public ActionResult <string> Post(
AuthenticationRequest authRequest,
[FromServices] IJwtSigningEncodingKey signingEncodingKey)
{
// 1. Проверяем данные пользователя из запроса.
// ...
// 2. Создаем утверждения для токена.
var claims = new Claim[]
{
new Claim(ClaimTypes.NameIdentifier, authRequest.Name)
};
// 3. Генерируем JWT.
var token = new JwtSecurityToken(
issuer: "DemoApp",
audience: "DemoAppClient",
claims: claims,
expires: DateTime.Now.AddMinutes(5),
signingCredentials: new SigningCredentials(
signingEncodingKey.GetKey(),
signingEncodingKey.SigningAlgorithm)
);
string jwtToken = new JwtSecurityTokenHandler().WriteToken(token);
return(jwtToken);
}
public ActionResult <string> Post(AuthenticationRequest authRequest, [FromServices] IJwtSigningEncodingKey signingEncodingKey)
{
if (string.IsNullOrWhiteSpace(authRequest.Name) || string.IsNullOrWhiteSpace(authRequest.Password) || authRequest?.Password != AppSettings.LoadAppSettings().AdminPassword)
{
return(Unauthorized());
}
var claims = new Claim[]
{
new Claim(ClaimTypes.NameIdentifier, authRequest.Name)
};
var token = new JwtSecurityToken(
issuer: "AiratApp",
audience: "AiratClients",
claims: claims,
expires: DateTime.Now.AddHours(3),
signingCredentials: new SigningCredentials(
signingEncodingKey.GetKey(),
signingEncodingKey.SigningAlgorithm)
);
string jwtToken = new JwtSecurityTokenHandler().WriteToken(token);
return(jwtToken);
}
public ActionResult Login([FromBody] LoginViewModel model,
[FromServices] IJwtSigningEncodingKey signingEncodingKey,
[FromServices] IJwtEncryptingEncodingKey encryptingEncodingKey)
{
var user = _repository.GetByEmail(model.Email);
if (user == null || !_passwordHasher.VerifyIdentityV3Hash(model.Password, user.PasswordHash))
{
return(Unauthorized());
}
var usersClaims = new []
{
new Claim(ClaimTypes.Name, user.Email),
new Claim(ClaimTypes.NameIdentifier, user.Id.ToString())
};
var jwtToken = _tokenService.GenerateAccessToken(usersClaims, signingEncodingKey, encryptingEncodingKey);
var refreshToken = _tokenService.GenerateRefreshToken();
return(Ok(
new
{
token = jwtToken,
refreshToken = refreshToken
}));
}
public async Task <UserToken> CreateUser(CreateUserRequest createRequest, IJwtSigningEncodingKey signingEncodingKey)
{
//createRequest.Password = Crypto.ComputeSha256Hash(createRequest.Password);
var dbUsers = await _context.Users.Find(us => us.Email == createRequest.Email && us.Password == createRequest.Password).ToListAsync();
if (dbUsers.Count > 0)
{
throw new RequestedResourceHasConflictException("Create failed. Change email");
}
var dbUser = _mapper.Map <CreateUserRequest, UserDTO>(createRequest);
await _context.Users.InsertOneAsync(dbUser);
var u = _mapper.Map <User>(dbUser);
string token = CreateToken(u, signingEncodingKey);
UserToken user = new UserToken
{
Id = u.Id,
Token = token,
Name = u.Name,
};
return(user);
}
public ActionResult <string> Post(AuthenticationRequest authRequest,
[FromServices] IJwtSigningEncodingKey signingEncodingKey,
[FromServices] IJwtEncryptingEncodingKey encryptingEncodingKey)
{
var claims = new[]
{
new Claim(ClaimTypes.NameIdentifier, authRequest.Name)
};
var tokenHandler = new JwtSecurityTokenHandler();
JwtSecurityToken token = tokenHandler.CreateJwtSecurityToken(
issuer: "SampleOfWebAPI",
audience: "WebAPI",
subject: new ClaimsIdentity(claims),
notBefore: DateTime.Now,
expires: DateTime.Now.AddHours(1),
issuedAt: DateTime.Now,
signingCredentials: new SigningCredentials(
signingEncodingKey.GetKey(),
signingEncodingKey.SigningAlgorithm),
encryptingCredentials: new EncryptingCredentials(
encryptingEncodingKey.GetKey(),
encryptingEncodingKey.SigningAlgorithm,
encryptingEncodingKey.EncryptingAlgorithm));
string jwtToken = tokenHandler.WriteToken(token);
return(jwtToken);
}
public string GenerateJwtToken(UserModel user, IJwtSigningEncodingKey signingEncodingKey, IJwtEncryptingEncodingKey encryptingEncodingKey)
{
var claims = new Claim[]
{
new Claim(ClaimTypes.Name, user?.Login),
new Claim(JwtRegisteredClaimNames.Jti, Guid.NewGuid().ToString())
};
var tokenHandler = new JwtSecurityTokenHandler();
var token = tokenHandler.CreateJwtSecurityToken(
issuer: JwtSettings.ValidIssuer,
audience: JwtSettings.ValidAudience,
subject: new ClaimsIdentity(claims),
notBefore: DateTime.Now,
expires: DateTime.Now.AddMinutes(5),
issuedAt: DateTime.Now,
signingCredentials: new SigningCredentials(
signingEncodingKey.GetKey(),
signingEncodingKey.SigningAlgorithm),
encryptingCredentials: new EncryptingCredentials(
encryptingEncodingKey.GetKey(),
encryptingEncodingKey.SigningAlgorithm,
encryptingEncodingKey.EncryptingAlgorithm)
);
var jwteString = tokenHandler.WriteToken(token);
return(jwteString);
}
public TokenEngine(
[FromServices] IJwtSigningEncodingKey signingEncodingKey,
[FromServices] IOptions <TokenSettings> tokenOptions)
{
_signingEncodingKey = signingEncodingKey;
_tokenOptions = tokenOptions;
}
public AccountController(IJwtSigningEncodingKey signingEncodingKey,
IConfiguration configuration, IUserRepository userRepository)
{
_signingEncodingKey = signingEncodingKey;
_configuration = configuration;
_userRepository = userRepository;
}
public TokenGenerator(IConfiguration configuration,
IJwtSigningEncodingKey signingEncodingKey,
IJwtEncryptingEncodingKey encryptingEncodingKey)
{
_signingEncodingKey = signingEncodingKey;
_encryptingEncodingKey = encryptingEncodingKey;
_configuration = configuration;
}
public SignInUserCommand(UserSignInInput signInInput, IJwtSigningEncodingKey signingEncodingKey)
{
Guard.IsNotNull(signInInput, nameof(signInInput));
Guard.IsNotNull(signingEncodingKey, nameof(signingEncodingKey));
_signInInput = signInInput;
_signingEncodingKey = signingEncodingKey;
}
public TokenProvider(Microsoft.AspNetCore.Identity.UserManager <IdentityUser> userManager,
SignInManager <IdentityUser> signInManager,
IOptions <AppSettings> appSettingsOptions,
IJwtSigningEncodingKey signingEncodingKey)
{
_userManager = userManager;
_signInManager = signInManager;
_appSettings = appSettingsOptions.Value;
_signingEncodingKey = signingEncodingKey;
}
public AuthService(
IUserService userSrv,
IJwtSigningEncodingKey signingEncodingKey,
IConfiguration config
)
{
_userService = userSrv;
_signingEncodingKey = signingEncodingKey;
_configuration = config;
}
public static JwtSecurityToken GetJWT(Claim[] claims, IJwtSigningEncodingKey signingEncodingKey)
{
return(new JwtSecurityToken(
//issuer: "team7_projectApp",
//audience: "team7_projectClient",
claims: claims,
expires: DateTime.Now.AddMinutes(AuthOptions.LIFETIME),
signingCredentials: new SigningCredentials(signingEncodingKey.GetKey(), signingEncodingKey.SigningAlgorithm)
));
}
public string LogIn([FromBody] LoginUser data, [FromServices] IJwtSigningEncodingKey signingEncodingKey)
{
User user = repo.LoginUser(data.Login, data.Password);
if (user != null)
{
ActionResult <string> tokenSecure = CreateToken(user, signingEncodingKey);
return(JsonConvert.SerializeObject(tokenSecure));
}
return("false");
}
public JwtService(IOptions <TokenLifeTimeOptions> tokenLifeTimeOptions,
IOptions <AuthOptions> authOptions,
IJwtSigningEncodingKey signInEncodingKey,
IJwtEncryptingEncodingKey jwtEncryptionEncodingKey,
IAesCipher crypt)
{
this.tokenLifeTimeOptions = tokenLifeTimeOptions;
this.authOptions = authOptions;
this.signInEncodingKey = signInEncodingKey;
this.jwtEncryptionEncodingKey = jwtEncryptionEncodingKey;
this.crypt = crypt;
}
public AuthService(
IMongoManager mongoManager,
ILogger <AuthService> logger,
IHasher hasher,
IJwtSigningEncodingKey signingEncodingKey,
IJwtEncryptingEncodingKey encryptingEncodingKey
)
{
_mongoManager = mongoManager;
_logger = logger;
_hasher = hasher;
_signingEncodingKey = signingEncodingKey;
_encryptingEncodingKey = encryptingEncodingKey;
}
public AuthService(
IMapper mapper,
IUserService userService,
IJwtSigningEncodingKey signingEncodingKey,
IConfiguration configuration,
IUoW unitOfWork
)
{
_mapper = mapper;
_userService = userService;
_signingEncodingKey = signingEncodingKey;
_configuration = configuration;
_unitOfWork = unitOfWork;
}
public AccountHelperTests()
{
_accountHelper = new AccountHelper();
// Setting up a jwe keys
const string signingSecurityKey = "745hvv43uhvfnvu2v";
var signingKey = new SigningSymmetricKey(signingSecurityKey);
const string encodingSecurityKey = "dfkng20jfsdjfvsdmvw";
var encryptionEncodingKey = new EncryptingSymmetricKey(encodingSecurityKey);
_signingEncodingKey = signingKey;
_encryptingEncodingKey = encryptionEncodingKey;
}
public IActionResult RefreshToken([FromBody] RefreshTokenViewModel model,
[FromServices] IJwtSigningEncodingKey signingEncodingKey,
[FromServices] IJwtEncryptingEncodingKey encryptingEncodingKey)
{
var principal = _tokenService.GetPrincipalFromExpiredToken(model.Token);
var username = principal.Identity.Name;
var newJwtToken = _tokenService.GenerateAccessToken(principal.Claims, signingEncodingKey, encryptingEncodingKey);
var newRefreshToken = _tokenService.GenerateRefreshToken();
return(Ok(
new
{
token = newJwtToken,
refreshToken = newRefreshToken
}));
}
public async Task <ActionResult <string> > Post(AuthModel auth, [FromServices] IJwtSigningEncodingKey signingEncodingKey)
{
try
{
var user = await _userManager.FindByEmailAsync(auth.Email);
var result = user == null ? Microsoft.AspNetCore.Identity.SignInResult.NotAllowed : await _signInManager.PasswordSignInAsync(user, auth.Password, /*model.RememberMe*/ false, lockoutOnFailure : false);
if (result.Succeeded)
{
// Создаем утверждения для токена
var claims = new Claim[]
{
new Claim(ClaimTypes.NameIdentifier, user.Id.ToString(), ClaimValueTypes.Integer64),
new Claim(ClaimTypes.Name, user.UserName),
new Claim(ClaimTypes.Email, user.Email),
new Claim(AuthOptions.Company, (user.Level == AspNetUserLevel.Company ? user.Company_Id : auth.Company_Id ?? user.Company_Id).ToString()),
new Claim(AuthOptions.Level, user.Level.ToString())
};
// Генерируем JWT
var token = new JwtSecurityToken(
issuer: AuthOptions.Issuer,
audience: AuthOptions.Audience,
claims: claims,
expires: DateTime.Now.AddMinutes(AuthOptions.Lifetime),
signingCredentials: new SigningCredentials(signingEncodingKey.GetKey(), signingEncodingKey.SigningAlgorithm));
string jwtToken = new JwtSecurityTokenHandler().WriteToken(token);
return(jwtToken);
}
if (result.IsLockedOut)
{
return(Forbidden("User account locked out"));
}
else
{
return(Forbidden("Invalid login attempt"));
}
}
catch (Exception ex)
{
return(BadRequest(ex.Message));
}
}
public IActionResult Post(
[FromBody] AuthenticationRequest authRequest,
[FromServices] IJwtSigningEncodingKey signingEncodingKey)
// public IActionResult Get([FromServices] IJwtSigningEncodingKey signingEncodingKey)
{
var user = _userService.Get(authRequest.Login);
var error = string.Empty;
if (user == null)
{
error = "user not found";
}
else
{
if (user.Password != authRequest.Password)
{
error = "user not found";
}
}
if (error.Length > 0)
{
return(BadRequest(new { error = error }));
}
var claims = new List <Claim>
{
new Claim(ClaimTypes.NameIdentifier, user.Login)
};
var token = new JwtSecurityToken(
issuer: "http://localhost:63342",
audience: "http://localhost:4200",
claims: claims,
expires: DateTime.Now.AddMinutes(5),
signingCredentials: new SigningCredentials(
signingEncodingKey.GetKey(),
signingEncodingKey.SigningAlgorithm)
);
string jwtToken = new JwtSecurityTokenHandler().WriteToken(token);
return(Ok(new { tokenKey = jwtToken }));
}
public ActionResult <string> Post([FromBody] UserRegistrationInfo authRequest,
[FromServices] IJwtSigningEncodingKey signingEncodingKey, CancellationToken cancellationToken)
{
if (authRequest == null)
{
var error = ServiceErrorResponses.BodyIsMissing(nameof(authRequest));
return(BadRequest(error));
}
var user = _userRepository.GetAsync(authRequest.Login, cancellationToken);
if (user.Result == null)
{
var error = ServiceErrorResponses.UserNotFound(authRequest.Login);
return(BadRequest(error));
}
if (user.Result.PasswordHash != Authenticator.HashPassword(authRequest.Password))
{
var error = ServiceErrorResponses.IncorrectPassword();
return(BadRequest(error));
}
var claims = new Claim[]
{
new Claim(ClaimTypes.NameIdentifier, authRequest.Login),
};
var token = new JwtSecurityToken(
issuer: "TodoListApp",
audience: "Client",
claims: claims,
expires: DateTime.Now.AddMinutes(10),
signingCredentials: new SigningCredentials(
signingEncodingKey.GetKey(),
signingEncodingKey.SigningAlgorithm)
);
string jwtToken = new JwtSecurityTokenHandler().WriteToken(token);
return(jwtToken);
}
public ActionResult <string> Post(AuthenticationRequest authRequest, [FromServices] IJwtSigningEncodingKey signingEncodingKey, [FromServices] IJwtEncryptingEncodingKey encryptingEncodingKey)
{
// 1. Проверяем данные пользователя из запроса.
// ...
var identity = GetIdentity(authRequest.Name, authRequest.Password);
if (identity == null)
{
Response.StatusCode = 400;
Response.WriteAsync("Invalid username or password.").GetAwaiter().GetResult();
return(null);
}
else
{
// 2. Создаем утверждения для токена.
var claims = new Claim[]
{
new Claim(ClaimTypes.NameIdentifier, authRequest.Name)
};
// 3. Генерируем JWT.
var tokenHandler = new JwtSecurityTokenHandler();
JwtSecurityToken token = tokenHandler.CreateJwtSecurityToken(
issuer: "DemoApp",
audience: "DemoAppClient",
subject: new ClaimsIdentity(claims),
notBefore: DateTime.Now,
expires: DateTime.Now.AddMinutes(5),
issuedAt: DateTime.Now,
signingCredentials: new SigningCredentials(
signingEncodingKey.GetKey(),
signingEncodingKey.SigningAlgorithm),
encryptingCredentials: new EncryptingCredentials(
encryptingEncodingKey.GetKey(),
encryptingEncodingKey.SigningAlgorithm,
encryptingEncodingKey.EncryptingAlgorithm));
var jwtToken = tokenHandler.WriteToken(token);
return(jwtToken);
}
}
public JwtUser(User user, string password, IJwtSigningEncodingKey signingEncodingKey)
{
_user = user;
if (_user == null)
{
IsUserExists = false;
return;
}
IsEmailConfirmed = user.IsEmailConfirmed;
if (!user.IsPasswordCorrect(password))
{
return;
}
IsPasswordCorrect = true;
_signingEncodingKey = signingEncodingKey;
}
public async Task <ActionResult <string> > GetToken(AuthModel userAuth, [FromServices] IJwtSigningEncodingKey signingEncodingKey)
{
// Проверяем данные пользователя из запроса.
if (!ModelState.IsValid)
{
_logger.LogInformation($"Неверный запрос");
return(BadRequest(ModelState));
}
User userDb = await ContextDb.GetAsync(userAuth.Name);
if (userDb == null || !Hash.Validate(userAuth.Password, userDb.Sault, userDb.HashPassword))
{
_logger.LogInformation($"Неверный пользователь");
return(Unauthorized($"Данный пользователь не зарегистрирован в системе."));
}
// Создаем утверждения для токена.
var claims = new Claim[] {
new Claim(ClaimTypes.NameIdentifier, userAuth.Name),
new Claim(ClaimTypes.Role, userDb.Role.Name)
};
// Генерируем JWT.
var token = new JwtSecurityToken(
issuer: AuthOptions.ISSUER,
audience: AuthOptions.AUDIENCE,
claims: claims,
expires: DateTime.Now.Add(AuthOptions.LIFETIME),
signingCredentials: new SigningCredentials(
signingEncodingKey.GetKey(),
signingEncodingKey.SigningAlgorithm)
);
string jwtToken = new JwtSecurityTokenHandler().WriteToken(token);
_logger.LogInformation($"Для пользователя {userAuth.Name} создан токен: {jwtToken}");
return(Ok(jwtToken));
}
public async Task <UserToken> LogIn(VerifyUserRequest request, IJwtSigningEncodingKey signingEncodingKey)
{
//request.Password = Crypto.ComputeSha256Hash(request.Password);
var dbUsers = await _context.Users.Find(us => us.Email == request.Email && us.Password == request.Password).ToListAsync();
if (dbUsers.Count == 0)
{
throw new CreateFailedException("Incorrect email or password");
}
var u = _mapper.Map <User>(dbUsers[0]);
string token = CreateToken(u, signingEncodingKey);
UserToken user = new UserToken
{
Id = u.Id,
Token = token,
Name = u.Name,
};
return(user);
}
private string CreateToken(User createRequest, IJwtSigningEncodingKey signingEncodingKey)
{
var claims = new Claim[]
{
new Claim(ClaimTypes.NameIdentifier, createRequest.Name),
new Claim(ClaimTypes.Email, createRequest.Email),
};
var token = new JwtSecurityToken(
issuer: "DemoApp",
audience: "DemoAppClient",
claims: claims,
expires: DateTime.Now.AddMinutes(60),
signingCredentials: new SigningCredentials(
signingEncodingKey.GetKey(),
signingEncodingKey.SigningAlgorithm)
);
string jwtToken = new JwtSecurityTokenHandler().WriteToken(token);
return(jwtToken);
}
public string GenerateAccessToken(IEnumerable <Claim> claims,
IJwtSigningEncodingKey signingEncodingKey,
IJwtEncryptingEncodingKey encryptingEncodingKey)
{
var tokenHandler = new JwtSecurityTokenHandler();
var expiryInMinutes = Convert.ToInt32(_configuration["Jwt:ExpiryInMinutes"]);
var jwtToken = tokenHandler.CreateJwtSecurityToken(
issuer: _configuration["Jwt:Site"],
audience: _configuration["Jwt:Site"],
subject: new ClaimsIdentity(claims),
notBefore: DateTime.UtcNow,
expires: DateTime.UtcNow.AddMinutes(expiryInMinutes),
issuedAt: DateTime.UtcNow,
signingCredentials: new SigningCredentials(
signingEncodingKey.GetKey(),
signingEncodingKey.SigningAlgorithm),
encryptingCredentials: new EncryptingCredentials(
encryptingEncodingKey.GetKey(),
encryptingEncodingKey.SigningAlgorithm,
encryptingEncodingKey.EncryptingAlgorithm));
return(tokenHandler.WriteToken(jwtToken));
}
public ActionResult <string> Post(
AuthenticationRequest authRequest,
[FromServices] IJwtSigningEncodingKey signingEncodingKey)
{
// 1. Проверяем данные пользователя из запроса.
var loginResult = _serviceAuthentication.LoginUser(authRequest.Name, authRequest.Password);
if (!loginResult.Result)
{
return(BadRequest(loginResult.Message));
}
// 2. Создаем утверждения для токена.
var claims = new Claim[]
{
new Claim("KadrId", authRequest.Name),
new Claim("KadrFullName", loginResult.KadrFullName)
};
// 3. Генерируем JWT.
var expiresInMinutes = 60;
int.TryParse(_configuration.GetSection("PdaaToken:expiresMinute").Value, out expiresInMinutes);
var token = new JwtSecurityToken(
issuer: _configuration.GetSection("PdaaToken:issuer").Value, // "pdaa.asu.api",
audience: _configuration.GetSection("PdaaToken:audience").Value, // "pdaa.asu.client",
claims: claims,
expires: DateTime.Now.AddMinutes(expiresInMinutes),
signingCredentials: new SigningCredentials(
signingEncodingKey.GetKey(),
signingEncodingKey.SigningAlgorithm)
);
string jwtToken = new JwtSecurityTokenHandler().WriteToken(token);
return(jwtToken);
}
public ActionResult <string> Post(TokenRequest authRequest,
[FromServices] IJwtSigningEncodingKey signingEncodingKey)
{
if (!ModelState.IsValid)
{
return(BadRequest("Invalid Request"));
}
// 1. Проверяем данные пользователя из запроса.
if (authRequest.Username != "userName" || authRequest.Password != "pass1")
{
return(Unauthorized());
}
// 2. Создаем утверждения для токена.
var claims = new Claim[]
{
new Claim(ClaimTypes.NameIdentifier, authRequest.Username)
};
// 3. Генерируем JWT.
var token = new JwtSecurityToken(
issuer: "EntManSystemMvc",
audience: "EntManSystemMvcClient",
claims: claims,
expires: DateTime.Now.AddMinutes(5),
signingCredentials: new SigningCredentials(
signingEncodingKey.GetKey(),
signingEncodingKey.SigningAlgorithm)
);
string jwtToken = new JwtSecurityTokenHandler().WriteToken(token);
return(jwtToken);
}
