public async Task<ActionResult> Index() { if (this.User.Identity.IsAuthenticated) { var manager = new UserManager<ApplicationUser>(new UserStore<ApplicationUser>(this.db)); var appUser = await manager.FindByIdAsync(this.User.Identity.GetUserId()); IQueryable<Game> games = from membership in db.GameMemberships where membership.ApplicationUserID == appUser.Id join game in db.Games on membership.GameID equals game.ID select game; var adminRole = await db.Roles.FirstOrDefaultAsync(role => role.Name == "Admin"); this.ViewBag.Games = await games.ToListAsync(); this.ViewBag.Claims = await manager.GetClaimsAsync(appUser.Id); this.ViewBag.Roles = await manager.GetRolesAsync(appUser.Id); } return View(); }
protected async override System.Threading.Tasks.Task<HttpResponseMessage> SendAsync(HttpRequestMessage request, System.Threading.CancellationToken cancellationToken) { var query = request.RequestUri.ParseQueryString(); if (query.AllKeys.Any(x => x == "token")) { var jwt = ((JwtSecurityToken)new JwtSecurityTokenHandler().ReadToken(query.GetValues("token")[0])); var userId = jwt.Claims.FirstOrDefault(x => x.Type.Equals("nameid")).Value; if (userId != null) using (var context = DatabaseContext.Create()) using (var userManager = new UserManager(new UserStore<User>(context))) { User currentUser = null; if ((currentUser = await userManager.FindByIdAsync(userId)) != null) { var identity = await currentUser.GenerateUserIdentityAsync(userManager, OAuthDefaults.AuthenticationType); var principal = new GenericPrincipal(identity, (await userManager.GetRolesAsync(currentUser.Id)).ToArray()); Thread.CurrentPrincipal = principal; HttpContext.Current.User = principal; } } } return await base.SendAsync(request, cancellationToken); }
public async Task<List<string>> GetRoles(string userId) { var db = new DataContext(); var userMan = new UserManager<MyUser>(new UserStore<MyUser>(db)); var roles = await userMan.GetRolesAsync(userId); return roles.ToList(); }
public async Task<ClaimsIdentity> GenerateUserIdentityAsync(UserManager<ApplicationUser> manager) { // Note the authenticationType must match the one defined in CookieAuthenticationOptions.AuthenticationType var userIdentity = await manager.CreateIdentityAsync(this, DefaultAuthenticationTypes.ApplicationCookie); var properties = this.GetType().GetProperties(); foreach (var property in properties) { if (property.GetValue(this) != null && property.Name != "PasswordHash") userIdentity.AddClaim(new Claim(property.Name, property.GetValue(this).ToString())); } var roles = await manager.GetRolesAsync(Id); foreach (var role in roles) { userIdentity.AddClaim(new Claim(ClaimTypes.Role, role)); } return userIdentity; }
public async Task <ActionResult> Edit([Bind(Include = "Email,Id")] EditUserViewModel editUser, params string[] selectedRole) { if (ModelState.IsValid) { var user = await UserManager.FindByIdAsync(editUser.Id); if (user == null) { return(HttpNotFound()); } user.Email = editUser.Email; var userRoles = await UserManager.GetRolesAsync(user.Id); selectedRole = selectedRole ?? new string[] { }; var result = await UserManager.AddUserToRolesAsync(user.Id, selectedRole.Except(userRoles).ToList <string>()); if (!result.Succeeded) { ModelState.AddModelError("", result.Errors.First()); return(View()); } result = await UserManager.RemoveUserFromRolesAsync(user.Id, userRoles.Except(selectedRole).ToList <string>()); if (!result.Succeeded) { ModelState.AddModelError("", result.Errors.First()); return(View()); } return(RedirectToAction("Index")); } ModelState.AddModelError("", "Something failed."); return(View()); }
public async Task <IActionResult> Login([FromBody] LoginModel loginModel) { var user = await _userManager.FindByNameAsync(loginModel.UserName); if (user != null && await _userManager.CheckPasswordAsync(user, loginModel.Password)) { var userRoles = await _userManager.GetRolesAsync(user); var authClaims = new List <Claim> { new Claim(ClaimTypes.Name, user.UserName), new Claim(JwtRegisteredClaimNames.Jti, Guid.NewGuid().ToString()) }; foreach (var userRole in userRoles) { authClaims.Add(new Claim(ClaimTypes.Role, userRole)); } var authSigninKey = new SymmetricSecurityKey(Encoding.UTF8.GetBytes(_configuration["JWT:Secret"])); var token = new JwtSecurityToken( issuer: _configuration["JWT:ValidIssuer"], audience: _configuration["JWT:ValidAudience"], expires: DateTime.Now.AddHours(7), claims: authClaims, signingCredentials: new SigningCredentials(authSigninKey, SecurityAlgorithms.HmacSha256) ); return(Ok(new { token = new JwtSecurityTokenHandler().WriteToken(token) })); } return(Unauthorized()); }
private async Task <string> GenerateJSONWebToken(IdentityUser user) { var securityKey = new SymmetricSecurityKey(Encoding.UTF8.GetBytes(_config["Jwt:Key"])); var credentials = new SigningCredentials(securityKey, SecurityAlgorithms.HmacSha256); var claims = new List <Claim> { new Claim(JwtRegisteredClaimNames.Sub, user.Email), new Claim(JwtRegisteredClaimNames.Jti, Guid.NewGuid().ToString()), new Claim(ClaimTypes.NameIdentifier, user.Id) }; var roles = await _userManager.GetRolesAsync(user); claims.AddRange(roles.Select(r => new Claim(ClaimsIdentity.DefaultRoleClaimType, r))); var token = new JwtSecurityToken(_config["Jwt:Issuer"] , _config["Jwt:Issuer"], claims, null, expires: DateTime.Now.AddHours(5), signingCredentials: credentials ); return(new JwtSecurityTokenHandler().WriteToken(token)); }
public async Task <ActionResult> RemoveUser(string id) { if (id == null) { return(new HttpStatusCodeResult(HttpStatusCode.BadRequest)); } var user = await UserManager.FindByIdAsync(id); var logins = user.Logins; var rolesforUser = await UserManager.GetRolesAsync(id); using (var transaction = context.Database.BeginTransaction()) { //IdentityResult result = IdentityResult.Success; foreach (var login in logins) { await UserManager.RemoveLoginAsync(login.UserId, new UserLoginInfo(login.LoginProvider, login.ProviderKey)); } if (rolesforUser.Any()) { foreach (var item in rolesforUser.ToList()) { var result = await UserManager.RemoveFromRoleAsync(user.Id, item); } } await UserManager.DeleteAsync(user); transaction.Commit(); } //return RedirectToAction("UsersIndex"); return(Json(new { success = true }, JsonRequestBehavior.AllowGet)); }
public async Task <IActionResult> Index() { User user = await _userManager.GetUserAsync(User); var roles = await _userManager.GetRolesAsync(user); List <Certification> certifications = _db.Certifications.ToList(); if (roles.Contains("admin")) { return(View(certifications)); } List <string> userCertificationsList = _db.UserCertifications .Where(e => e.UserId == user.Id) .Select(e => e.CertificationId) .ToList(); List <Certification> certificationsByUser = certifications .Where(e => userCertificationsList.Contains(e.Id)) .ToList(); return(View(certificationsByUser)); }
public string CreateToken(User user) { var roles = _userManager.GetRolesAsync(user).Result; // var fullName = _context.userMoreInfos.FirstOrDefault(t => t.id == user.Id).FullName; var claims = new List <Claim>() { //new Claim(JwtRegisteredClaimNames.Sub, user.Id) new Claim("id", user.Id.ToString()), // new Claim("name", fullName), new Claim("email", user.Email) }; foreach (var role in roles) { claims.Add(new Claim("roles", role)); } string jwtTokenSecretKey = this._configuration.GetValue <string>("SecretPhrase"); var signingKey = new SymmetricSecurityKey(Encoding.UTF8.GetBytes(jwtTokenSecretKey)); var signingCredentials = new SigningCredentials(signingKey, SecurityAlgorithms.HmacSha256); var jwt = new JwtSecurityToken( signingCredentials: signingCredentials, claims: claims, expires: DateTime.Now.AddYears(1)); return(new JwtSecurityTokenHandler().WriteToken(jwt)); }
private string CreateTokenJwt(DbUser user) { var roles = _userManager.GetRolesAsync(user).Result; var claims = new List <Claim>() { //new Claim(JwtRegisteredClaimNames.Sub, user.Id) new Claim("id", user.Id.ToString()), new Claim("name", user.UserName) }; foreach (var role in roles) { claims.Add(new Claim("roles", role)); } var signingKey = new SymmetricSecurityKey(Encoding.UTF8.GetBytes("11-sdfasdf-22233222222")); var signingCredentials = new SigningCredentials(signingKey, SecurityAlgorithms.HmacSha256); var jwt = new JwtSecurityToken( signingCredentials: signingCredentials, claims: claims, expires: DateTime.Now.AddHours(1)); return(new JwtSecurityTokenHandler().WriteToken(jwt)); }
public static async Task <JsonResponse> GenerateJwt(User user, string fullName, JwtIssuerOptions _jwtOptions, UserManager <User> _userManager) { var claims = new List <Claim> { new Claim(JwtRegisteredClaimNames.Sub, user.UserName), new Claim(JwtRegisteredClaimNames.Jti, await _jwtOptions.JtiGenerator()), new Claim(JwtRegisteredClaimNames.Iat, ToUnixEpochDate(_jwtOptions.IssuedAt).ToString(), ClaimValueTypes.Integer64) }; var userRoles = await _userManager.GetRolesAsync(user); foreach (var userRole in userRoles) { claims.Add(new Claim(ClaimTypes.Role, userRole)); } // Create the JWT security token and encode it. var jwt = new JwtSecurityToken( issuer: _jwtOptions.Issuer, audience: _jwtOptions.Audience, claims: claims, notBefore: _jwtOptions.NotBefore, expires: _jwtOptions.Expiration, signingCredentials: _jwtOptions.SigningCredentials); var encodedJwt = new JwtSecurityTokenHandler().WriteToken(jwt); var response = new JsonResponse { fullName = fullName, id = user.Id, token = encodedJwt, expires_in = (int)_jwtOptions.ValidFor.TotalSeconds }; return(response); //return JsonConvert.SerializeObject(response, new JsonSerializerSettings { Formatting = Formatting.Indented }); }
public async Task <string> CreateAccessToken(User user) { var userId = user.Id.ToString(); var userName = user.UserName; var claims = new List <Claim> { new Claim(ClaimTypes.NameIdentifier, userId), new Claim(ClaimTypes.Name, userName) }; var roles = await _userManager.GetRolesAsync(user); foreach (var role in roles) { claims.Add(new Claim(ClaimTypes.Role, role)); } var secret = _configuration.GetSection("Jwt").GetSection("Token").Get <String>(); var key = new SymmetricSecurityKey(Encoding.UTF8.GetBytes(secret)); var creds = new SigningCredentials(key, SecurityAlgorithms.HmacSha512Signature); var tokenDescriptor = new SecurityTokenDescriptor { Subject = new ClaimsIdentity(claims), Expires = DateTime.Now.AddMinutes(1), SigningCredentials = creds }; var tokenHandler = new JwtSecurityTokenHandler(); var token = tokenHandler.CreateToken(tokenDescriptor); return(tokenHandler.WriteToken(token)); }
public async Task <List <Claim> > GetUserClaimsByIdAsync(string subjectid) { var user = await _userManager.FindByIdAsync(subjectid); if (user != null) { var roles = await _userManager.GetRolesAsync(user); var claims = new List <Claim> { new Claim(JwtClaimTypes.Email, user.Email), new Claim(JwtClaimTypes.Subject, user.Id.ToString()), new Claim(JwtClaimTypes.Name, user.UserName), new Claim("AspNet.Identity.SecurityStamp", user.SecurityStamp) }; if (roles.Any()) { claims.AddRange(roles.Select(role => new Claim(JwtClaimTypes.Role, role))); } return(claims.ToList()); } return(new List <Claim>()); }
public async Task <ActionResult> Edit(EditUserViewModel editUser, params string[] selectedRole) { if (ModelState.IsValid) { var user = await UserManager.FindByIdAsync(editUser.Id); if (user == null) { return(HttpNotFound()); } user.DateOfBirth = editUser.DateOfBirth; user.FirstName = editUser.FirstName; user.LastName = editUser.LastName; user.Address = editUser.Address; var userRoles = await UserManager.GetRolesAsync(user.Id); selectedRole = selectedRole ?? new string[] { }; var result = await UserManager.AddToRolesAsync(user.Id, selectedRole.Except(userRoles).ToArray <string>()); if (!result.Succeeded) { ModelState.AddModelError("", result.Errors.First()); return(View()); } result = await UserManager.RemoveFromRolesAsync(user.Id, userRoles.Except(selectedRole).ToArray <string>()); if (!result.Succeeded) { ModelState.AddModelError("", result.Errors.First()); return(View()); } return(RedirectToAction("Index")); } ModelState.AddModelError("", "Something failed."); return(View()); }
public async Task <UsuarioData> Handle(Ejecutar request, CancellationToken cancellationToken) { var usuario = await _userManager.FindByNameAsync(_usuarioSesion.ObtenerUsuarioSesion()); var resultadoRoles = await _userManager.GetRolesAsync(usuario); var listaRoles = new List <string>(resultadoRoles); var imagenPerfil = await _context.Documento.Where(x => x.ObjetoReferencia == new Guid(usuario.Id)).FirstOrDefaultAsync(); if (imagenPerfil != null) { var imagenCliente = new ImagenGeneral { Data = Convert.ToBase64String(imagenPerfil.Contenido), Extension = imagenPerfil.Extension, Nombre = imagenPerfil.Nombre }; return(new UsuarioData { NombreCompleto = usuario.NombreCompleto, Username = usuario.UserName, Token = _jwtGenerador.CrearToken(usuario, listaRoles), ImagenPerfil = imagenCliente, Email = usuario.Email }); } else { return(new UsuarioData { NombreCompleto = usuario.NombreCompleto, Username = usuario.UserName, Token = _jwtGenerador.CrearToken(usuario, listaRoles), Email = usuario.Email }); } }
public async Task OnActionExecutionAsync(ActionExecutingContext context, ActionExecutionDelegate next) { if (context.HttpContext.Request.Headers.ContainsKey("Authorization")) { string username = context.HttpContext.User.GetUserName(); var user = await userManager.FindByNameAsync(username); var role = (await userManager.GetRolesAsync(user)).FirstOrDefault(); var isInRole = context.HttpContext.User.IsInRole(role); if (!isInRole) { context.Result = new StatusCodeResult(401); } else { await next(); } } else { await next(); } }
// GET: StaffManagement/Edit/5 public async System.Threading.Tasks.Task <ActionResult> Edit(string id) { if (id == null) { return(new HttpStatusCodeResult(HttpStatusCode.BadRequest)); } Staff staff = db.ApplicationUsers.Find(id); if (staff == null) { return(HttpNotFound()); } //create new instance of modify staff view model for edit ViewBag.RoleNo = new SelectList(db.Roles, "Id", "Name"); ModifyStaffViewModel staffviewmodel = new ModifyStaffViewModel(); string oldRole = (await UserManager.GetRolesAsync(id)).Single(); //intakes current values available about user to modify, minus password due to hashed display and confidential staffviewmodel.Roles = db.Roles.Select(r => new SelectListItem { Text = r.Name, Value = r.Name, Selected = r.Name == oldRole }).ToList(); staffviewmodel.Forename = staff.Forename; staffviewmodel.Surname = staff.Surname; staffviewmodel.Street = staff.Street; staffviewmodel.Town = staff.Town; staffviewmodel.City = staff.City; staffviewmodel.DOB = staff.DOB; staffviewmodel.Email = staff.Email; staffviewmodel.Telnum = staff.PhoneNumber; staffviewmodel.Role = staff.Role; staffviewmodel.tempid = staff.Id; return(View(staffviewmodel)); }
public async static Task <ClaimsIdentity> CreateUserClaims( ClaimsIdentity identity, UserManager <ApplicationUser> manager, string userId ) { // Current User var currentUser = await manager.FindByIdAsync(userId); var roles = (List <string>) await manager.GetRolesAsync(userId); // Your User Data var jUser = JsonConvert.SerializeObject(new CurrentUser { UserId = currentUser.Id, Name = currentUser.Name, UserName = currentUser.Email, Roles = roles ?? new List <string>() }); identity.AddClaim(new Claim(ClaimTypes.UserData, jUser)); return(await Task.FromResult(identity)); }
public async Task <string> BuildToken(AppUser user) { var userRoles = await _userManager.GetRolesAsync(user); //claim collection var claims = new List <Claim> { new Claim(ClaimTypes.Name, user.UserName), new Claim(JwtRegisteredClaimNames.Jti, Guid.NewGuid().ToString()), }; foreach (var userRole in userRoles) { claims.Add(new Claim(ClaimTypes.Role, userRole)); } var secretBytes = Encoding.UTF8.GetBytes(Constants.Secret); var key = new SymmetricSecurityKey(secretBytes); var algorithm = SecurityAlgorithms.HmacSha256; var signingCredentials = new SigningCredentials(key, algorithm); var token = new JwtSecurityToken( Constants.Issuer, Constants.Audiance, claims, notBefore: DateTime.Now, expires: DateTime.Now.AddHours(1), signingCredentials); var tokenJson = new JwtSecurityTokenHandler().WriteToken(token); return(tokenJson); }
public async Task <JwtToken?> CreateToken(InputModel model) { IdentityUser?user = await _userManager.FindByEmailAsync(model.Email); if (user != null) { if (await _userManager.CheckPasswordAsync(user, model.Password)) { JwtSecurityTokenHandler?tokenHandler = new JwtSecurityTokenHandler(); byte[]? key = Encoding.ASCII.GetBytes(_configuration["Tokens:Key"]); SecurityTokenDescriptor?tokenDescriptor = new SecurityTokenDescriptor { Subject = new ClaimsIdentity(new Claim[] { new Claim(ClaimTypes.Name, user.Id.ToString()) }), Expires = DateTime.UtcNow.AddMonths(2), SigningCredentials = new SigningCredentials(new SymmetricSecurityKey(key), SecurityAlgorithms.HmacSha256Signature) }; foreach (string?role in await _userManager.GetRolesAsync(user)) { tokenDescriptor.Subject.AddClaim(new Claim(ClaimTypes.Role, role)); } SecurityToken?token = tokenHandler.CreateToken(tokenDescriptor); return(new JwtToken { Token = tokenHandler.WriteToken(token), Expiration = token.ValidTo, }); } } return(null); }
private async Task <Token> generateJwtToken(User user) { var userRoles = await userManager.GetRolesAsync(user); var country = northwindContext.Employees.Find(user.EmployeeID).Country.ToString(); var authClaims = new List <Claim> { new Claim(ClaimTypes.Name, user.UserName), new Claim(JwtRegisteredClaimNames.Jti, Guid.NewGuid().ToString()), new Claim(ClaimTypes.Country, country) }; foreach (var userRole in userRoles) { authClaims.Add(new Claim(ClaimTypes.Role, userRole)); } var authSigningKey = new SymmetricSecurityKey(Encoding.UTF8.GetBytes(_configuration["JWT:Secret"])); var createToken = new JwtSecurityToken( issuer: _configuration["JWT:ValidIssuer"], audience: _configuration["JWT:ValidAudience"], expires: DateTime.UtcNow.AddMinutes(30), claims: authClaims, signingCredentials: new SigningCredentials(authSigningKey, SecurityAlgorithms.HmacSha256) ); Token token = new Token() { Payload = new JwtSecurityTokenHandler().WriteToken(createToken), Expires = DateTime.UtcNow.AddMinutes(30) }; return(token); }
public async Task <SignedInViewModel> SignIn(string email, string password) { try { var user = await _userManager.FindByEmailAsync(email); if (user == null) { throw new Exception("Wrong password or email."); } var result = await _signInManager.CheckPasswordSignInAsync(user, password, false); if (!result.Succeeded || result.IsLockedOut || result.IsNotAllowed) { return(null); } var userRoles = await _userManager.GetRolesAsync(user); return(new SignedInViewModel { Email = user.Email, IdentityUserId = user.Id, UserName = user.NormalizedUserName, Roles = userRoles?.Select(role => new IdentityRoleViewModel(role)).ToArray(), Message = "Success", JwtToken = JwtTokenUtility.CreateJwtToken(user.NormalizedUserName, user.Email, userRoles?.ToArray()) }); } catch (Exception ex) { _logger.LogError(ex); return(null); } }
//// GET: ApplicationUsers/Details/5 //public async Task<ActionResult> Details(string id) //{ // if (id == null) // { // return new HttpStatusCodeResult(HttpStatusCode.BadRequest); // } // ApplicationUser applicationUser = await db.ApplicationUsers.FindAsync(id); // if (applicationUser == null) // { // return HttpNotFound(); // } // return View(applicationUser); //} //// GET: ApplicationUsers/Create //public ActionResult Create() //{ // return View(); //} //// POST: ApplicationUsers/Create //// To protect from overposting attacks, please enable the specific properties you want to bind to, for //// more details see http://go.microsoft.com/fwlink/?LinkId=317598. //[HttpPost] //[ValidateAntiForgeryToken] //public async Task<ActionResult> Create([Bind(Include = "Id,FirstName,LastName,Address,City,State,ZipCode,Email,EmailConfirmed,PasswordHash,SecurityStamp,PhoneNumber,PhoneNumberConfirmed,TwoFactorEnabled,LockoutEndDateUtc,LockoutEnabled,AccessFailedCount,UserName")] ApplicationUser applicationUser) //{ // if (ModelState.IsValid) // { // db.ApplicationUsers.Add(applicationUser); // await db.SaveChangesAsync(); // return RedirectToAction("Index"); // } // return View(applicationUser); //} // GET: ApplicationUsers/Edit/5 public async Task <ActionResult> Edit(string id) { if (id == null) { return(new HttpStatusCodeResult(HttpStatusCode.BadRequest)); } ApplicationUser applicationUser = await UserManager.FindByIdAsync(id); if (applicationUser == null) { return(HttpNotFound()); } var userRoles = await UserManager.GetRolesAsync(applicationUser.Id); applicationUser.RolesList = RoleManager.Roles.ToList().Select(r => new SelectListItem { Selected = userRoles.Contains(r.Name), Text = r.Name, Value = r.Name }); return(View(applicationUser)); }
public async Task <bool> ResetPassword(ResetPasswordDto input) { if (_abpSession.UserId == null) { throw new UserFriendlyException("请登录后再进行操作!"); } long currentUserId = _abpSession.UserId.Value; var currentUser = await _userManager.GetUserByIdAsync(currentUserId); var loginAsync = await _logInManager.LoginAsync(currentUser.UserName, input.AdminPassword, shouldLockout : false); if (loginAsync.Result != AbpLoginResultType.Success) { throw new UserFriendlyException("管理员密码错误,操作失败!"); } if (currentUser.IsDeleted || !currentUser.IsActive) { return(false); } var roles = await _userManager.GetRolesAsync(currentUser); if (!roles.Contains(StaticRoleNames.Tenants.Admin)) { throw new UserFriendlyException("只有管理员才能进行该操作!"); } var user = await _userManager.GetUserByIdAsync(input.UserId); if (user != null) { user.Password = _passwordHasher.HashPassword(user, input.NewPassword); CurrentUnitOfWork.SaveChanges(); } return(true); }
public async Task <IActionResult> Login([FromBody] LoginRequestDto model) { var user = _userManager.Users.SingleOrDefault(r => r.Email == model.UserName && r.Active); if (user == null) { ModelState.AddModelError("notExists", "Usuario y/o contraseña incorrectos."); return(BadRequest(ModelState)); } user.RoleNames = (await _userManager.GetRolesAsync(user)).FirstOrDefault(); var result = await _signInManager.PasswordSignInAsync(model.UserName, model.Password, true, false); if (!result.Succeeded) { ModelState.AddModelError("notExists", "Usuario y/o contraseña incorrectos."); return(BadRequest(ModelState)); } else { var jsonWebToken = _tokenService.GenerateJwtToken(model.UserName, user); var requestedAt = DateTime.UtcNow; var returnModel = _mapper.Map <LoggedInUserDto>(user); returnModel.LastLoginDate = user.LastLoginDate; user.LastLoginDate = requestedAt; await _userManager.UpdateAsync(user); returnModel.Token = jsonWebToken.Token; returnModel.Expires = jsonWebToken.Expiration - requestedAt.Ticks; return(Ok(returnModel)); } }
public async Task <IActionResult> Modify(string id, string FullName, string NewPwd, string Area, string Role) { var user = await UserManager.FindByIdAsync(id); user.FullName = FullName; var claims = (await UserManager.GetClaimsAsync(user)).Select(x => x.Value); foreach (var x in claims) { await UserManager.RemoveClaimAsync(user, new System.Security.Claims.Claim("管辖片区", x)); } if (!string.IsNullOrEmpty(Area)) { foreach (var x in Area.TrimEnd(' ').TrimEnd(',').Split(',')) { await UserManager.AddClaimAsync(user, new System.Security.Claims.Claim("管辖片区", x)); } } if (!string.IsNullOrEmpty(NewPwd)) { var token = await UserManager.GeneratePasswordResetTokenAsync(user); await UserManager.ResetPasswordAsync(user, token, NewPwd); } await UserManager.AddClaimAsync(user, new System.Security.Claims.Claim("管辖片区", string.Empty)); var role = await UserManager.GetRolesAsync(user); await UserManager.RemoveFromRoleAsync(user, role.First()); await UserManager.AddToRoleAsync(user, Role); DB.SaveChanges(); return(RedirectToAction("Profile", "Account", new { id = id })); }
public async Task <string> CreateToken(AppUser user) { var claims = new List <Claim> { new Claim(JwtRegisteredClaimNames.NameId, user.Id.ToString()), new Claim(JwtRegisteredClaimNames.UniqueName, user.UserName), }; var roles = await _userManager.GetRolesAsync(user); claims.AddRange(roles.Select(role => new Claim(ClaimTypes.Role, role))); var creds = new SigningCredentials(_key, SecurityAlgorithms.HmacSha512Signature); var tokenDescriptor = new SecurityTokenDescriptor { Subject = new ClaimsIdentity(claims), Expires = DateTime.Now.AddDays(7), SigningCredentials = creds, }; var tokenHandler = new JwtSecurityTokenHandler(); var token = tokenHandler.CreateToken(tokenDescriptor); return(tokenHandler.WriteToken(token)); }
public async Task <bool> ResetPassword(ResetPasswordDto input) { if (_abpSession.UserId == null) { throw new UserFriendlyException("Please log in before attemping to reset password."); } long currentUserId = _abpSession.UserId.Value; var currentUser = await _userManager.GetUserByIdAsync(currentUserId); var loginAsync = await _logInManager.LoginAsync(currentUser.UserName, input.AdminPassword, shouldLockout : false); if (loginAsync.Result != AbpLoginResultType.Success) { throw new UserFriendlyException("Your 'Admin Password' did not match the one on record. Please try again."); } if (currentUser.IsDeleted || !currentUser.IsActive) { return(false); } var roles = await _userManager.GetRolesAsync(currentUser); if (!roles.Contains(StaticRoleNames.Tenants.Admin)) { throw new UserFriendlyException("Only administrators may reset passwords."); } var user = await _userManager.GetUserByIdAsync(input.UserId); if (user != null) { user.Password = _passwordHasher.HashPassword(user, input.NewPassword); CurrentUnitOfWork.SaveChanges(); } return(true); }
public async Task <TokenViewModel> GenerationAccessToken(UserDbEntity user) { var roles = await _userManager.GetRolesAsync(user); var claims = new List <Claim>() { new Claim(JwtRegisteredClaimNames.Sub, user.Name), new Claim(ClaimTypes.Sid, user.Id), new Claim(JwtRegisteredClaimNames.Email, user.Email), new Claim(JwtRegisteredClaimNames.Jti, Guid.NewGuid().ToString()) }; if (roles.Any()) { claims.Add(new Claim(ClaimTypes.Role, string.Join(",", roles))); } var key = new SymmetricSecurityKey(Encoding.UTF8.GetBytes(_jwtOptions.SigningKey)); var credentials = new SigningCredentials(key, SecurityAlgorithms.HmacSha256); var expires = DateTime.Now.AddHours(1); var accessToken = new JwtSecurityToken(issuer: _jwtOptions.Issuer, audience: _jwtOptions.Site, claims: claims, expires: expires, signingCredentials: credentials); return(new TokenViewModel() { ExpireAt = expires, Token = new JwtSecurityTokenHandler().WriteToken(accessToken) }); }
public async Task <IActionResult> Login(LoginVM model) { if (ModelState.IsValid) { var result = await _signInManager.PasswordSignInAsync(model.UserNameSurname, model.Password, model.RememberMe, false); if (result.Succeeded) { var user = await _userManager.FindByNameAsync(model.UserNameSurname); var roles = await _userManager.GetRolesAsync(user); if (roles.Contains("director")) { return(RedirectToAction("Index", "DirectorCabinet")); } if (roles.Contains("employee")) { return(RedirectToAction("Index", "Employee")); } if (roles.Contains("owner")) { return(RedirectToAction("Index", "Owner")); } return(View(model)); } else { ModelState.AddModelError("", "Неправильний логін і (або) пароль."); } } return(View(model)); }
public async Task <IActionResult> LoginAsync([FromBody] LoginModel model) { var hasCompany = false; ApplicationUser user = await _userManager.FindByNameAsync(model.Username); if (user != null && await _userManager.CheckPasswordAsync(user, model.Password)) { IEnumerable <string> roles = await _userManager.GetRolesAsync(user); List <Claim> authClaims = new List <Claim> { new Claim(JwtRegisteredClaimNames.Sub, user.UserName), new Claim(JwtRegisteredClaimNames.Jti, Guid.NewGuid().ToString()) }; var authSigningKey = new SymmetricSecurityKey(Encoding.UTF8.GetBytes(Vars.TheSecretKey)); AddRolesToClaims(authClaims, roles); var token = new JwtSecurityToken( issuer: "http://e-bill.uz", audience: "http://e-bill.uz", expires: DateTime.Now.AddHours(3), claims: authClaims, signingCredentials: new SigningCredentials(authSigningKey, SecurityAlgorithms.HmacSha256) ); return(Ok(new { token = new JwtSecurityTokenHandler().WriteToken(token), expiration = token.ValidTo, userName = String.Format("{0} {1} {2}", user.LastName, user.FirstName, user.FatherName), }));; } return(Unauthorized()); }
/// <summary> /// Метод генерации JWT токена, который действует, как Acess-токен /// </summary> /// <param name="user">Пользователь</param> /// <returns></returns> private async Task <string> GenerateJWT(User user) { // Далее делаем привязки // Ищем роли пользователя var userRoles = await _userManager.GetRolesAsync(user); // Ищет по айди пользователя // Необходимо сделать привязки токена к пользователю var claims = new List <Claim> { new Claim(ClaimsIdentity.DefaultNameClaimType, user.Email), // Логин к токену }; // Добавляем список ролей foreach (var item in userRoles) { claims.Add(new Claim(ClaimsIdentity.DefaultRoleClaimType, item)); } // Делаем привязки ClaimsIdentity claimsIdentity = new ClaimsIdentity(claims, "Token", ClaimsIdentity.DefaultNameClaimType, ClaimsIdentity.DefaultRoleClaimType); // После этого создаем JWT Acess токен var now = DateTime.UtcNow; // создаем JWT-токен var jwt = new JwtSecurityToken( issuer: AuthOptions.ISSUER, audience: AuthOptions.AUDIENCE, notBefore: now, claims: claimsIdentity.Claims, // Привязки expires: now.Add(TimeSpan.FromMinutes(AuthOptions.LIFETIME)), signingCredentials: new SigningCredentials(AuthOptions.GetSymmetricSecurityKey(), SecurityAlgorithms.HmacSha256)); return(new JwtSecurityTokenHandler().WriteToken(jwt)); // Возвращаем JWT - acess токен }
// // GET: /Users/Edit/1 public async Task <ActionResult> Edit(string id) { if (!Security.IsValid("/Admin/Users")) { return(Redirect("~/")); } if (id == null) { return(new HttpStatusCodeResult(HttpStatusCode.BadRequest)); } var user = await UserManager.FindByIdAsync(id); if (user == null) { return(HttpNotFound()); } var userRoles = await UserManager.GetRolesAsync(user.Id); return(View(new EditUserViewModel() { Id = user.Id, Email = user.Email, UserName = user.UserName, FirstName = user.FirstName, LastName = user.LastName, MemberID = user.MemberID, RolesList = RoleManager.Roles.ToList().Select(x => new SelectListItem() { Selected = userRoles.Contains(x.Name), Text = x.Name, Value = x.Name }) })); }
public async Task<ActionResult> DeleteConfirmed(string id) { var roleStore = new RoleStore<IdentityRole>(db); var roleManager = new RoleManager<IdentityRole>(roleStore); var userStore = new UserStore<ApplicationUser>(db); var userManager = new UserManager<ApplicationUser>(userStore); if (ModelState.IsValid) { if (id == null) { return new HttpStatusCodeResult(HttpStatusCode.BadRequest); } var user = await userManager.FindByIdAsync(id); // ev. 3parts inloggningar var logins = user.Logins; foreach (var login in logins.ToList()) { await userManager.RemoveLoginAsync(login.UserId, new UserLoginInfo(login.LoginProvider, login.ProviderKey)); } var rolesForUser = await userManager.GetRolesAsync(id); if (rolesForUser.Count() > 0) { foreach (var item in rolesForUser.ToList()) { // item should be the name of the role var result = await userManager.RemoveFromRoleAsync(user.Id, item); } } if (user.Documents.Count() > 0) { foreach (var doc in user.Documents.ToList()) { db.Documents.Remove(doc); } } await userManager.DeleteAsync(user); return RedirectToAction("Index"); } else { return View(); } }
// // GET: /Users/Details/5 public async Task<ActionResult> Details(string id) { ApplicationDbContext db = new ApplicationDbContext(); var userStore = new UserStore<ApplicationUser>(db); var roleStore = new RoleStore<ApplicationRole>(db); var userManager = new UserManager<ApplicationUser>(userStore); var roleManager = new RoleManager<ApplicationRole>(roleStore); if (id == null) { return new HttpStatusCodeResult(HttpStatusCode.BadRequest); } var user = await userManager.FindByIdAsync(id); ViewBag.RoleNames = await userManager.GetRolesAsync(user.Id); return View(user); }