示例#1
0
        public Tokens GetNewTokens(User user)
        {
            var          now   = DateTime.UtcNow;
            List <Claim> claim = new List <Claim> {
                new Claim(type: ClaimsIdentity.DefaultRoleClaimType, value: user.Role_Name),
                new Claim(type: ClaimsIdentity.DefaultNameClaimType, value: user.UserName),
                new Claim(type: "id", value: user.User_Id.ToString()),
                new Claim(type: "role", value: user.Role_Name)
            };
            ClaimsIdentity claims = new ClaimsIdentity(claim, "Bearer", ClaimsIdentity.DefaultNameClaimType, ClaimsIdentity.DefaultRoleClaimType);

            var jwt = new JwtSecurityToken(
                issuer: AuthUtils.ISSUER,
                audience: AuthUtils.AUDIENCE,
                notBefore: now,
                claims: claims.Claims,
                expires: now.Add(TimeSpan.FromMinutes(AuthUtils.LIFETIME)),
                signingCredentials: new SigningCredentials(AuthUtils.GetSymmetricSecurityKey(), SecurityAlgorithms.HmacSha256));
            var jwtrfrsh = new JwtSecurityToken(
                issuer: AuthUtils.ISSUER,
                notBefore: now,
                claims: claims.Claims,
                expires: now.Add(TimeSpan.FromMinutes(AuthUtils.REFRESH_LIFETIME)),
                signingCredentials: new SigningCredentials(AuthUtils.GetSymmetricSecurityKey(), SecurityAlgorithms.HmacSha256));

            string encodedJwt   = new JwtSecurityTokenHandler().WriteToken(jwt);
            string refreshToken = new JwtSecurityTokenHandler().WriteToken(jwtrfrsh);

            return(new Tokens {
                Access_Token = encodedJwt, Refresh_Token = refreshToken
            });
        }
示例#2
0
        public bool ValidateExpiredAccessToken(string token)
        {
            var tokenHandler         = new JwtSecurityTokenHandler();
            var validationParameters = new TokenValidationParameters
            {
                ValidateIssuer           = true,
                ValidateAudience         = true,
                ValidateLifetime         = false,
                ValidAudience            = AuthUtils.AUDIENCE,
                ValidIssuer              = AuthUtils.ISSUER,
                IssuerSigningKey         = AuthUtils.GetSymmetricSecurityKey(),
                ValidateIssuerSigningKey = true
            };
            SecurityToken validatedToken;

            try
            {
                tokenHandler.ValidateToken(token, validationParameters, out validatedToken);
            }
            catch (Exception)
            {
                return(false);
            }
            return(validatedToken != null);
        }
示例#3
0
        public void ConfigureServices(IServiceCollection services)
        {
            services.AddAuthentication(JwtBearerDefaults.AuthenticationScheme)
            .AddJwtBearer(options =>
            {
                options.RequireHttpsMetadata      = false;
                options.TokenValidationParameters = new TokenValidationParameters
                {
                    ValidateIssuer           = true,
                    ValidIssuer              = AuthUtils.ISSUER,
                    ValidateAudience         = true,
                    ValidAudience            = AuthUtils.AUDIENCE,
                    ValidateLifetime         = true,
                    IssuerSigningKey         = AuthUtils.GetSymmetricSecurityKey(),
                    ValidateIssuerSigningKey = true,
                    ClockSkew = TimeSpan.FromMinutes(5)
                };
            }).AddJwtBearer("EmailConfirmation", options =>
            {
                options.RequireHttpsMetadata      = false;
                options.TokenValidationParameters = new TokenValidationParameters
                {
                    ValidateIssuer           = true,
                    ValidIssuer              = AuthUtils.ISSUER,
                    ValidateAudience         = true,
                    ValidAudience            = AuthUtils.AUDIENCE,
                    ValidateLifetime         = true,
                    IssuerSigningKey         = AuthUtils.GetEmailConfirmationSymmetricSecurityKey(),
                    ValidateIssuerSigningKey = true,
                    ClockSkew = TimeSpan.FromMinutes(5)
                };
            });

            if (_env.IsDevelopment())
            {
                services.AddSingleton <IAuthorizationHandler, AllowAnonymous>();
            }

            services.AddDbContext <MDContext>(options =>
                                              options.UseSqlServer(Configuration.GetConnectionString("DefaultConnection")));

            services.AddSingleton <SnakeCaseConverter>();
            services.AddTransient <ICardRepository, CardRepository>();
            services.AddTransient <IUserRepository, UserRepository>();
            services.AddTransient <ContentSaver>();
            services.AddTransient <IUserDeckRepository, UserDeckRepository>();
            services.AddTransient <IDeckRepository, DeckRepository>();
            services.AddTransient <ISessionRepository, SessionRepository>();
            services.AddTransient <ITokenRepository, TokenRepository>();
            services.AddTransient <ISubscribeRepository, SubscribeRepository>();
            services.AddTransient <IFileRepository, FileRepository>();
            services.AddTransient <IAuthFacade, AuthFacade>();
            services.AddTransient <MailService>();
            services.AddTransient <ContentSaver>();
            services.AddTransient <AuthUtils>();
            services.AddTransient <GetDecksForTrainUseCase>();
            services.AddTransient <GetNewTokensUseCase>();
            services.AddTransient <RefreshTokensUseCase>();
            services.AddTransient <UpdateDeckUseCase>();
            services.AddTransient <SignUpWithGoogleUseCase>();
            services.AddTransient <SignUpWithEmailUseCase>();
            services.AddTransient <SignInWithEmailUseCase>();
            services.AddScoped <DeleteDeckUseCase>();
            services.AddTransient <SignInWithUsernameUseCase>();

            services.AddControllers();
            services.AddSwaggerGen(c =>
            {
                c.SwaggerDoc("v1", new OpenApiInfo {
                    Title = "MyDeck API", Version = "v1"
                });
            });
        }