private void LoadUserAuthenticate()
{
if (File.Exists(CORE.USER_AUTH_PATH))
{
using (Stream UserAuthenticationStream = File.OpenRead(CORE.USER_AUTH_PATH))
{
try { CORE.UpdateUserAuthentication(UserAuthenticationStream.Deserialize <UserAuthenticationObject>(SerializeType: SerializeType.XML)); }
catch { }
}
}
if (UserAuthenticationObject.Equals(CORE.UserAuthentication, null))
{
CORE.UpdateUserAuthentication(new UserAuthenticationObject());
}
CancellationTokenSource cts = new CancellationTokenSource();
foreach (UserPluginAuthenticationObject upa in CORE.UserAuthentication.UserPluginAuthentications)
{
try
{
IExtension extension = CORE.Extensions[upa.PluginName, upa.PluginLanguage];
extension.Authenticate(new System.Net.NetworkCredential(upa.Username, upa.Password), cts.Token, null);
}
catch
{
MessageBox.Show(String.Format("There was an error decoding {0} ({1}). Please reauthenticate.", upa.PluginName, upa.PluginLanguage));
}
}
SaveUserAuthentication();
}
public async Task <UserAuthenticationResponseObject> AuthenticateAsync(UserAuthenticationObject authData)
{
var hashAndSalt = await _userRepository.SelectHashAndSaltAsync(authData.Email);
if (string.IsNullOrWhiteSpace(hashAndSalt.PasswordHash) || string.IsNullOrWhiteSpace(hashAndSalt.Salt))
{
return(null);
}
var hashToCheck = PasswordHashHelper.GenerateHash(authData.Password, hashAndSalt.Salt);
if (!hashToCheck.Equals(hashAndSalt.PasswordHash))
{
return(null);
}
var user = await _userRepository.SelectUserAsync(authData.Email);
return(new UserAuthenticationResponseObject
{
Token = TokenGenerator.GenerateToken(user, _tokenExpirationDate),
ExpirationDate = _tokenExpirationDate.ToString(),
UserId = user.Id,
Email = user.Email,
Name = user.Name,
Address = user.Address,
PhoneNumber = user.PhoneNumber,
IsAdmin = user.IsAdmin
});
}
public UserAuthenticationObject ValidateUser(string userName, string password)
{
UserAuthenticationObject obj = new UserAuthenticationObject();
var userDetail = _context.UserDetails.Include(u => u.UserClaims).Where(u => u.Email == userName && u.Password == password).FirstOrDefault();
obj = BuildUserAuthObject(userDetail);
return(obj);
}
private string BuildJwtToken(UserAuthenticationObject authObj)
{
List <Claim> jwtClaim = new List <Claim>();
jwtClaim.Add(new Claim(JwtRegisteredClaimNames.Sub, authObj.UserName));
jwtClaim.Add(new Claim(JwtRegisteredClaimNames.Jti, Guid.NewGuid().ToString()));
jwtClaim.Add(new Claim("isAuthenticated", authObj.IsAuthenticated.ToString().ToLower()));
jwtClaim.Add(new Claim("canAccessAdmin", authObj.canAccessAdmin.ToString().ToLower()));
jwtClaim.Add(new Claim("canAccessDashboard", authObj.canAccessDashboard.ToString().ToLower()));
jwtClaim.Add(new Claim("canAccessTODO", authObj.canAccessTODO.ToString().ToLower()));
var key = new SymmetricSecurityKey(Encoding.UTF8.GetBytes(_jwtSettings.Key));
var token = new JwtSecurityToken(issuer: _jwtSettings.Issuer, audience: _jwtSettings.Audience, claims: jwtClaim, notBefore: DateTime.UtcNow, expires: DateTime.UtcNow.AddMinutes(_jwtSettings.MinToExpiration), signingCredentials: new SigningCredentials(key, SecurityAlgorithms.HmacSha256));
return(new JwtSecurityTokenHandler().WriteToken(token));
}
public IActionResult Login(UserDetails userDetails)
{
IActionResult ret;
UserAuthenticationObject obj = new UserAuthenticationObject();
SecurityManager security = new SecurityManager(_context, _jwtSettings);
obj = security.ValidateUser(userDetails.Email, userDetails.Password);
if (obj.IsAuthenticated)
{
ret = StatusCode((int)HttpStatusCode.OK, obj);
}
else
{
ret = StatusCode((int)HttpStatusCode.NotFound, "user not found");
}
return(ret);
}
private UserAuthenticationObject BuildUserAuthObject(UserDetails userDetails)
{
UserAuthenticationObject obj = new UserAuthenticationObject();
if (userDetails != null)
{
obj.IsAuthenticated = true;
obj.UserName = userDetails.Email;
foreach (UserClaims claim in userDetails.UserClaims)
{
typeof(UserAuthenticationObject).GetProperty(claim.ClaimType).SetValue(obj, Convert.ToBoolean(claim.ClaimValue));
}
obj.BearerToken = BuildJwtToken(obj);
}
return(obj);
}
public void UpdateUserAuthentication(UserAuthenticationObject UserAuthentication)
{
this.UserAuthentication = UserAuthentication;
}
