Adam
/
TourIAm
1
0
Fork 0
Code Issues 1 Pull Requests Projects Releases Wiki Activity

fixes

This commit is contained in:
jozsef.b@aycode.com 2023-11-29 11:33:34 +01:00
parent b520acd675
commit 3de771f1a9
1 changed files with 64 additions and 62 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

76
TIAMWebApp/Server/Controllers/UserAPIController.cs
View File

@ -32,7 +32,7 @@ namespace TIAMWebApp.Server.Controllers
private UserDal _userDal; private UserDal _userDal;
private readonly IConfiguration _configuration; private readonly IConfiguration _configuration;
private readonly IWebHostEnvironment _webHostEnvironment; private readonly IWebHostEnvironment _webHostEnvironment;
PasswordHasher hasher = new PasswordHasher(); readonly PasswordHasher _hasher = new();
/*private UserModel[] users = new UserModel[] /*private UserModel[] users = new UserModel[]
@ -79,7 +79,7 @@ namespace TIAMWebApp.Server.Controllers
} }
else else
{ {
bool isValidUser = false; var isValidUser = false;
if (dbUser.Password == authenticateUser.Password) if (dbUser.Password == authenticateUser.Password)
{ {
@ -91,7 +91,7 @@ namespace TIAMWebApp.Server.Controllers
if (isValidUser) if (isValidUser)
{ {
Console.WriteLine("UserModel authenticated, let's start JWT"); Console.WriteLine("UserModel authenticated, let's start JWT");
string accessToken = GenerateAccessToken(dbUser); var accessToken = GenerateAccessToken(dbUser);
Console.WriteLine("Generate refresh token"); Console.WriteLine("Generate refresh token");
var refreshToken = GenerateRefreshToken(); var refreshToken = GenerateRefreshToken();
dbUser.RefreshToken = refreshToken; dbUser.RefreshToken = refreshToken;
@ -115,23 +115,23 @@ namespace TIAMWebApp.Server.Controllers
return Unauthorized(); return Unauthorized();
} }
} }
} }
private string GenerateAccessToken(User user) private string GenerateAccessToken(User user)
{ {
var tokenHandler = new JwtSecurityTokenHandler(); var tokenHandler = new JwtSecurityTokenHandler();
var token = new JwtSecurityToken();
Console.WriteLine("----------------------------------------------------------"); Console.WriteLine("----------------------------------------------------------");
var keyDetail = Encoding.UTF8.GetBytes(_configuration["JWT:Key"]);
if (_configuration["JWT:Key"] == null)
throw new SecurityTokenException("Token is null");
var keyDetail = Encoding.UTF8.GetBytes(_configuration["JWT:Key"] ?? string.Empty);
Console.WriteLine(_configuration["JWT:Key"]); Console.WriteLine(_configuration["JWT:Key"]);
var claims = new List<Claim> var claims = new List<Claim>
{ {
new Claim(ClaimTypes.NameIdentifier, user.Id.ToString()), new(ClaimTypes.NameIdentifier, user.Id.ToString()),
new Claim(ClaimTypes.Email, user.Email) new(ClaimTypes.Email, user.Email)
}; };
var tokenDescriptor = new SecurityTokenDescriptor var tokenDescriptor = new SecurityTokenDescriptor
@ -142,18 +142,21 @@ namespace TIAMWebApp.Server.Controllers
Subject = new ClaimsIdentity(claims), Subject = new ClaimsIdentity(claims),
SigningCredentials = new SigningCredentials(new SymmetricSecurityKey(keyDetail), SecurityAlgorithms.HmacSha256Signature) SigningCredentials = new SigningCredentials(new SymmetricSecurityKey(keyDetail), SecurityAlgorithms.HmacSha256Signature)
}; };
token = tokenHandler.CreateToken(tokenDescriptor) as JwtSecurityToken;
string writtenToken = tokenHandler.WriteToken(token); var token = tokenHandler.CreateToken(tokenDescriptor) as JwtSecurityToken;
var writtenToken = tokenHandler.WriteToken(token);
Console.WriteLine(writtenToken); Console.WriteLine(writtenToken);
return writtenToken; return writtenToken;
} }
[AllowAnonymous] [AllowAnonymous]
[HttpPost] [HttpPost]
[Route("RefreshToken")] [Route("RefreshToken")]
public async Task<IActionResult> RefreshToken(RefreshTokenRequest refreshTokenRequest) public async Task<IActionResult> RefreshToken(RefreshTokenRequest? refreshTokenRequest)
{ {
Console.WriteLine("RefreshToken called"); Console.WriteLine("RefreshToken called");
var response = new MainResponse(); var response = new MainResponse();
if (refreshTokenRequest is null) if (refreshTokenRequest is null)
{ {
@ -190,8 +193,8 @@ namespace TIAMWebApp.Server.Controllers
return BadRequest(response); return BadRequest(response);
} }
string newAccessToken = GenerateAccessToken(dbUser); var newAccessToken = GenerateAccessToken(dbUser);
string refreshToken = GenerateRefreshToken(); var refreshToken = GenerateRefreshToken();
//mocking - update userModel with new refreshToken //mocking - update userModel with new refreshToken
dbUser.RefreshToken = refreshToken; dbUser.RefreshToken = refreshToken;
@ -204,21 +207,22 @@ namespace TIAMWebApp.Server.Controllers
RefreshToken = refreshToken, RefreshToken = refreshToken,
AccessToken = newAccessToken AccessToken = newAccessToken
}; };
return Ok(response); return Ok(response);
} }
else
{
Console.WriteLine("Principal is null"); Console.WriteLine("Principal is null");
return NotFound("Invalid Token Found"); return NotFound("Invalid Token Found");
} }
}
private ClaimsPrincipal GetPrincipalFromExpiredToken(string token) private ClaimsPrincipal GetPrincipalFromExpiredToken(string token)
{ {
var tokenHandler = new JwtSecurityTokenHandler(); var tokenHandler = new JwtSecurityTokenHandler();
var keyDetail = Encoding.UTF8.GetBytes(_configuration["JWT:Key"]); if (_configuration["JWT:Key"] == null)
throw new SecurityTokenException("Token is null");
var keyDetail = Encoding.UTF8.GetBytes(_configuration["JWT:Key"] ?? string.Empty);
var tokenValidationParameter = new TokenValidationParameters var tokenValidationParameter = new TokenValidationParameters
{ {
@ -231,11 +235,11 @@ namespace TIAMWebApp.Server.Controllers
IssuerSigningKey = new SymmetricSecurityKey(keyDetail), IssuerSigningKey = new SymmetricSecurityKey(keyDetail),
}; };
SecurityToken securityToken; var principal = tokenHandler.ValidateToken(token, tokenValidationParameter, out var securityToken);
var principal = tokenHandler.ValidateToken(token, tokenValidationParameter, out securityToken);
var jwtSecurityToken = securityToken as JwtSecurityToken; if (securityToken is not JwtSecurityToken jwtSecurityToken || !jwtSecurityToken.Header.Alg.Equals(SecurityAlgorithms.HmacSha256, StringComparison.InvariantCultureIgnoreCase))
if (jwtSecurityToken == null || !jwtSecurityToken.Header.Alg.Equals(SecurityAlgorithms.HmacSha256, StringComparison.InvariantCultureIgnoreCase))
throw new SecurityTokenException("Invalid token"); throw new SecurityTokenException("Invalid token");
return principal; return principal;
} }
@ -257,16 +261,16 @@ namespace TIAMWebApp.Server.Controllers
public async Task<IActionResult> CreateUser([FromBody] JsonElement SerializedRegistrationModel) public async Task<IActionResult> CreateUser([FromBody] JsonElement SerializedRegistrationModel)
{ {
Console.WriteLine("CreateUser called"); Console.WriteLine("CreateUser called");
if (string.IsNullOrEmpty(SerializedRegistrationModel.GetRawText())) if (string.IsNullOrEmpty(SerializedRegistrationModel.GetRawText()))
{ {
return BadRequest("SerializedLoginModel is required"); return BadRequest("SerializedLoginModel is required");
} }
else else
{ {
RegistrationModel? user = JObject.Parse(SerializedRegistrationModel.GetRawText()).ToObject<RegistrationModel>(); var user = JObject.Parse(SerializedRegistrationModel.GetRawText()).ToObject<RegistrationModel>();
if (user != null)
if(user != null)
{ {
//add userModel to users array //add userModel to users array
//Array.Resize(ref users, users.Length + 1); //Array.Resize(ref users, users.Length + 1);
@ -274,11 +278,11 @@ namespace TIAMWebApp.Server.Controllers
var userId = Guid.NewGuid(); var userId = Guid.NewGuid();
string? email = user?.Email; var email = user?.Email;
string? phoneNumber = user?.PhoneNumber; var phoneNumber = user?.PhoneNumber;
string? password = user?.Password; var password = user?.Password;
if(email is null || phoneNumber is null || password is null) if (email is null || phoneNumber is null || password is null)
{ {
return BadRequest("Invalid request"); return BadRequest("Invalid request");
} }
@ -292,12 +296,9 @@ namespace TIAMWebApp.Server.Controllers
await _userDal.CreateUserAsync(new User(userId, email, phoneNumber, password)); await _userDal.CreateUserAsync(new User(userId, email, phoneNumber, password));
} }
} }
return Ok("yes"); return Ok("yes");
} }
} }
[HttpPost] [HttpPost]
@ -307,6 +308,7 @@ namespace TIAMWebApp.Server.Controllers
return Ok(testParam.ToString()); return Ok(testParam.ToString());
} }
[HttpGet] [HttpGet]
[Route("Test2")] [Route("Test2")]
public string TestEndpoint2(int testParam) public string TestEndpoint2(int testParam)
@ -345,13 +347,13 @@ namespace TIAMWebApp.Server.Controllers
private bool VerifyPassword(string password, string hashedPassword) private bool VerifyPassword(string password, string hashedPassword)
{ {
bool isPasswordValid = hasher.VerifyPassword(password, hashedPassword); var isPasswordValid = _hasher.VerifyPassword(password, hashedPassword);
return isPasswordValid; return isPasswordValid;
} }
private string HashPassword(string password) private string HashPassword(string password)
{ {
var hashedPassword = hasher.HashPassword(password); var hashedPassword = _hasher.HashPassword(password);
return hashedPassword; return hashedPassword;
} }
} }