// This method gets called by the runtime. Use this method to add services to the container.
// For more information on how to configure your application, visit https://go.microsoft.com/fwlink/?LinkID=398940
public void ConfigureServices(IServiceCollection services)
{
// get the DI
BaseHelpers.DI = services;
// AddScoped configures settings to create new instance of this type per http request
services.AddScoped <BaseService>();
// Add automapper
services.AddAutoMapper(typeof(Startup).Assembly);
// Register a type of DbContext so that it can be used in DI (inside dependent classes' constructors)
services.AddDbContext <BookStoreContext>();
// Configure Swagger
services.AddSwaggerGen(c => c.SwaggerDoc("v1", new Info {
Title = _title, Version = _version
}));
// Allow CORS
services.AddCors(o => o.AddPolicy("CorsPolicy", builder =>
{
builder.AllowAnyOrigin()
.AllowAnyMethod()
.AllowAnyHeader()
.AllowCredentials();
}));
// JWT Authentication
services.AddAuthentication(JwtBearerDefaults.AuthenticationScheme)
.AddJwtBearer(options =>
{
options.TokenValidationParameters = UserHelpers.GetTokenValidationOptions(validateLifetime: true);
options.Events = new JwtBearerEvents()
{
OnAuthenticationFailed = context =>
{
if (context.Exception.GetType() == typeof(SecurityTokenExpiredException))
{
context.Response.Headers.Add("Token-Expired", "true");
}
return(Task.CompletedTask);
}
};
});
// configure MVC options
services.AddMvc(config => config.Filters.Add(typeof(ApiExceptionFilterAttribute)))
.SetCompatibilityVersion(CompatibilityVersion.Version_2_1)
.AddJsonOptions(options =>
{
options.SerializerSettings.ContractResolver = new CamelCasePropertyNamesContractResolver();
options.SerializerSettings.ReferenceLoopHandling = ReferenceLoopHandling.Ignore;
});
}
public IActionResult SignUp(SignUp signUp)
{
// (1) Generate password Hash and salt
// (_) Mapping from SignUp [View Model] to User [Entity Model]
user = UserHelpers.ToUser(signUp);
// (2) insert the User
_service.Add(user);
// (3) Map the Entity User to View User [VUser]
vUser = _mapper.Map <UserView>(user);
// (4) if everything is ok, return the [vUser - accessToken - refreshToken]
return(Ok(new
{
User = vUser,
AccessToken = UserHelpers.GetToken(vUser)
}
));
}
public static User ToUser(SignUp signUp)
{
// generate salt and hash
string salt = UserHelpers.GetSecuredRandStr();
string hash = UserHelpers.Hashing(signUp.Password, salt);
return(new User()
{
UserName = signUp.UserName,
Email = signUp.Email,
Address = signUp.Address,
Mobile = signUp.Mobile,
BirthDate = signUp.BirthDate,
Gender = signUp.Gender,
PasswordSalt = salt,
PasswordHash = hash
});
}
public IActionResult ChangePassword([FromBody] ChangedPassword changedpassword)
{
// (1) Get User by his Credentials [UserId - OldPassword]
var user = _service.GetOne <User>(u => u.Email == changedpassword.Email && UserHelpers.ValidateHash(changedpassword.OldPassword, u.PasswordSalt, u.PasswordHash));
// (2) if user not found then return [BadRequest]
if (user == null)
{
return(BadRequest(new Error()
{
Message = "Invalid User."
}));
}
return(_DoChangePassword(user, changedpassword.NewPassword));
}