protected AppUserAuth BuildUserAuthObject(MetaCustomer authUser) { AppUserAuth ret = new AppUserAuth(); List <ClaimUser> claims = new List <ClaimUser>(); // Set User Properties ret.UserName = authUser.WebUserName; ret.IsAuthenticated = true; ret.IdMetaUser = authUser.IdMetaCustomer; // Get all claims for this user claims = GetUserClaims(authUser); // Loop through all claims and // set properties of user object foreach (ClaimUser claim in claims) { //ajouter un case pour tous les options possibles si ajout switch (claim.ClaimType) { case nameof(ret.IsAdmin): ret.IsAdmin = Convert.ToBoolean(claim.ClaimValue); break; case nameof(ret.IsUser): ret.IsUser = Convert.ToBoolean(claim.ClaimValue); break; } Console.WriteLine(claim); } ret.BearerToken = BuildJwtToken(ret); return(ret); }
//code adapté de https://www.codemag.com/Article/1809031/Security-in-Angular-Part-2 public AppUserAuth AuthenticateUser(MetaCustomer user) { AppUserAuth ret = new AppUserAuth(); MetaCustomer authUser = null; using (var db = new SeilernContext()) { // Attempt to validate user authUser = db.MetaCustomer.Where( u => u.WebUserName.ToLower() == user.WebUserName.ToLower() && u.Password == user.Password).FirstOrDefault(); } if (authUser != null) { // Build User Security Object ret = BuildUserAuthObject(authUser); // attach user to context on successful jwt validation //context.Items["MetaCustomer"] = user; } return(ret); }
protected string BuildJwtToken(AppUserAuth authUser) { SymmetricSecurityKey key = new SymmetricSecurityKey( Encoding.UTF8.GetBytes(settings.Key)); List <Claim> jwtClaims = new List <Claim>(); // Create standard JWT claims jwtClaims.Add(new Claim(JwtRegisteredClaimNames.Sub, authUser.UserName)); jwtClaims.Add(new Claim(JwtRegisteredClaimNames.Jti, Guid.NewGuid().ToString())); // Add custom claims jwtClaims.Add(new Claim("IsAuthenticated", authUser.IsAuthenticated.ToString() .ToLower())); jwtClaims.Add(new Claim("IsAdmin", authUser.IsAdmin.ToString() .ToLower())); jwtClaims.Add(new Claim("IsUser", authUser.IsUser.ToString() .ToLower())); // Create the JwtSecurityToken object var token = new JwtSecurityToken( issuer: settings.Issuer, audience: settings.Audience, claims: jwtClaims, notBefore: DateTime.UtcNow, expires: DateTime.UtcNow.AddMinutes( settings.MinutesToExpiration), signingCredentials: new SigningCredentials(key, SecurityAlgorithms.HmacSha256) ); // Create string representation of Jwt token return(new JwtSecurityTokenHandler() .WriteToken(token)); }