public ActionResult <AuthResultModel> Post([FromBody] AuthRequestModel model)
{
User user = _userRepository.GetUserByLogin(model.Login);
if (user == null)
{
return(Unauthorized("User does not exist"));
}
if (_userRepository.Login(model.Login, model.Password))
{
var result = new AuthResultModel()
{
Success = true
};
var token = TokenSecurity.GenerateJwt(model.Login);
result.Token = new JwtSecurityTokenHandler().WriteToken(token);
result.Expiration = token.ValidTo;
result.Name = $"{user.Firstname} {user.Lastname}";
result.Roles = user.Roles.Select(o => o.RoleId.ToString()).ToArray();
result.UserId = user.Id;
return(Created("", result));
}
return(Unauthorized("Wrong login or password"));
}
private async void CheckJwt()
{
if (!(expirationTime != null && expirationTime.Value >= DateTime.UtcNow.AddSeconds(25)))
{
// Refresh
UriBuilder ub = new UriBuilder(rootUrl + "/api/account/refreshtoken");
StringBuilder sb = new StringBuilder();
IntPtr valuePtr = Marshal.SecureStringToGlobalAllocUnicode(refreshToken);
for (int i = 0; i < refreshToken.Length; i++)
{
short unicodeChar = Marshal.ReadInt16(valuePtr, i * 2);
sb.Append((char)unicodeChar);
}
string json = JsonConvert.SerializeObject(new { RefreshToken = sb.ToString() });
var data = new StringContent(json, Encoding.UTF8, "application/json");
HttpResponseMessage response = await client.PostAsync(ub.Uri, data);
string resultString = await response.Content.ReadAsStringAsync();
ResponseModel responseResult = JsonConvert.DeserializeObject <ResponseModel>(resultString);
JObject jOData = (JObject)responseResult.Data;
AuthResultModel authResult = jOData.ToObject <AuthResultModel>();
refreshToken.Clear();
for (int i = 0; i < authResult.refresh_token.Length; i++)
{
refreshToken.AppendChar(authResult.refresh_token[i]);
}
expirationTime = authResult.expiration.AddHours(3);
client.DefaultRequestHeaders.Authorization = new AuthenticationHeaderValue("Bearer", authResult.acces_token);
}
}
public static async Task <IActionResult> CreateDieataryManagement(
[HttpTrigger(AuthorizationLevel.Anonymous, "post", Route = (Routes.APIVersion + Routes.DietaryManagement))] HttpRequest req,
ILogger log)
{
//link voor swagger https://devkimchi.com/2019/02/02/introducing-swagger-ui-on-azure-functions/
log.LogInformation("C# HTTP trigger function processed a request.");
string requestBody = await new StreamReader(req.Body).ReadToEndAsync();
if (string.IsNullOrEmpty(requestBody))
{
return(new UnprocessableEntityObjectResult(Messages.ErrorMissingValues));
}
DietaryManagementModel dietary = new DietaryManagementModel();
JsonConvert.PopulateObject(requestBody, dietary);
#region AuthCheck
AuthResultModel authResult = await DIContainer.Instance.GetService <IAuthorization>().CheckAuthorization(req, dietary.PatientId);
if (!authResult.Result)
{
return(new StatusCodeResult((int)authResult.StatusCode));
}
#endregion
Dictionary <ServiceDictionaryKey, object> dictionary = await DIContainer.Instance.GetService <IDietaryManagementService>().TryAddDietaryManagement(dietary);
return(DIContainer.Instance.GetService <IResponseHandler>().ForgeResponse(dictionary));
}
public static async Task <IActionResult> GetDietaryManagementByPatient(
[HttpTrigger(AuthorizationLevel.Anonymous, "get", Route = (Routes.APIVersion + Routes.GetDietaryManagement))] HttpRequest req, string patientId,
ILogger log)
{
//link voor swagger https://devkimchi.com/2019/02/02/introducing-swagger-ui-on-azure-functions/
int id;
if (!int.TryParse(patientId, out id))
{
return(new UnprocessableEntityObjectResult(Messages.ErrorIncorrectId));
}
#region AuthCheck
AuthResultModel authResult = await DIContainer.Instance.GetService <IAuthorization>().AuthForDoctorOrPatient(req, id);
if (!authResult.Result)
{
return(new StatusCodeResult((int)authResult.StatusCode));
}
#endregion
Dictionary <ServiceDictionaryKey, object> dictionary = await DIContainer.Instance.GetService <IDietaryManagementService>().TryGetDietaryManagementByPatient(id);
return(DIContainer.Instance.GetService <IResponseHandler>().ForgeResponse(dictionary));
}
public static async Task <IActionResult> Run(
[HttpTrigger(AuthorizationLevel.Anonymous, "delete", Route = (Routes.APIVersion + Routes.SpecificDoctor))] HttpRequest req,
ILogger log, int doctorId)
{
#region AuthCheck
AuthResultModel authResult = await DIContainer.Instance.GetService <IAuthorization>().AuthForDoctor(req, doctorId);
if (!authResult.Result)
{
return(new StatusCodeResult((int)authResult.StatusCode));
}
#endregion
try
{
IDoctorRepository doctorRepository = DIContainer.Instance.GetService <IDoctorRepository>();
bool success = doctorRepository.Delete(doctorId);
return(doctorRepository.Delete(doctorId)
? (ActionResult) new OkResult()
: new StatusCodeResult(StatusCodes.Status409Conflict));
}
catch (Exception e)
{
return(new BadRequestObjectResult(new MessageHandler().BuildErrorMessage(e)));
}
}
/// <summary>
/// Login method
/// </summary>
public async Task <ResponseModel> Login(User usr)
{
this.CurrentUser = usr;
UriBuilder ub = new UriBuilder(rootUrl + "/api/account/login");
string json = JsonConvert.SerializeObject(new
{
Username = usr.Username,
Password = usr.Password
});
var data = new StringContent(json, Encoding.UTF8, "application/json");
HttpResponseMessage response = await client.PostAsync(ub.Uri, data);
string resultString = await response.Content.ReadAsStringAsync();
ResponseModel rM = JsonConvert.DeserializeObject <ResponseModel>(resultString);
JObject jOData = (JObject)rM.Data;
AuthResultModel aRM = jOData.ToObject <AuthResultModel>();
CurrentUser.CarPlateNumber = aRM.car_plate_number;
refreshToken.Clear();
for (int i = 0; i < aRM.refresh_token.Length; i++)
{
refreshToken.AppendChar(aRM.refresh_token[i]);
}
expirationTime = aRM.expiration;
client.DefaultRequestHeaders.Authorization = new AuthenticationHeaderValue("Bearer", aRM.acces_token);
return(rM);
}
public RequestResultDTO Map(AuthResultModel result)
{
return(new RequestResultDTO {
IsSuccess = result.IsSuccess,
Message = result.Message
});
}
public async Task <AuthResultModel> AuthorizeUser(SignInModel model)
{
var user = await _userManager.Users.Include(u => u.UserRoles).ThenInclude(ur => ur.Role)
.FirstOrDefaultAsync(u => u.UserName == model.Username);
if (user == null)
{
throw new UserNotAuthorizedException("Username or password is incorrect");
}
if (!await _userManager.CheckPasswordAsync(user, model.Password))
{
throw new UserNotAuthorizedException("Username or password is incorrect");
}
user.RefreshToken = GenerateRefreshToken();
await _userManager.UpdateAsync(user);
var roles = user.UserRoles?.Select(_ => _.Role.Name).ToList();
var userPermissions = user.UserRoles?.SelectMany(_ => _.Role.Permissions.Split(",")).ToList();
var resultModel = new AuthResultModel
{
Token = await GenerateUserToken(user),
Expire = DateTime.UtcNow.AddDays(7),
UserId = user.Id,
RefreshToken = user.RefreshToken,
Roles = roles,
Permissions = userPermissions,
};
return(resultModel);
}
internal AuthResult(AuthResultModel model)
{
Result = model.Result?.ToLower() == "allow" ? AuthState.Allow : AuthState.Deny;
Status = model.Status;
StatusMessage = model.Status_Msg;
TrustedDeviceToken = model.Trusted_Device_Token;
}
public async Task <AuthResultModel> RegisterUser(SignUpModel model)
{
if (await DbContext.Users.FirstOrDefaultAsync(_ => _.UserName == model.Username) != null)
{
throw new BadRequestException("User with this name already exist");
}
var newUser = new ApplicationUser {
UserName = model.Username, RefreshToken = GenerateRefreshToken()
};
var identityResult = await _userManager.CreateAsync(newUser, model.Password);
if (!identityResult.Succeeded)
{
throw new ServerErrorException($"User creation error. {string.Join(",", identityResult.Errors)}");
}
// var roles = user.UserRoles?.Select(_ => _.Role.Name).ToList();
// var userPermissions = user.UserRoles?.SelectMany(_ => _.Role.Permissions.Split(",")).ToList();
var resultModel = new AuthResultModel
{
Token = await GenerateUserToken(newUser),
Expire = DateTime.UtcNow.AddDays(7),
UserId = newUser.Id,
RefreshToken = newUser.RefreshToken
};
return(resultModel);
}
public async Task <AuthResultModel> Authenticate(string token)
{
var encodedVallue = Base64Utility.Encode(token.ToString());
AuthResultModel result = await base.Post <AuthResultModel>("auth", encodedVallue, null);
return(result);
}
public async Task <ActionResult> Login(LoginModel loginModel)
{
if (!ModelState.IsValid)
{
return(View(loginModel));
}
AuthResultModel authResultModel = await _authService.CanLoginAsync(loginModel);
if (!authResultModel.Success)
{
ModelState.AddModelError(authResultModel.Field ?? "Ошибка", authResultModel.ErrorMessage);
return(View(loginModel));
}
var claim = new ClaimsIdentity("ApplicationCookie", ClaimsIdentity.DefaultNameClaimType, ClaimsIdentity.DefaultRoleClaimType);
claim.AddClaim(new Claim(ClaimTypes.NameIdentifier, authResultModel.PlayerId.ToString(), ClaimValueTypes.String));
claim.AddClaim(new Claim(ClaimsIdentity.DefaultNameClaimType, loginModel.Login, ClaimValueTypes.String));
claim.AddClaim(new Claim("http://schemas.microsoft.com/accesscontrolservice/2010/07/claims/identityprovider", "OWIN Provider", ClaimValueTypes.String));
AuthenticationManager.SignOut();
AuthenticationManager.SignIn(new AuthenticationProperties {
IsPersistent = true
}, claim);
return(RedirectToAction("Index", "PlayerProfile"));
}
public static async Task <bool> AuthLicense()
{
HttpResponseMessage response = await client.GetAsync($"helper/authenticate?version={EnvironmentVariables.CURRENT_VERSION}&license={License}");
if (response.IsSuccessStatusCode)
{
try
{
AuthResult = await response.Content.ReadAsAsync <AuthResultModel>();
if (AuthResult.user == null)
{
return(false);
}
return(true);
}
catch (Exception)
{
HandleError(response.Content.ReadAsAsync <Response>().Result);
return(false);
}
}
HandleError(DefaultResponse);
return(false);
}
private AuthResultModel GetFailedLogonResult(string userName, Exception ex)
{
List <string> errors = GetErrors(ex);
var ret = new AuthResultModel(AuthResultModel.AuthAction.Logon)
{
UserName = userName,
Succeeded = false,
Reasons = errors.ToArray()
};
return(ret);
}
private async Task <bool> IsAuthorized(Dictionary <ServiceDictionaryKey, object> dict, HttpRequest req, int id)
{
AuthResultModel authResult = await _authorizationService.AuthForDoctorOrPatient(req, id);
if (!authResult.Result)
{
dict.Add(ServiceDictionaryKey.ERROR, $"Authorization check wasn't passed.");
HttpStatusCode httpStatusCode = (HttpStatusCode)(int)authResult.StatusCode;
dict.Add(ServiceDictionaryKey.HTTPSTATUSCODE, httpStatusCode);
}
return(authResult.Result);
}
internal AuthResult(AuthResultModel model)
{
switch (model.Result.ToLower())
{
case "allow":
Result = AuthState.Allow;
break;
default:
Result = AuthState.Deny;
break;
}
Status = model.Status;
StatusMessage = model.Status_Msg;
TrustedDeviceToken = model.Trusted_Device_Token;
}
public static async Task <IActionResult> Run(
[HttpTrigger(AuthorizationLevel.Anonymous, "get", Route = (Routes.APIVersion + Routes.GetFavoriteFood))] HttpRequest req,
ILogger log, int patientId)
{
// Auth check
AuthResultModel authResult = await DIContainer.Instance.GetService <IAuthorization>().AuthForDoctorOrPatient(req, patientId);
if (!authResult.Result)
{
return(new StatusCodeResult((int)authResult.StatusCode));
}
Dictionary <ServiceDictionaryKey, object> dictionary = await DIContainer.Instance.GetService <IFoodService>().TryGetFavoriteFood(patientId);
return(DIContainer.Instance.GetService <IResponseHandler>().ForgeResponse(dictionary));
}
public async Task <AuthResultModel> RefreshUserToken(RefreshRequestModel refreshRequest)
{
var tokenValidationParameters = new TokenValidationParameters
{
ValidateAudience = false,
ValidateIssuer = false,
ValidateIssuerSigningKey = true,
IssuerSigningKey = new SymmetricSecurityKey(Encoding.UTF8.GetBytes(_configuration["App:Auth:Key"])),
ValidateLifetime = false
};
var tokenHandler = new JwtSecurityTokenHandler();
var principal = tokenHandler.ValidateToken(refreshRequest.Token, tokenValidationParameters, out var securityToken);
if (!(securityToken is JwtSecurityToken jwtSecurityToken) || !jwtSecurityToken.Header.Alg.Equals(SecurityAlgorithms.HmacSha256, StringComparison.InvariantCultureIgnoreCase))
{
throw new BadRequestException("Invalid token");
}
var userId = Guid.Parse(principal.FindFirstValue(ClaimTypes.NameIdentifier));
var user = await _userManager.Users.Include(u => u.UserRoles).ThenInclude(ur => ur.Role)
.FirstOrDefaultAsync(u => u.Id == userId);
if (user == null)
{
throw new BadRequestException("Invalid token");
}
user.RefreshToken = GenerateRefreshToken();
await _userManager.UpdateAsync(user);
var roles = user.UserRoles?.Select(_ => _.Role.Name).ToList();
var userPermissions = user.UserRoles?.SelectMany(_ => _.Role.Permissions.Split(",")).ToList();
var resultModel = new AuthResultModel
{
Token = await GenerateUserToken(user),
Expire = DateTime.UtcNow.AddDays(7),
UserId = user.Id,
RefreshToken = user.RefreshToken,
Roles = roles,
Permissions = userPermissions
};
return(resultModel);
}
public async Task <ActionResult> Register(RegisterModel registerModel)
{
if (!ModelState.IsValid)
{
return(View(registerModel));
}
AuthResultModel authResultModel = await _authService.RegisterAsync(registerModel);
if (!authResultModel.Success)
{
ModelState.AddModelError(authResultModel.Field, authResultModel.ErrorMessage);
return(View(registerModel));
}
return(RedirectToAction("Login"));
}
public static async Task <IActionResult> Run(
[HttpTrigger(AuthorizationLevel.Function, "put", Route = (Routes.APIVersion + Routes.PutMeal))] HttpRequest req,
ILogger log, int patientId, int mealId)
{
// Auth check
AuthResultModel authResult = await DIContainer.Instance.GetService <IAuthorization>().CheckAuthorization(req, patientId);
if (!authResult.Result)
{
return(new StatusCodeResult((int)authResult.StatusCode));
}
Dictionary <ServiceDictionaryKey, object> dictionary = await DIContainer.Instance.GetService <IMealService>().TryPutMeal(patientId, mealId, req);
return(DIContainer.Instance.GetService <IResponseHandler>().ForgeResponse(dictionary));
}
public async Task <AuthenticateResponseModel> AuthenticateAsync([FromBody] AuthenticateRequestModel request)
{
AuthResultModel authModel = null;
switch (request.LoginProvider)
{
case LoginProvider.Standard:
authModel = await _authService.AuthAsync(request.Email, request.Password);
break;
case LoginProvider.Google:
authModel = await _authService.SocialAuthAsync(request.Email, Domain.Enums.LoginProvider.Google);
break;
}
return(_mapper.Map <AuthenticateResponseModel>(authModel));
}
public static async Task <IActionResult> Run(
[HttpTrigger(AuthorizationLevel.Anonymous, "get", Route = (Routes.APIVersion + Routes.FoodByPartialname))] HttpRequest req,
ILogger log, string foodName, int count)
{
int patientId = await DIContainer.Instance.GetService <IAuthorization>().GetUserId(req);
// Auth check
AuthResultModel authResult = await DIContainer.Instance.GetService <IAuthorization>().CheckAuthorization(req, patientId);
if (!authResult.Result)
{
return(new StatusCodeResult((int)authResult.StatusCode));
}
Dictionary <ServiceDictionaryKey, object> dictionary = await DIContainer.Instance.GetService <IFoodService>().TryGetFoodBySearch(foodName, count);
return(DIContainer.Instance.GetService <IResponseHandler>().ForgeResponse(dictionary));
}
public static async Task <IActionResult> Run(
[HttpTrigger(AuthorizationLevel.Function, "delete", Route = (Routes.APIVersion + Routes.UnFavoriteFood))] HttpRequest req,
ILogger log)
{
int patientId = await DIContainer.Instance.GetService <IAuthorization>().GetUserId(req);
// Auth check
AuthResultModel authResult = await DIContainer.Instance.GetService <IAuthorization>().CheckAuthorization(req, patientId);
if (!authResult.Result)
{
return(new StatusCodeResult((int)authResult.StatusCode));
}
Dictionary <ServiceDictionaryKey, object> dictionary = await DIContainer.Instance.GetService <IFoodService>().TryDeleteFavoriteFood(req);
return(DIContainer.Instance.GetService <IResponseHandler>().ForgeResponse(dictionary));
}
protected async Task <AuthResultModel> SigInUser(string username, string password)
{
var model = new SignInModel
{
Username = username,
Password = password
};
var response = await PostModel <AuthResultModel, SignInModel>("/api/v1/auth/signin", model);
AssertSuccesDataResponse(response);
response.Data.Token.Should().NotBeNullOrEmpty();
response.Data.UserId.Should().NotBeEmpty();
UserData = response.Data;
return(response.Data);
}
public async Task <AuthResultModel> AuthenticateUser(AuthModelWithRefreshToken data)
{
AuthResultModel result = null;
try
{
var authData = await _authServiceRepository.GetUserByRefreshToken(data.RefreshToken);
result = MapperExtensions.Convert <AuthData, AuthResultModel>(authData);
logger.Information($"AuthenticateUser [RefreshToken ] by {data.RefreshToken} was successfully");
}
catch (Exception e)
{
logger.Error($"Method: AuthenticateUser with RefreshToken Message: {e.Message}");
throw;
}
return(result);
}
public static async Task <IActionResult> Run(
[HttpTrigger(AuthorizationLevel.Anonymous, "get", Route = (Routes.APIVersion + Routes.GetDoctorPatients))] HttpRequest req,
ILogger log, int doctorId)
{
#region AuthCheck
AuthResultModel authResult = await DIContainer.Instance.GetService <IAuthorization>().AuthForDoctor(req, doctorId);
if (!authResult.Result)
{
return(new StatusCodeResult((int)authResult.StatusCode));
}
#endregion
IDoctorRepository doctorRepository = DIContainer.Instance.GetService <IDoctorRepository>();
List <Patient> patients = doctorRepository.GetDoctorPatients(doctorId);
return(patients != null
? (ActionResult) new OkObjectResult(patients)
: new NoContentResult());
}
public async Task <AuthResultModel> AuthenticateUser(AuthModelWithCredentials data)
{
AuthResultModel result = null;
try
{
var authData = await _authServiceRepository.GetUserByСredentials(data.Login, data.Password);
result = MapperExtensions.Convert <AuthData, AuthResultModel>(authData);
logger.Information($"AuthenticateUser [WithCredentials] by {data.Login} was successfully");
}
catch (Exception e)
{
logger.Error($"Method: AuthenticateUser With Credentials Message: {e.Message}");
throw;
}
return(result);
}
public static async Task <IActionResult> Run(
[HttpTrigger(AuthorizationLevel.Anonymous, "get", Route = (Routes.APIVersion + Routes.Doctor))] HttpRequest req,
ILogger log)
{
#region AuthCheck
AuthResultModel authResult = await DIContainer.Instance.GetService <IAuthorization>().CheckAuthorization(req);
if (!authResult.Result)
{
return(new StatusCodeResult((int)authResult.StatusCode));
}
#endregion
IDoctorRepository doctorRepository = DIContainer.Instance.GetService <IDoctorRepository>();
List <AppNiZiAPI.Models.DoctorModel> doctors = doctorRepository.GetDoctors();
return(doctors.Count != 0
? (ActionResult) new OkObjectResult(doctors)
: new NoContentResult());
}
/// <summary>
/// </summary>
/// <param name="userInfo"></param>
/// <param name="_config"></param>
/// <returns></returns>
public static string GenerateAccessToken(AuthResultModel userInfo, IConfiguration _config)
{
var securityKey = new SymmetricSecurityKey(Encoding.UTF8.GetBytes(_config["Jwt:Key"]));
var credentials = new SigningCredentials(securityKey, SecurityAlgorithms.HmacSha256);
var claims = new[]
{
new Claim(JwtRegisteredClaimNames.Sub, userInfo.Login),
new Claim(JwtRegisteredClaimNames.Jti, Guid.NewGuid().ToString()),
new Claim(ClaimTypes.Role, userInfo.ServiceAccessLevel.ToString())
};
var token = new JwtSecurityToken(
_config["Jwt:Issuer"],
_config["Jwt:Issuer"],
claims,
expires: DateTime.Now.AddDays(1),
signingCredentials: credentials);
return(new JwtSecurityTokenHandler().WriteToken(token));
}
public ActionResult <AuthResultModel> Post([FromBody] AuthRequestModel model)
{
// NEVER DO THIS, JUST SHOWING THE EXAMPLE
if (model.Username == "*****@*****.**" &&
model.Password == "P@ssw0rd!")
{
var result = new AuthResultModel()
{
Success = true
};
// Never do this either, hardcoded strings
var token = TokenSecurity.GenerateJwt(model.Username);
result.Token = new JwtSecurityTokenHandler().WriteToken(token);
result.Expiration = token.ValidTo;
return(Created("", result));
}
return(BadRequest("Unknown failure"));
}