private ClaimsIdentity GetIdentity(string username, string password) { AuthData person = _context.AuthorizeDatas.FirstOrDefault(ad => ad.Login == username && ad.Password == password); if (person == null) { return(null); } PeerReviewUser user = _context.Users.First(u => u.Login == username); var claims = new List <Claim> { new Claim(ClaimsIdentity.DefaultNameClaimType, user.Id.ToString()) //TODO: implement role system //new Claim(ClaimsIdentity.DefaultRoleClaimType, person.Role.ToString()) }; var claimsIdentity = new ClaimsIdentity( claims, "Token", ClaimsIdentity.DefaultNameClaimType, ClaimsIdentity.DefaultRoleClaimType); return(claimsIdentity); }
public UserToken LogIn(AuthData authData) { ClaimsIdentity identity = GetIdentity(authData.Login, authData.Password); if (identity == null) { throw new AuthenticationException("Invalid login or password"); } PeerReviewUser user = _context.Users.First(u => u.Login == authData.Login); var jwt = new JwtSecurityToken( AuthOptions.Issuer, AuthOptions.Audience, notBefore: DateTime.UtcNow, claims: identity.Claims, expires: DateTime.UtcNow.Add(TimeSpan.FromMinutes(AuthOptions.Lifetime)), signingCredentials: new SigningCredentials(AuthOptions.GetSymmetricSecurityKey(), SecurityAlgorithms.HmacSha256)); string encodedJwt = new JwtSecurityTokenHandler().WriteToken(jwt); return(new UserToken { AccessToken = encodedJwt, UserId = user.Id }); }
public void Update(PeerReviewUser peerReviewUser, Guid executorId) { //TODO: check if executorId is admin if (peerReviewUser.Id != executorId) { throw new PermissionDeniedException(executorId, "On PeerReviewUserService.Update"); } //TODO: validate fields _context.Users.Update(peerReviewUser); _context.SaveChanges(); }
public UserToken RegisterMember(RegistrationData data) { if (IsUsernameAvailable(data.Login) == false) { throw new DuplicateNameException(data.Login); } PeerReviewUser peerReviewUser = data.ToUser(); _context.Users.Add(peerReviewUser); var authData = new AuthData { Login = data.Login, Password = data.Password }; _context.AuthorizeDatas.Add(authData); _context.SaveChanges(); return(LogIn(authData)); }
public void Update([FromBody] PeerReviewUser peerReviewUser) { Guid userId = Guid.Parse(User.Identity.Name); _peerReviewUserService.Update(peerReviewUser, userId); }
public void GetUser_NotFound() { PeerReviewUser user = UserService.Get(Guid.NewGuid()); Assert.IsNull(user); }