public override async Task <RegisterResponse> Register(RegisterRequest request, ServerCallContext context)
{
// Create the user
var newUser = new User(Guid.NewGuid(), request.Username, request.Username, request.Password, request.Email, false);
dbContext.Users.Add(newUser);
// Create a social project whose project name is the new user
Guid socialDomainId = SocialDomainId;
var socialDomain = await dbContext.Domains.FirstAsync((domain) => domain.Id == socialDomainId);
var newProject = new Project(Guid.NewGuid(), request.Username, socialDomain);
dbContext.Projects.Add(newProject);
// Assign the user into the project and grant admin role
var projectAssignment = new UserProjectAssignment(Guid.NewGuid(), newUser, newProject, Identity.Domain.ValueObjects.UserRole.Admin);
dbContext.UserProjectAssignments.Add(projectAssignment);
// Assign the user into the social domain and grant member role
var domainAssignment = new Identity.Domain.Entities.UserDomainAssignment(Guid.NewGuid(), newUser, socialDomain, Identity.Domain.ValueObjects.UserRole.Member);
dbContext.UserDomainAssignments.Add(domainAssignment);
// Save changes
await dbContext.SaveChangesAsync();
// Return the scope (project scope) and token
var token = jwtSettings.GenerateToken(new TokenClaims(false, true, newUser.Id.ToString(), socialDomainId.ToString(), newProject.Id.ToString(), projectAssignment.Id.ToString(), Shared.UserRole.Admin));
var scope = new Scope()
{
System = false,
Role = Protos.Common.UserRole.Admin,
DomainId = socialDomainId.ToString(),
DomainName = socialDomain.Name,
ProjectId = newProject.Id.ToString(),
ProjectName = newProject.Name,
UserProjectAssignmentId = projectAssignment.Id.ToString(),
Social = true
};
return(new RegisterResponse()
{
UserId = newUser.Id.ToString(),
SocialProjectId = newProject.Id.ToString(),
SocialDomainAssignmentId = domainAssignment.Id.ToString(),
SocialProjectAssignmentId = projectAssignment.Id.ToString(),
Scope = scope,
Token = token,
});
}
private string?Authenticate(User user, Scope scope)
{
if (scope.System)
{
if (!user.System)
{
return(null);
}
}
// In gRPC there is no null value, the empty string means nothing
else if (string.IsNullOrEmpty(scope.ProjectId))
{
// disallow social domain login
var domainIdGuid = Guid.Parse(scope.DomainId);
if (domainIdGuid == Constants.SocialDomainId)
{
return(null);
}
// it's a domain scope, find whether the user has it
var domain = user.Domains.FirstOrDefault(x => x.Domain.Id == domainIdGuid && (int)x.Role == (int)scope.Role);
if (domain == null)
{
return(null);
}
}
else
{
var project = user.Projects.FirstOrDefault(x => x.Project.Id == Guid.Parse(scope.ProjectId) && (int)x.Role == (int)scope.Role);
if (project == null)
{
return(null);
}
}
// auth successful. generate token according to token claims
var claims = new TokenClaims(scope.System, scope.Social, user.Id.ToString(), scope.DomainId, scope.ProjectId, scope.UserProjectAssignmentId, (UserRole)scope.Role);
return(jwtSettings.GenerateToken(claims));
}