public async Task <UserResultModel> RegisterAsync(string email, string password)
{
UserResultModel result = new UserResultModel();
IdentityUser existingUser = await userManager.FindByEmailAsync(email);
if (existingUser != null)
{
result.Success = false;
result.Errors = new[] { "User with this email address already exists." };
return(result);
}
IdentityUser newUser = new IdentityUser()
{
Email = email,
UserName = email,
};
IdentityResult createdUser = await userManager.CreateAsync(newUser, password);
if (!createdUser.Succeeded)
{
result.Success = false;
result.Errors = createdUser.Errors.Select(x => x.Description);
return(result);
}
result.Success = true;
result.Token = JWTGenerator.Create(newUser);
return(result);
}
private async Task InitBroker(HttpRequestMessage request)
{
// note! broker is mandatory in order to pull the server location
try
{
var token = JWTGenerator.Utilities.GetTokenFromQuery(request);
if (string.IsNullOrEmpty(token))
{
token = JWTGenerator.Utilities.GetTokenFromHeader(request);
}
var generator = new JWTGenerator(this.JWTSecretKey);
var tokenPayload = generator.GetTokenPayload(token);
var schema = new
{
BrokerName = "",
Role = "",
RefName = ""
};
var tokenPayloadModel = JsonConvert.DeserializeAnonymousType(tokenPayload, schema);
this.BrokerName = tokenPayloadModel.BrokerName;
}
catch (Exception ex) {
throw new StatusException(HttpStatusCode.Unauthorized, ex.Message);
}
}
// This method gets called by the runtime. Use this method to configure the HTTP request pipeline.
public void Configure(IApplicationBuilder app, IWebHostEnvironment env)
{
if (env.IsDevelopment())
{
app.UseDeveloperExceptionPage();
app.UseSwagger();
app.UseSwaggerUI(c => c.SwaggerEndpoint("/swagger/v1/swagger.json", "Web_API v1"));
}
app.UseHttpsRedirection();
app.UseRouting(); JwtSecurityTokenHandler.DefaultInboundClaimTypeMap.Clear();
app.UseAuthentication();
app.UseCors("Cors");
app.UseStaticFiles();
app.UseStaticFiles(new StaticFileOptions()
{
FileProvider = new PhysicalFileProvider(Path.Combine(Directory.GetCurrentDirectory(), @"Resources")),
RequestPath = new PathString("/Resources")
});
app.UseAuthorization();
//app.userouting()?
app.UseEndpoints(endpoints =>
{
endpoints.MapControllers();
endpoints.MapHub <ChatHub>("/ChatHub");
endpoints.MapHub <GameHub>("/GameHub");
});
JWTGenerator.Instantiate(this.Configuration);
}
public async Task <IActionResult> LoginRequest([FromBody] LoginByUsernameViewModel model)
{
if (ModelState.IsValid)
{
// This doesn't count login failures towards account lockout
// To enable password failures to trigger account lockout, set lockoutOnFailure: true
var result = await _signInManager.PasswordSignInAsync(model.Username, model.Password, false, lockoutOnFailure : false);
if (result.Succeeded)
{
var appUser = _userManager.Users.SingleOrDefault(r => r.UserName == model.Username);
var roles = await _userManager.GetRolesAsync(appUser);
string token = JWTGenerator.Generate(appUser.Email, appUser, roles, _configuration);
_logger.LogInformation("User logged in.");
return(new OkObjectResult(new { Token = token, Roles = roles, UserName = appUser.Name }));
}
else
{
ModelState.AddModelError(string.Empty, "Invalid login attempt.");
return(new BadRequestObjectResult("Invalid login or password"));
}
}
else
{
return(new BadRequestObjectResult("Invalid data"));
}
}
public async Task <IActionResult> Login([FromBody] AuthVM authVM)
{
if (!ModelState.IsValid)
{
return(BadRequest(ModelState)); //retruns model state error
}
var result = await _signInManager.PasswordSignInAsync(
userName : authVM.Username,
password : authVM.Password,
isPersistent : true,
lockoutOnFailure : true);
if (result.Succeeded)
{
var user = _userManager.Users.SingleOrDefault(r => r.Email == authVM.Username);
var role = _userManager.GetRolesAsync(user).Result[0];
var tokenString = new JWTGenerator().GenerateJWT(user, _configuration, role);
return(Ok(new { token = tokenString, username = authVM.Username }));
}
return(Unauthorized());
}
public HomeController(ILogger <HomeController> logger,
UserManager <SeriesUser> userManager,
SignInManager <SeriesUser> signInManager,
JWTGenerator jwtToken,
DatabaseContext context)
{
_logger = logger;
_userManager = userManager;
_signInManager = signInManager;
_context = context;
_JWTGenerator = jwtToken;
}
public async Task <IActionResult> Post(LoginCredentials loginCredentials)
{
try
{
var user = await _userManager.FindByNameAsync(loginCredentials.Username);
if (user == null)
{
return(Forbid());
}
// Sign user in with the valid credentials
var result = await _signInManager.CheckPasswordSignInAsync(
user,
loginCredentials.Password,
true);
// If successful...
if (!result.Succeeded)
{
return(Forbid());
}
var claims = new[]
{
new Claim(ClaimTypes.Name, user.UserName),
new Claim(ClaimsConstants.USERID, user.Id.ToString())
};
var userInfo = await _context
.UserInfo
.AsNoTracking()
.Where(u => u.FkUserId == user.Id).FirstOrDefaultAsync();
return(Ok(new
{
User = new
{
Id = user.Id,
Username = user.UserName,
Firstname = userInfo?.Firstname,
Lastname = userInfo?.Lastname,
ProfilePictureData = userInfo?.Profilepicturedata
},
JwtToken = JWTGenerator.GenerateJWTToken(_configuration, claims)
}));
}
catch (Exception)
{
return(BadRequest());
}
}
public string Login(string username, string password, UserRole[] rolesAllowed)
{
string hashedPassword = getHashedPassword(password);
using (var ds = new DataService())
{
if (ds.getUserDAO().ExistsUsernamePassword(username, hashedPassword, rolesAllowed))
{
return(JWTGenerator.Generate(username));
}
return(null);
}
}
public override void OnAuthorization(HttpActionContext context)
{
// Authorization: Bearer <token>
try
{
// [AllowAnonymous]
if (context.ActionDescriptor.GetCustomAttributes <AllowAnonymousAttribute>().Any())
{
base.OnAuthorization(context);
return;
}
var authorization = context.Request.Headers.Authorization;
if (authorization == null)
{
throw new HttpException((int)HttpStatusCode.Unauthorized, "No Authorization Header");
}
if (authorization.Scheme != "Bearer")
{
throw new HttpException((int)HttpStatusCode.Unauthorized, "Not a Bearer Authorization");
}
var token = authorization.Parameter;
var generator = new JWTGenerator("my-secret-key");
if (!generator.VerifyToken(token))
{
throw new HttpException((int)HttpStatusCode.Unauthorized, "Unauthorized Access");
}
var header = generator.GetTokenHeader(token);
var payload = generator.GetTokenPayload(token);
base.OnAuthorization(context);
}
catch (HttpException ex)
{
context.Response = new HttpResponseMessage((HttpStatusCode)ex.GetHttpCode())
{
Content = new StringContent(ex.Message)
};
}
catch (Exception ex)
{
context.Response = new HttpResponseMessage(HttpStatusCode.Unauthorized)
{
Content = new StringContent(ex.Message)
};
}
}
public AuthController(
UserManager <SeriesUser> userManager,
RoleManager <IdentityRole> roleManager,
SignInManager <SeriesUser> signInManager,
DatabaseContext context,
JWTGenerator jwtToken
)
{
_userManager = userManager;
_roleManager = roleManager;
_signInManager = signInManager;
_context = context;
_jwtGenerator = jwtToken;
}
public async Task <IActionResult> Login(JsonElement korisnik)
{
Korisnik podaciKorisnika = JsonConvert.DeserializeObject <Korisnik>((korisnik).ToString());
Korisnik loginKorisnik = await KorisnikProvider.GetKorisnik(db, podaciKorisnika.email, podaciKorisnika.password);
if (loginKorisnik == null)
{
return(NotFound());
}
var tokenStr = JWTGenerator.GenerateLoginToken(loginKorisnik);
return(Ok(new { tokenStr = tokenStr }));
}
public async Task <IActionResult> Register([FromBody] RegistrationVM regVM)
{
if (!ModelState.IsValid)
{
return(BadRequest(ModelState)); //retruns model state error
}
if (await _personRepo.IsUserExist(regVM.Username))
{
ModelState.AddModelError("Username", "Username already exist");
}
regVM.Username = regVM.Username.ToLower();
var user = new ApplicationUser {
UserName = regVM.Username, Email = regVM.Username
};
var result = await _userManager.CreateAsync(user, regVM.Password);
if (result.Succeeded)
{
string[] roles = { "Admin", "User", "Member", "Manager" };
await _userManager.AddToRoleAsync(user, roles[0]);
regVM.IdentityId = user.Id;
var personModel = _mapper.Map <Person>(regVM);
var newUser = await _personRepo.Register(personModel);
// var newUser = await _personRepo.Register(new Models.Person {
// IdentityId = user.Id,
// FirstName = regVM.FirstName,
// LastName = regVM.LastName,
// Username = regVM.Username
// });
var tokenString = new JWTGenerator().GenerateJWT(user, _configuration, roles[0]);
await _signInManager.SignInAsync(user, false);
return(Ok(new {
token = tokenString, username = newUser.Username
}));
}
return(BadRequest(result.Errors));
}
public IActionResult Authenticate([FromBody] AuthUserModel authUser)
{
User user = userAuthenticator.Authenticate(authUser.Name, authUser.Password);
if (user == null)
{
return(BadRequest(new { message = "Bad username or password" }));
}
string token = JWTGenerator.GetToken("cQfTjWnZr4u7x!z%", user.ID.ToString());
return(Ok(new
{
ID = user.ID,
Username = user.Name,
Token = token
}));
}
public void TestToken()
{
JWTGenerator jwtGen = new JWTGenerator();
List <TokenKeyItem> tokenKey = new List <TokenKeyItem>();
tokenKey.Add(new TokenKeyItem
{
k = "Mjg2NTFjYzZkNDljMjhjYjJmNGEwOTk1YmY=",
kty = "oct",
kid = "0001"
});
JWTService.TokenKeysHolder.keys = tokenKey;
var token = jwtGen.GetJWTToken(_device);
JwtSecurityTokenHandler handler = new JwtSecurityTokenHandler();
var readedToken = handler.ReadJwtToken(token);
Assert.Equal(_device.OriginalID, readedToken.Payload.Claims.Single(x => x.Type == "serialID").Value);
}
public async Task <UserResultModel> LoginAsync(string email, string password)
{
UserResultModel result = new UserResultModel();
IdentityUser existingUser = await userManager.FindByEmailAsync(email);
bool userHasValidPassword = await userManager.CheckPasswordAsync(existingUser, password);
if (existingUser == null || !userHasValidPassword)
{
result.Success = false;
result.Errors = new[] { "User/password combination is wrong." };
return(result);
}
result.Success = true;
result.Token = JWTGenerator.Create(existingUser);
return(result);
}
public async Task <IActionResult> Login([FromBody] UserForLoginDTO userForLoginDTO)
{
var userFromRepo = await _repo
.Login(userForLoginDTO.Username.ToLower(), userForLoginDTO.Password);
if (userFromRepo == null)
{
return(Unauthorized());
}
var tokenGenerator = new JWTGenerator(_config);
var user = _mapper.Map <UserForListDto>(userFromRepo);
// O token gerado é enviado para o cliente.
return(Ok(new {
token = tokenGenerator.GenerateToken(userFromRepo.Username, userFromRepo.Id),
user
}));
}
public async Task <IActionResult> Register([FromBody] PersonVM personVM)
{
// Add this to enable .GetService using Microsoft.Extensions.DependencyInjection;
var regService = _service.GetService <IRegistration>();
personVM.Username = personVM.Username.ToLower();
if (await regService.IsExist(personVM.Username))
{
ModelState.AddModelError("Username", "Username already exist");
}
if (!ModelState.IsValid)
{
return(BadRequest(ModelState)); //retruns model state error
}
var user = new ApplicationUser
{
UserName = personVM.Username,
Email = personVM.Username
};
var result = await _userManager.CreateAsync(user, personVM.Password);
if (result.Succeeded)
{
personVM.IdentityId = user.Id;
var newUser = await regService.Register(personVM);
var tokenString = new JWTGenerator().GenerateJWT(newUser, _configuration);
await _signInManager.SignInAsync(user, false);
return(Ok(new { token = tokenString, username = personVM.Username }));
}
return(BadRequest(result.Errors));
}
public async Task <IActionResult> PridruziSeIgri(Boja boja, string accessCode)
{
string email = User.FindFirstValue("email");
Korisnik korisnik = await KorisnikProvider.GetKorisnik(db, email);
if (korisnik == null)
{
return(BadRequest());
}
Igra joinGame = await GameProvider.NadjiIgru(db, accessCode);
if (joinGame == null)
{
return(NotFound());
}
if (joinGame.status != statusIgre.cekanjeIgraca)
{
return(BadRequest());
}
if (joinGame.slobodnaBoja(boja))
{
joinGame.dodajIgraca(boja, korisnik);
if (joinGame.sviPrisutni())
{
joinGame.status = statusIgre.uToku;
}
await GameProvider.AzurirajIgru(db, joinGame);
return(Ok(new { token = JWTGenerator.GenerateGameToken(korisnik, joinGame, boja), username = korisnik.username, slika = korisnik.slika, igraciImena = joinGame.vratiIgrace(), igraciSlike = await GameProvider.slikeIgraca(db, joinGame) }));
}
else
{
return new ObjectResult(joinGame.zauzeteBoje())
{
StatusCode = 403
}
};
}
public async Task <IActionResult> Login([FromBody] AuthVM authVM)
{
var result = await _signInManager.PasswordSignInAsync(authVM.Username, authVM.Password, false, false);
if (result.Succeeded)
{
var authService = _service.GetService <IAuth>();
var auth = await authService.Login(authVM);
if (auth == null)
{
return(Unauthorized());
}
var user = _userManager.Users.SingleOrDefault(r => r.Email == authVM.Username);
var tokenString = new JWTGenerator().GenerateJWT(auth, _configuration);
return(Ok(new { token = tokenString, username = authVM.Username }));
}
return(Unauthorized());
}
public async Task <IActionResult> Post([FromBody] LoginCredentials loginCredentials)
{
try
{
var result = await _userManager.CreateAsync(new ApplicationUser
{
UserName = loginCredentials.Username,
Email = loginCredentials.Username
}, loginCredentials.Password);
if (!result.Succeeded)
{
// TODO: Add types of incorrect password format and handle it in client
// For now only the first error will be returned as a header
var firstErrorDescription = result.Errors.FirstOrDefault()?.Description;
this.HttpContext.Response.Headers.Add("user-creation-first-error", firstErrorDescription);
return(BadRequest(firstErrorDescription));
}
var justCreatedUser = await _userManager.FindByNameAsync(loginCredentials.Username);
_applicationContext.UserInfo.Add(new UserInfo()
{
Id = Guid.NewGuid(),
Firstname = loginCredentials.Firstname,
Lastname = loginCredentials.Lastname,
Description = loginCredentials.Description,
FkUserId = justCreatedUser.Id
});
_applicationContext.BusinessInfo.Add(new BusinessInfo()
{
Id = Guid.NewGuid(),
FkUserId = justCreatedUser.Id
});
await _applicationContext.SaveChangesAsync();
var claims = new[]
{
new Claim(ClaimTypes.Name, justCreatedUser.UserName),
new Claim(ClaimsConstants.USERID, justCreatedUser.Id.ToString())
};
return(Ok(new
{
User = new
{
Id = justCreatedUser.Id,
Firstname = loginCredentials.Firstname,
Lastname = loginCredentials.Lastname,
Username = justCreatedUser.UserName
},
JwtToken = JWTGenerator.GenerateJWTToken(_configuration, claims)
}));
}
catch (Exception)
{
var justCreatedUser = await _userManager.FindByNameAsync(loginCredentials.Username);
if (justCreatedUser != null)
{
var userInfo = _applicationContext
.UserInfo
.FirstOrDefault(u => u.Id == justCreatedUser.Id);
if (userInfo != null)
{
_applicationContext
.UserInfo
.Remove(userInfo);
}
var businessInfo = _applicationContext
.BusinessInfo
.FirstOrDefault(u => u.Id == justCreatedUser.Id);
if (businessInfo != null)
{
_applicationContext
.BusinessInfo
.Remove(businessInfo);
}
_applicationContext.SaveChanges();
await _userManager.DeleteAsync(justCreatedUser);
}
return(BadRequest());
}
}
public IActionResult Index()
{
var jwt = new JWTGenerator(config);
return(Content(jwt.GenerateSecurityToken("*****@*****.**")));
}
public JWTGeneratorService(IDeviceService deviceService)
{
_deviceService = deviceService;
_jwt = new JWTGenerator();
}
public async Task <IActionResult> RejoinGame(string id)
{
string email = User.FindFirstValue("email");
Korisnik korisnik = await KorisnikProvider.GetKorisnik(db, email);
Igra game = await GameProvider.NadjiIgru(db, id);
if (game.status != statusIgre.cekanjeIgracaPause && (game.crveniIgracId != korisnik.ID && game.zeleniIgracId != korisnik.ID && game.zutiIgracId != korisnik.ID && game.plaviIgracId != korisnik.ID))
{
return(Forbid());
}
Boja bojaKorisnika = Boja.crveni;
foreach (Boja b in Enum.GetValues(typeof(Boja)))
{
if ((int)game.GetType().GetProperty(b.ToString() + "IgracId").GetValue(game) == korisnik.ID)
{
bojaKorisnika = b;
}
}
if (korisnik.ID == game.kreatorIgre.ID)
{
return(Ok(new { naPotezu = game.naPotezu.ToString(), boja = bojaKorisnika.ToString(), accessCode = game.accessCode, figure = game.figure, token = JWTGenerator.GenerateGameToken(korisnik, game, bojaKorisnika), username = korisnik.username, slika = korisnik.slika, igraciImena = game.vratiIgrace(), igraciSlike = await GameProvider.slikeIgraca(db, game) }));
}
else
{
return(Ok(new { naPotezu = game.naPotezu.ToString(), boja = bojaKorisnika.ToString(), figure = game.figure, token = JWTGenerator.GenerateGameToken(korisnik, game, bojaKorisnika), username = korisnik.username, slika = korisnik.slika, igraciImena = game.vratiIgrace(), igraciSlike = await GameProvider.slikeIgraca(db, game) }));
}
}
public AuthProvider(IConfigurationService configuration)
{
//_serverPrivateKey = ConfigurationManager.AppSettings["serverKey"];
_serverPrivateKey = configuration.GetValue("ServerKey");
_jwtGen = new JWTGenerator();
}
private void HandleBrokerHook(BrokerData brokerData, WebHookData hookData)
{
var step = 0;
try
{
step = 1;
var httpService = new HttpServiceHelper();
var config = new DataUpdatesConfig {
FromTime = hookData.LastExecutionTime
};
var serviceData = this.BLL.GetServiceData(hookData.ServiceName, brokerData);
if (serviceData == null)
{
throw new Exception($"No Service Data: {hookData.ServiceName}");
}
step = 2;
var proxyURL = this.Config.ProxyServerURI; // "http://proxy.crtv.co.il";
var proxyPort = serviceData.Port;
var generator = new JWTGenerator(this.Config.JWTSecretKey);
var token = generator.GenerateToken(new {
brokerName = brokerData.Name,
role = "Broker"
});
step = 3;
var updatesURI = $"{proxyURL}:{proxyPort}/{hookData.ServiceName}/updates";
var serviceResult = httpService.POST(updatesURI, config, headers: new Dictionary <string, string>
{
["Content-Type"] = "application/json",
["Authorization"] = $"Bearer {token}"
});
step = 4;
// TODO ->> StatusCode
if (!serviceResult.Success)
{
// remove html content
if (serviceResult.Content.Contains("<!DOCTYPE"))
{
serviceResult.Content = serviceResult.Content.Split('<').FirstOrDefault();
}
throw new Exception($"Get Updates from {updatesURI} -> {serviceResult.Content}");
}
var updates = serviceResult.Content;
var hasUpdates = !string.IsNullOrEmpty(updates) && updates != "[]";
step = 5;
// push updates
if (hasUpdates)
{
this.Logger.Info("WebHooksProcess", $"#{hookData.Id}, POST {hookData.ServiceName} Updates to {hookData.HookURL}");
var pushResult = httpService.POST($"{hookData.HookURL}", updates, headers: new Dictionary <string, string>
{
["Content-Type"] = "application/json"
});
step = 6;
if (!pushResult.Success)
{
throw new Exception($"Push Updates to {hookData.HookURL} -> {serviceResult.Content}");
}
}
step = 7;
hookData.LastExecutionTime = DateTime.Now; // update the last execution time
this.BLL.UpdateWebHookLastExecutionTime(hookData);
}
catch (Exception ex)
{
ex.Data.Add("Method", "WebHooksProcess.HandleBrokerHook");
ex.Data.Add("HookId", hookData.Id);
ex.Data.Add("BrokerName", hookData.BrokerName);
ex.Data.Add("ServiceName", hookData.ServiceName);
ex.Data.Add("Step", step);
this.Logger.Error("WebHooksProcess", ex);
}
}
