private JwtResponseData GenerateJwtToken(string email, RecipeUser user)
{
var claims = new List <Claim>
{
new Claim(JwtRegisteredClaimNames.Sub, email),
new Claim(JwtRegisteredClaimNames.Jti, Guid.NewGuid().ToString()),
new Claim(ClaimTypes.NameIdentifier, user.Id.ToString())
};
var key = new SymmetricSecurityKey(Encoding.UTF8.GetBytes(configuration["Auth:IssuerSigninKey"]));
var credentials = new SigningCredentials(key, SecurityAlgorithms.HmacSha512);
var expires = DateTime.Now.AddMinutes(5);
var token = new JwtSecurityToken(
claims: claims,
expires: expires,
signingCredentials: credentials
);
var tokenString = new JwtSecurityTokenHandler().WriteToken(token);
return(new JwtResponseData
{
Expires = 5,
Token = tokenString
});
}
public async Task <IActionResult> CreateUser([FromBody] RecipeUserView userView)
{
if (ModelState.IsValid)
{
RecipeUser user = await _recipeUser.FindByEmailAsync(userView.Email);
if (user == null)
{
user = new RecipeUser
{
Email = userView.Email,
UserName = userView.UserName,
FirstName = userView.FirstName,
LastName = userView.LastName
};
var result = await _recipeUser.CreateAsync(user, userView.Password);
if (result == IdentityResult.Success)
{
return(Ok());
}
}
}
return(BadRequest());
}
public async Task <IActionResult> Register([FromBody] RegisterDto register)
{
if (!ModelState.IsValid)
{
return(BadRequest(ModelState));
}
if (userManager.Users.Any(db => db.Email == register.Email || db.UserName == register.Email))
{
return(BadRequest("Woops!! Something went wrong!")); // we do not want to disclose that the 'email' is registered..
}
var user = new RecipeUser
{
Email = register.Email,
UserName = register.Email
};
var result = await userManager.CreateAsync(user, register.Password);
if (!result.Succeeded)
{
return(BadRequest(result.Errors));
}
await signInManager.SignInAsync(user, false);
return(Ok(GenerateJwtToken(register.Email, user)));
}
public async Task <IActionResult> SignUp([FromBody] SessionSignUp signUp)
{
if (!ModelState.IsValid)
{
return(BadRequest(ModelState));
}
// check if username exists
if ((await recipeBookDataManager.Users.GetItemsAsync(c => c.Username == signUp.Username)).Any())
{
return(BadRequest("Username already exists"));
}
var passwordHash = HashPassword(signUp.Password);
var newUser = new RecipeUser
{
FullName = signUp.Fullname,
Username = signUp.Username,
PasswordSecret = passwordHash.Item1,
PasswordHash = passwordHash.Item2
};
var newUserId = await recipeBookDataManager.Users.CreateItemAsync(newUser);
newUser.Id = newUserId;
var token = GenerateToken(newUser);
return(Ok(new
{
token
}));
}
public async Task Should_Be_Able_To_Create_User_With_Valid_UserName_and_Password()
{
var testUser = new RecipeUser
{
UserName = "******"
};
var result = await _manager.CreateAsync(testUser, "P@ssw0rd1!");
Assert.That(result.Succeeded, Is.True);
var user = await _manager.FindByNameAsync(testUser.UserName);
Assert.That(user.UserName, Is.EqualTo(testUser.UserName));
}
private bool IsPasswordValid(RecipeUser recipeUser, string password)
{
var userSalt = Convert.FromBase64String(recipeUser.PasswordSecret);
string passwordHash = Convert.ToBase64String(KeyDerivation.Pbkdf2(
password: password,
salt: userSalt,
prf: KeyDerivationPrf.HMACSHA1,
iterationCount: 10000,
numBytesRequested: 256 / 8));
return(passwordHash == recipeUser.PasswordHash);
}
public async Task SeedDataAsync()
{
RecipeUser user = await _userManager.FindByEmailAsync("*****@*****.**");
if (user == null)
{
user = new RecipeUser()
{
LastName = "Andersson",
FirstName = "David",
Email = "*****@*****.**",
UserName = "******"
};
var result = await _userManager.CreateAsync(user, "Welc0me!");
if (result != IdentityResult.Success)
{
throw new InvalidOperationException("Could not create user in Seeding");
}
}
if (_context.Categories.Any())
{
return;
}
var categories = new Category[]
{
new Category {
Name = "Kött"
},
new Category {
Name = "Fisk"
},
new Category {
Name = "Fågel"
},
new Category {
Name = "Vegetariskt"
}
};
foreach (Category c in categories)
{
_context.Categories.Add(c);
}
_context.SaveChanges();
}
private string GenerateToken(RecipeUser recipeUser)
{
var claims = new[]
{
new Claim(ClaimTypes.Sid, recipeUser.Id),
new Claim(ClaimTypes.Name, recipeUser.Username),
new Claim(ClaimTypes.GivenName, recipeUser.FullName)
};
var key = new SymmetricSecurityKey(Encoding.UTF8.GetBytes(signingCred.Value.TokenSecret));
var creds = new SigningCredentials(key, SecurityAlgorithms.HmacSha256);
var token = new JwtSecurityToken(
issuer: signingCred.Value.TokenAuthority,
audience: signingCred.Value.TokenAuthority,
claims: claims,
expires: DateTime.Now.AddMinutes(30),
signingCredentials: creds);
return(new JwtSecurityTokenHandler().WriteToken(token));
}
// This method gets called by the runtime. Use this method to add services to the container.
// For more information on how to configure your application, visit https://go.microsoft.com/fwlink/?LinkID=398940
public void ConfigureServices(IServiceCollection services)
{
services.AddMvc()
.SetCompatibilityVersion(CompatibilityVersion.Version_2_2);
IConfigurationSection recipeDbConfig = _config.GetSection("RecipeDb");
var recipeDbService = InitializeRecipeDbService(recipeDbConfig, out DocumentClient dbClient);
services.AddSingleton <IRecipeDbService>(recipeDbService);
services.AddIdentity <RecipeUser, IdentityRole>()
.AddDefaultUI(UIFramework.Bootstrap4)
.RegisterDocumentDBStores <RecipeUser, IdentityRole>(dbClient,
(p) => _collection)
.AddDefaultTokenProviders();
services.AddLogging();
// TODO: Remove after adding registration support
#if DEBUG
var provider = services.BuildServiceProvider();
var userManager = provider.GetRequiredService <UserManager <RecipeUser> >();
RecipeUser firstUser = new RecipeUser {
UserName = "******"
};
var user = userManager.FindByNameAsync(firstUser.UserName).GetAwaiter().GetResult();
if (user == null)
{
var result = userManager.CreateAsync(firstUser, "P@ssw0rd!").GetAwaiter().GetResult();
if (!result.Succeeded)
{
throw new InvalidOperationException("User not created");
}
}
#endif
}
