public async Task UpdateAuthenticatedUsers(List <int> securityGroups)
{
try
{
var groupUsers = await _dbContext.SecurityGroupUsers
.AsNoTracking()
.Where(x => securityGroups.Contains(x.SecurityGroupId))
.Where(x => x.WorkflowState != Constants.WorkflowStates.Removed)
.Select(x => new
{
UserId = x.EformUserId,
Role = x.EformUser.UserRoles
.Select(y => y.Role.Name)
.FirstOrDefault(),
})
.ToListAsync();
foreach (var user in groupUsers)
{
// try to get auth item
var auth = _authCacheService.TryGetValue(user.UserId);
if (auth != null)
{
var isAdmin = user.Role == EformRole.Admin;
var timeStamp = new DateTimeOffset(DateTime.UtcNow).ToUnixTimeMilliseconds();
var claims = await GetUserPermissions(user.UserId, isAdmin);
auth.Claims = claims;
auth.TimeStamp = timeStamp;
_authCacheService.Set(auth, user.UserId);
}
}
}
catch (Exception e)
{
_logger.LogError(e.Message);
throw;
}
}
public async Task <string> GenerateToken(EformUser user)
{
if (user != null)
{
var timeStamp = new DateTimeOffset(DateTime.UtcNow).ToUnixTimeMilliseconds();
var claims = new List <Claim>
{
new Claim(JwtRegisteredClaimNames.Sub, user.Id.ToString()),
new Claim(JwtRegisteredClaimNames.Jti, Guid.NewGuid().ToString()),
new Claim(AuthConsts.ClaimLastUpdateKey, timeStamp.ToString()),
};
if (!string.IsNullOrEmpty(user.Locale))
{
claims.Add(new Claim("locale", user.Locale));
}
// Add user and roles claims
var userClaims = _userManager.GetClaimsAsync(user).Result;
var userRoles = _userManager.GetRolesAsync(user).Result;
claims.AddRange(userClaims);
foreach (var userRole in userRoles)
{
claims.Add(new Claim(ClaimTypes.Role, userRole));
var role = _roleManager.FindByNameAsync(userRole).Result;
if (role != null)
{
var roleClaims = _roleManager.GetClaimsAsync(role).Result;
foreach (var roleClaim in roleClaims)
{
claims.Add(roleClaim);
}
}
}
var userInMemoryClaims = await _claimsService.GetUserPermissions(
user.Id,
userRoles.Contains(EformRole.Admin));
// Add to memory
var authItem = new AuthItem
{
TimeStamp = timeStamp,
Claims = userInMemoryClaims,
};
_authCacheService.Set(authItem, user.Id);
var key = new SymmetricSecurityKey(Encoding.UTF8.GetBytes(_tokenOptions.Value.SigningKey));
var credentials = new SigningCredentials(key, SecurityAlgorithms.HmacSha256);
var token = new JwtSecurityToken(_tokenOptions.Value.Issuer,
_tokenOptions.Value.Issuer,
claims.ToArray(),
expires: DateTime.Now.AddHours(24),
signingCredentials: credentials);
return(new JwtSecurityTokenHandler().WriteToken(token));
}
return(null);
}