.GenerateConnectionString(databaseInformation); if (connectionString1 != connectionString2) { throw ErtisAuthException.MigrationRejected("Connection string could not validated"); } // 1. Membership var membership = await this.membershipService.CreateAsync(new Membership { Name = _membership.Name, DefaultEncoding = _membership.DefaultEncoding, HashAlgorithm = _membership.HashAlgorithm, ExpiresIn = _membership.ExpiresIn, RefreshTokenExpiresIn = _membership.RefreshTokenExpiresIn, SecretKey = string.IsNullOrEmpty(_membership.SecretKey) ? GenerateRandomSecretKey(32) : _membership.SecretKey }); // Utilizer var utilizer = new Utilizer { Username = "******", Role = ReservedRoles.Administrator, Type = Utilizer.UtilizerType.System, MembershipId = membership.Id }; // 2. Role Role adminRole; var currentAdminRole = await this.roleService.GetByNameAsync(ReservedRoles.Administrator, membership.Id); if (currentAdminRole == null) { adminRole = await this.roleService.CreateAsync(utilizer, membership.Id, new Role { Name = ReservedRoles.Administrator, Description = "Administrator", MembershipId = membership.Id, Permissions = RoleHelper.AssertAdminPermissionsForReservedResources() }); } else { adminRole = currentAdminRole; } // 3. User (admin) var adminUser = await this.userService.CreateAsync(utilizer, membership.Id, new UserWithPasswordHash { Username = _user.Username, FirstName = _user.FirstName, LastName = _user.LastName, EmailAddress = _user.EmailAddress, Role = adminRole.Name, MembershipId = membership.Id, PasswordHash = this.cryptographyService.CalculatePasswordHash(membership, _user.PasswordHash) }); // 4. Application if (_application != null) { var application = await this.applicationService.CreateAsync(utilizer, membership.Id, new Application { Name = _application.Name, Role = _application.Role, MembershipId = membership.Id }); return(new { membership, user = adminUser, role = adminRole, application }); } return(new { membership, user = adminUser, role = adminRole }); }