private string GenerateRandomPassword(PasswordOptions opts = null)
{
string[] randomChars = new[] {
"ABCDEFGHJKLMNOPQRSTUVWXYZ", // uppercase
"abcdefghijkmnopqrstuvwxyz", // lowercase
"0123456789", // digits
"!@$?_-" // non-alphanumeric
};
opts = PasswordSettings.GetPasswordSettings().Password;
Random rand = new Random(Environment.TickCount);
List <char> chars = new List <char>();
if (opts.RequireUppercase)
{
chars.Insert(rand.Next(0, chars.Count),
randomChars[0][rand.Next(0, randomChars[0].Length)]);
}
if (opts.RequireLowercase)
{
chars.Insert(rand.Next(0, chars.Count),
randomChars[1][rand.Next(0, randomChars[1].Length)]);
}
if (opts.RequireDigit)
{
chars.Insert(rand.Next(0, chars.Count),
randomChars[2][rand.Next(0, randomChars[2].Length)]);
}
if (opts.RequireNonAlphanumeric)
{
chars.Insert(rand.Next(0, chars.Count),
randomChars[3][rand.Next(0, randomChars[3].Length)]);
}
for (int i = chars.Count; i < opts.RequiredLength ||
chars.Distinct().Count() < opts.RequiredUniqueChars; i++)
{
string rcs = randomChars[rand.Next(0, randomChars.Length)];
chars.Insert(rand.Next(0, chars.Count),
rcs[rand.Next(0, rcs.Length)]);
}
return(new string(chars.ToArray()));
}
// This method gets called by the runtime. Use this method to add services to the container.
public void ConfigureServices(IServiceCollection services)
{
services.InitializeServices();
services.AddMvc().SetCompatibilityVersion(CompatibilityVersion.Version_2_1);
services.AddDbContext <ApplicationDbContext>(options =>
options.UseSqlServer(Configuration.GetConnectionString("DefaultConnection")));
services.AddIdentityCore <ApplicationUser>(options =>
{
// Temporary mild password policy: to be strictened
options.Password = PasswordSettings.GetPasswordSettings().Password;
options.User.AllowedUserNameCharacters = "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyzАБВГДЕЁЖЗИЙКЛМНОПРСТУФХЦЧШЩЬЮЯҐЄІЇабвгдеёжзийклмнопрстуфхцчшщьюяґєії'0123456789 -_";//A-Za-zА-ЩЬЮЯҐЄІЇа-щьюяґєії'0-9 -_
options.User.RequireUniqueEmail = true;
}).AddRoles <IdentityRole>()
.AddEntityFrameworkStores <ApplicationDbContext>()
.AddDefaultTokenProviders();
services.AddAuthorization(options =>
{
options.AddPolicy(PolicyTypes.NotBanned, policy =>
policy.AddRequirements(new NotBannedRequirement()));
});
services.AddAuthentication(JwtBearerDefaults.AuthenticationScheme)
.AddJwtBearer(options =>
{
options.TokenValidationParameters = new TokenValidationParameters()
{
ValidateIssuer = true,
ValidateAudience = true,
ValidateLifetime = true,
ValidateIssuerSigningKey = true,
ValidIssuer = Configuration["Jwt:Issuer"],
ValidAudience = Configuration["Jwt:Audience"],
IssuerSigningKey = new SymmetricSecurityKey(
Encoding.UTF8.GetBytes(Configuration["Jwt:Key"]))
};
});
// In production, the Angular files will be served from this directory
services.AddSpaStaticFiles(configuration =>
{
configuration.RootPath = "ClientApp/dist";
});
services.AddScoped <DbInitializer>();
// Register the Swagger generator, defining 1 or more Swagger documents
services.AddSwaggerGen(c =>
{
c.SwaggerDoc("v1", new Info {
Title = "Booking API", Version = "v1"
});
c.AddSecurityDefinition("Bearer", new ApiKeyScheme {
In = "header", Description = "Please enter JWT with Bearer into field", Name = "Authorization", Type = "apiKey"
});
c.AddSecurityRequirement(new Dictionary <string, IEnumerable <string> > {
{ "Bearer", Enumerable.Empty <string>() },
});
});
}