public async Task <IActionResult> Register(UserRegisterDto data) { User user = await _userSVC.FindOneAsync(x => x.Username.ToLower().Equals(data.UserName.ToLower())); if (user == null) { user = new User(); user.Username = data.UserName; user.FirstName = data.FirstName; user.LastName = data.LastName; user.Password = data.Password.Encrypt(); //user.Token = randomTokenString(); //user.Active = false; var res = await _userSVC.AddUserAsync(user); //sendVerifyAccountUrl(data.UserName, data.Password, user.ResetToken); response.Success = true; response.Message = "لیک فعال سازی حساب کاربری شما به ایمل شما ارسال گرددید"; } else { response.Success = false; response.Message = "حساب کاربری واردشده در سامانه موجود می باشد"; } ViewData["response"] = response; return(View()); }
public async Task <IActionResult> Login(SaveLoginDto data) { User user = await _userSVC.FindOneAsync(x => x.Username.ToLower().Equals(data.UserName.ToLower())); if (user != null) { //var d = data.Password.Encrypt(); if (data.Password.ToLower().Equals(user.Password.Decrypt().ToLower())) { response.Success = true; var token = await CreateToken(user); //response.Data = token; HttpContext.Session.SetString("JWToken", token); var userAccessUrls = (from u in await _userSVC.GetManyUsersAsync(x => x.Id == user.Id) join ur in await _userRolesSVC.GetAllUserRolesAsync() on u.Id equals ur.UserId join r in await _roleSVC.GetAllRolesAsync() on ur.RoleId equals r.Id join ra in await _roleAccessSVC.GetAllRoleAccessAsync() on r.Id equals ra.RoleId join al in await _accessLinkSVC.GetAllAccessLinksAsync() on ra.AccessLinkId equals al.Id where u.Id == user.Id select new AccessUrlViewModel { Link = $"/{al.Controller}/{al.Action}" }).ToList(); HttpContext.Session.SetComplexData("UserAccessUrls", userAccessUrls); //HttpContext.Request.Headers.Add("Authorization", $"Bearer {response.Token}"); //_httpContextAccessor.HttpContext.Response.Cookies.Append("access_token", response.Token, new CookieOptions { HttpOnly = true, Secure = true }); //return new JsonResult(response); return(RedirectToAction("Index", "Home", new { area = "" })); } else { response.Success = false; response.Message = "نام کاربری یا کلمه عبور اشتباه می باشد"; } } else { response.Success = false; response.Message = "کاربری با مشخصات وارد شده یافت نشد"; } //return new JsonResult(response); ViewData["response"] = response; return(View()); }
private async Task <string> CreateToken(User user) { List <Claim> claims = new List <Claim> { new Claim(ClaimTypes.NameIdentifier, user.Id.ToString()), new Claim(ClaimTypes.Email, user.Username), new Claim(ClaimTypes.Name, user.FirstName + " " + user.LastName), //new Claim("FullName", user.FirstName+" "+user.LastName), }; //######################## var userRoles = await _userRolesSVC.GetManyUserRolesAsync(r => r.UserId == user.Id); var userRoleIds = userRoles.Select(s => s.RoleId); var urIds = string.Join(',', userRoleIds); claims.Add(new Claim(ClaimTypes.Role, urIds)); //var adminRole = userRoles.FirstOrDefault(x => x.RoleId == (decimal)EnumRole.ADMIN); //if (adminRole != null) //{ // claims.Add(new Claim(ClaimTypes.Role, adminRole.RoleId.ToString())); //} //else //{ // userRoles.ToList().ForEach(ur => // { // claims.Add(new Claim(ClaimTypes.Role, ur.RoleId.ToString())); // }); // var roleAccess = await _roleAccessSVC.GetManyRoleAccessAsync(l => userRoleIds.Contains(l.RoleId)); // var accessLinkIds = roleAccess.Select(ss => ss.AccessLinkId); // var accessLinks = await _accessLinkSVC.GetManyAccessLinksAsync(al => accessLinkIds.Contains(al.Id)); // accessLinks = accessLinks.Distinct(); // //List<Claim> claimLinks = new List<Claim>(); // //roleAccess.ToList().ForEach(al => { // // claimLinks.Add(new Claim(ClaimTypes.Uri ,$"/{al.AccessLink.}/{}"); // //}); //} //######################## SymmetricSecurityKey key = new SymmetricSecurityKey( Encoding.UTF8.GetBytes(_configuration.GetSection("Jwt:Secret").Value) ); SigningCredentials creds = new SigningCredentials(key, SecurityAlgorithms.HmacSha512Signature); SecurityTokenDescriptor tokenDescriptor = new SecurityTokenDescriptor { Subject = new ClaimsIdentity(claims), Issuer = _configuration.GetSection("Jwt:Issuer").Value, Audience = _configuration.GetSection("Jwt:Audience").Value, NotBefore = new DateTimeOffset(DateTime.Now).DateTime, Expires = DateTime.Now.AddMinutes(30), SigningCredentials = creds }; JwtSecurityTokenHandler tokenHandler = new JwtSecurityTokenHandler(); SecurityToken token = tokenHandler.CreateToken(tokenDescriptor); return(tokenHandler.WriteToken(token)); }