public async ValueTask Read(AccountsContext context, int accountId) { var account = await context.Accounts.FirstAsync(i => i.Id == accountId); Username = account.Username; Created = account.Created; Role = account.Role; }
public async ValueTask <TokenRequest> Create(AccountsContext context, IPasswordHasher <Account> hasher, AccountsJwtConfiguration configuration, HttpContext httpContext) { var account = await context.Accounts .Include(a => a.Tokens) .FirstAsync(a => a.Username == Username); var result = hasher.VerifyHashedPassword(account, account.PasswordHash, Password); if (result != PasswordVerificationResult.Success) { throw new UnauthorizedAccessException(); } if (account.Tokens.Count >= configuration.MaxTokensCount) { context.Tokens.RemoveRange(account.Tokens); } var secret = Encoding.ASCII.GetBytes(configuration.Secret); var tokenHandler = new JwtSecurityTokenHandler(); var tokenDescriptor = new SecurityTokenDescriptor { Subject = new ClaimsIdentity(new [] { new Claim(ClaimTypes.Name, account.Id.ToString()), new Claim(ClaimTypes.Role, account.Role) }), Expires = DateTime.UtcNow.AddDays(7), Issuer = configuration.Issuer, Audience = configuration.Audience, SigningCredentials = new SigningCredentials(new SymmetricSecurityKey(secret), SecurityAlgorithms.HmacSha256Signature) }; var access = tokenHandler.WriteToken(tokenHandler.CreateToken(tokenDescriptor)); var data = new byte[100]; new Random().NextBytes(data); var refresh = Convert.ToBase64String(data); var token = new Token { Account = account, Created = DateTime.UtcNow, IpAddress = httpContext.Connection.RemoteIpAddress.ToString(), UserAgent = httpContext.Request.Headers[HeaderNames.UserAgent], RefreshToken = refresh }; await context.Tokens.AddAsync(token); return(new TokenRequest(access, refresh)); }
public async ValueTask Read(AccountsContext context, int offset, int limit) { Accounts = await context.Accounts .OrderByDescending(account => account.Created) .Skip(offset) .Take(limit) .Select(account => new AdminReadAccountItemResponse(account)) .ToListAsync(); }
public async ValueTask Delete(AccountsContext context, int accountId) { var account = await context.Accounts .Include(a => a.Tokens) .FirstAsync(i => i.Id == accountId); context.Accounts.Remove(account); context.Tokens.RemoveRange(account.Tokens); }
public AccountsController( AccountsContext context, IPasswordHasher <Account> hasher, IOptions <AccountsRoleConfiguration> roles) { this.context = context; this.roles = roles.Value; this.hasher = hasher; }
public async ValueTask Load(AccountsContext context, int accountId) { var account = await context.Accounts .Include(a => a.Tokens) .FirstAsync(a => a.Id == accountId); Tokens = account.Tokens .Select(t => new ReadTokenItemResponse(t)) .ToList(); }
public async ValueTask Load(AccountsContext context, int accountId) { var account = await context.Accounts .Include(a => a.Tokens) .FirstAsync(a => a.Id == accountId); Tokens = account.Tokens .Select(token => new AdminReadByIdTokenItemRequest(token)) .ToList(); }
public async ValueTask Create(AccountsContext context, IPasswordHasher <Account> hasher, AccountsRoleConfiguration roles) { var account = new Account { Email = Email, Username = Username, PasswordHash = hasher.HashPassword(null, Password), Role = roles.User, Created = DateTime.UtcNow }; await context.Accounts.AddAsync(account); }
public async ValueTask Delete(AccountsContext context, int accountId) { var account = await context.Accounts.FirstAsync(a => a.Id == accountId); var token = await context.Tokens.FirstAsync(t => t.Id == TokenId); if (token.Account != account) { throw new UnauthorizedAccessException(); } context.Tokens.Remove(token); }
public async ValueTask Update(AccountsContext context, IPasswordHasher <Account> hasher, int accountId) { var account = await context.Accounts.FirstAsync(i => i.Id == accountId); if (Username != null) { account.Username = Username; } if (Password != null) { account.PasswordHash = hasher.HashPassword(account, Password); } }
public async ValueTask <TokenRequest> Refresh(AccountsContext context, AccountsJwtConfiguration configuration, HttpContext httpContext) { var tokenToRemove = await context.Tokens .Include(t => t.Account) .FirstAsync(t => t.RefreshToken == RefreshToken); var account = tokenToRemove.Account; var tokenHandler = new JwtSecurityTokenHandler(); var tokenDescriptor = new SecurityTokenDescriptor { Subject = new ClaimsIdentity(new [] { new Claim(ClaimTypes.Name, account.Id.ToString()), new Claim(ClaimTypes.Role, account.Role) }), Expires = DateTime.UtcNow.AddDays(7), Issuer = configuration.Issuer, Audience = configuration.Audience, SigningCredentials = new SigningCredentials( configuration.SymmetricSecurityKey, SecurityAlgorithms.HmacSha256Signature) }; var access = tokenHandler.WriteToken(tokenHandler.CreateToken(tokenDescriptor)); var data = new byte[100]; new Random().NextBytes(data); var refresh = Convert.ToBase64String(data); var token = new Token { Account = account, Created = DateTime.UtcNow, IpAddress = httpContext.Connection.RemoteIpAddress.ToString(), UserAgent = httpContext.Request.Headers[HeaderNames.UserAgent], RefreshToken = refresh }; await context.Tokens.AddAsync(token); context.Tokens.Remove(tokenToRemove); return(new TokenRequest(access, refresh)); }
public async ValueTask Update(AccountsContext context, IPasswordHasher <Account> hasher, AccountsRoleConfiguration roles, int accountId) { var account = await context.Accounts.FirstAsync(i => i.Id == accountId); if (Username != null) { account.Username = Username; } if (Password != null) { account.PasswordHash = hasher.HashPassword(account, Password); } if (Role != null) { if (!roles.IsAny(Role)) { throw new InvalidOperationException(); } account.Role = Role; } }
public TokensController(AccountsContext context, IPasswordHasher <Account> hasher, IOptions <AccountsJwtConfiguration> configuration) { this.context = context; this.hasher = hasher; this.configuration = configuration.Value; }
public async ValueTask Delete(AccountsContext context) { var token = await context.Tokens.FirstAsync(t => t.Id == TokenId); context.Tokens.Remove(token); }