private IServiceCollection TokenConfigurations(IServiceCollection services)
{
services.AddTransient <LoginService>();
var signingConfigurations = new SigningConfigurationsExtensions();
services.AddSingleton(signingConfigurations);
var tokenConfigurations = new TokenConfigurationExtentions();
new ConfigureFromConfigurationOptions <TokenConfigurationExtentions>(
Configuration.GetSection("TokenConfigurations"))
.Configure(tokenConfigurations);
services.AddSingleton(tokenConfigurations);
services.AddAuthentication(authOptions =>
{
authOptions.DefaultAuthenticateScheme = JwtBearerDefaults.AuthenticationScheme;
authOptions.DefaultChallengeScheme = JwtBearerDefaults.AuthenticationScheme;
}).AddJwtBearer(bearerOptions =>
{
var paramsValidation = bearerOptions.TokenValidationParameters;
paramsValidation.IssuerSigningKey = signingConfigurations.Key;
paramsValidation.ValidAudience = tokenConfigurations.Audience;
paramsValidation.ValidIssuer = tokenConfigurations.Issuer;
paramsValidation.ValidateIssuerSigningKey = true;
paramsValidation.ValidateLifetime = true;
paramsValidation.ClockSkew = TimeSpan.Zero;
});
// Ativa o uso do token como forma de autorizar o acesso
// a recursos deste projeto
services.AddAuthorization(auth =>
{
auth.AddPolicy("Bearer", new AuthorizationPolicyBuilder()
.AddAuthenticationSchemes(JwtBearerDefaults.AuthenticationScheme)
.RequireAuthenticatedUser().Build());
});
services.AddCors(option => option.AddPolicy("Bearer", build =>
{
build
.AllowAnyOrigin()
.AllowCredentials()
.AllowAnyMethod()
.AllowAnyHeader();
}));
return(services);
}
public object DoLogin(
[FromBody] LoginModel userLogin,
[FromServices] LoginService login,
[FromServices] SigningConfigurationsExtensions signingConfigurations,
[FromServices] TokenConfigurationExtentions tokenConfigurations)
{
bool credenciaisValidas = false;
apiCredential = new ApiCredential();
if (userLogin == null || userLogin.Email == null)
{
apiCredential.authenticated = false;
apiCredential.message = "User not found";
return(apiCredential);
}
var user = _userManager.FindByEmailAsync(userLogin.Email).Result;
if (user == null)
{
apiCredential.authenticated = false;
apiCredential.message = "User not found";
return(apiCredential);
}
apiCredential = login.Find(user, userLogin, $"{user.Prenom} {user.Nom}");
credenciaisValidas = (apiCredential != null);
if (credenciaisValidas)
{
ClaimsIdentity identity = new ClaimsIdentity(
new GenericIdentity(userLogin.Email, "Login"),
new[] {
new Claim(JwtRegisteredClaimNames.Jti, Guid.NewGuid().ToString("N")),
new Claim(JwtRegisteredClaimNames.UniqueName, userLogin.Email)
}
);
DateTime dataCriacao = DateTime.Now;
DateTime dataExpiracao = dataCriacao +
TimeSpan.FromDays(10);
var handler = new JwtSecurityTokenHandler();
var securityToken = handler.CreateToken(new SecurityTokenDescriptor
{
Issuer = tokenConfigurations.Issuer,
Audience = tokenConfigurations.Audience,
SigningCredentials = signingConfigurations.SigningCredentials,
Subject = identity,
NotBefore = dataCriacao,
Expires = dataExpiracao
});
var token = handler.WriteToken(securityToken);
var approbateurs = _userManager.GetUsersInRoleAsync(_roleManager.FindByNameAsync("Approbateur").Result.Name).Result.ToList();
var conseillers = _userManager.GetUsersInRoleAsync(_roleManager.FindByNameAsync("Conseiller").Result.Name).Result.ToList();
var administrateurs = _userManager.GetUsersInRoleAsync(_roleManager.FindByNameAsync("Administrateur").Result.Name).Result.ToList();
apiCredential.isAdministrateur = administrateurs.Exists(x => x.Id == user.Id);
apiCredential.isApprobateur = approbateurs.Exists(x => x.Id == user.Id);
apiCredential.isConseiller = conseillers.Exists(x => x.Id == user.Id);
apiCredential.userName = userLogin.Email;
apiCredential.created = dataCriacao.ToString("yyyy-MM-dd HH:mm:ss");
apiCredential.expiration = dataExpiracao.ToString("yyyy-MM-dd HH:mm:ss");
apiCredential.Token = token;
return(apiCredential);
}
else
{
apiCredential.authenticated = false;
apiCredential.message = "User not found";
return(apiCredential);
}
}
