328 lines
11 KiB
C#
328 lines
11 KiB
C#
using DevExpress.Office.Crypto;
|
|
using DevExpress.Xpo.DB;
|
|
using DevExpress.XtraPrinting;
|
|
using Microsoft.AspNetCore.Authorization;
|
|
using Microsoft.AspNetCore.Identity;
|
|
using Microsoft.AspNetCore.Mvc;
|
|
using Newtonsoft.Json.Linq;
|
|
using Microsoft.IdentityModel.Tokens;
|
|
using System.IdentityModel.Tokens.Jwt;
|
|
using System.Security.Claims;
|
|
using System.Security.Cryptography;
|
|
using System.Text.Json;
|
|
using TIAMWebApp.Shared.Application.Models;
|
|
using TIAMWebApp.Shared.Application.Models.PageModels;
|
|
using TIAMWebApp.Server.Models;
|
|
using System.Text;
|
|
using Microsoft.AspNetCore.Hosting;
|
|
using Microsoft.EntityFrameworkCore;
|
|
using TIAM.Database.DataLayers.Users;
|
|
using TIAM.Entities.Users;
|
|
using TIAMWebApp.Server.ModelsTIAMWebApp.Shared.Application.Models;
|
|
|
|
namespace TIAMWebApp.Server.Controllers
|
|
{
|
|
//[Authorize]
|
|
[ApiController]
|
|
[Route("api/[controller]")]
|
|
public class UserAPIController : ControllerBase
|
|
{
|
|
private UserDal _userDal;
|
|
private readonly IConfiguration _configuration;
|
|
private readonly IWebHostEnvironment _webHostEnvironment;
|
|
PasswordHasher hasher = new PasswordHasher();
|
|
|
|
|
|
private UserModel[] users = new UserModel[]
|
|
{
|
|
new UserModel(new Guid("540271f6-c604-4c16-8160-d5a7cafedf00"), "test@tiam.hu", "+36701234567", "Asdasd123456"),
|
|
new UserModel(new Guid("4cbaed43-2465-4d99-84f1-c8bc6b7025f7"), "adam@tiam.hu", "+36701234567", "Asdasd987654")
|
|
|
|
};
|
|
|
|
private readonly ILogger<UserAPIController> _logger;
|
|
|
|
public UserAPIController(ILogger<UserAPIController> logger, IConfiguration configuration, IWebHostEnvironment webHostEnvironment, UserDal userDal)
|
|
{
|
|
_logger = logger;
|
|
_configuration = configuration;
|
|
_webHostEnvironment = webHostEnvironment;
|
|
_userDal = userDal;
|
|
}
|
|
|
|
|
|
/*[HttpPost]
|
|
[Route("Auth")]
|
|
public async Task<IActionResult> AuthenticateUser([FromBody] JsonElement SerializedLoginModel)
|
|
{
|
|
Console.WriteLine("Auth called");
|
|
Console.WriteLine(SerializedLoginModel.GetRawText());
|
|
if (string.IsNullOrEmpty(SerializedLoginModel.GetRawText()))
|
|
{
|
|
return BadRequest("SerializedLoginModel is required");
|
|
}
|
|
else
|
|
{
|
|
var userModel = JObject.Parse(SerializedLoginModel.GetRawText()).ToObject<LoginModel>();
|
|
|
|
Console.WriteLine(userModel.Email);
|
|
Console.WriteLine(userModel.Password);
|
|
|
|
if (userModel.Email == "test@tiam.hu" && userModel.Password == "Asdasd123456")
|
|
{
|
|
Console.WriteLine("UserModel authenticated");
|
|
return Ok("yes");
|
|
}
|
|
else
|
|
{
|
|
Console.WriteLine("UserModel NOT authenticated");
|
|
return Ok("no");
|
|
}
|
|
}
|
|
|
|
}*/
|
|
|
|
[AllowAnonymous]
|
|
[HttpPost("AuthenticateUser")]
|
|
public async Task<IActionResult> AuthenticateUser([FromBody] JsonElement SerializedLoginModel)
|
|
{
|
|
|
|
var authenticateUser = JObject.Parse(SerializedLoginModel.GetRawText()).ToObject<LoginModel>();
|
|
|
|
//check if userModel exists
|
|
//var userModel = await _userManager.FindByNameAsync(authenticateUser.UserName);
|
|
//if (userModel == null) return Unauthorized();
|
|
|
|
//mocking
|
|
var user = users.FirstOrDefault(x => x.Email == authenticateUser.Email);
|
|
|
|
//check if password is valid
|
|
//bool isValidUser = await _userManager.CheckPasswordAsync(userModel, authenticateUser.Password);
|
|
|
|
//mocking
|
|
bool isValidUser = false;
|
|
|
|
if (user.Password == authenticateUser.Password)
|
|
{
|
|
isValidUser = true;
|
|
|
|
}
|
|
|
|
if (isValidUser)
|
|
{
|
|
Console.WriteLine("UserModel authenticated, let's start JWT");
|
|
string accessToken = GenerateAccessToken(user);
|
|
Console.WriteLine("Generate refresh token");
|
|
var refreshToken = GenerateRefreshToken();
|
|
user.RefreshToken = refreshToken;
|
|
//Update userModel with refreshToken!!
|
|
//await _userManager.UpdateAsync(userModel);
|
|
|
|
var response = new MainResponse
|
|
{
|
|
Content = new AuthenticationResponse
|
|
{
|
|
RefreshToken = refreshToken,
|
|
AccessToken = accessToken
|
|
},
|
|
IsSuccess = true,
|
|
ErrorMessage = ""
|
|
};
|
|
return Ok(response);
|
|
}
|
|
else
|
|
{
|
|
return Unauthorized();
|
|
}
|
|
|
|
}
|
|
|
|
private string GenerateAccessToken(UserModel userModel)
|
|
{
|
|
var tokenHandler = new JwtSecurityTokenHandler();
|
|
var token = new JwtSecurityToken();
|
|
Console.WriteLine("----------------------------------------------------------");
|
|
var keyDetail = Encoding.UTF8.GetBytes(_configuration["JWT:Key"]);
|
|
Console.WriteLine(_configuration["JWT:Key"]);
|
|
|
|
var claims = new List<Claim>
|
|
{
|
|
new Claim(ClaimTypes.NameIdentifier, userModel.Id.ToString()),
|
|
new Claim(ClaimTypes.Email, userModel.Email)
|
|
};
|
|
|
|
var tokenDescriptor = new SecurityTokenDescriptor
|
|
{
|
|
Audience = _configuration["JWT:Audience"],
|
|
Issuer = _configuration["JWT:Issuer"],
|
|
Expires = DateTime.UtcNow.AddMinutes(30),
|
|
Subject = new ClaimsIdentity(claims),
|
|
SigningCredentials = new SigningCredentials(new SymmetricSecurityKey(keyDetail), SecurityAlgorithms.HmacSha256Signature)
|
|
};
|
|
token = tokenHandler.CreateToken(tokenDescriptor) as JwtSecurityToken;
|
|
string writtenToken = tokenHandler.WriteToken(token);
|
|
Console.WriteLine(writtenToken);
|
|
return writtenToken;
|
|
}
|
|
|
|
[AllowAnonymous]
|
|
[HttpPost("RefreshToken")]
|
|
public async Task<IActionResult> RefreshToken(RefreshTokenRequest refreshTokenRequest)
|
|
{
|
|
var response = new MainResponse();
|
|
if (refreshTokenRequest is null)
|
|
{
|
|
response.ErrorMessage = "Invalid request";
|
|
return BadRequest(response);
|
|
}
|
|
|
|
var principal = GetPrincipalFromExpiredToken(refreshTokenRequest.AccessToken);
|
|
|
|
if (principal != null)
|
|
{
|
|
var email = principal.Claims.FirstOrDefault(f => f.Type == ClaimTypes.Email);
|
|
|
|
//var userModel = await _userManager.FindByEmailAsync(email?.Value);
|
|
var user = users.FirstOrDefault(x => x.Email == email?.Value);
|
|
|
|
|
|
if (user is null || user.RefreshToken != refreshTokenRequest.RefreshToken)
|
|
{
|
|
response.ErrorMessage = "Invalid Request";
|
|
return BadRequest(response);
|
|
}
|
|
|
|
string newAccessToken = GenerateAccessToken(user);
|
|
string refreshToken = GenerateRefreshToken();
|
|
|
|
//mocking - update userModel with new refreshToken
|
|
user.RefreshToken = refreshToken;
|
|
//await _userManager.UpdateAsync(userModel);
|
|
|
|
response.IsSuccess = true;
|
|
response.Content = new AuthenticationResponse
|
|
{
|
|
RefreshToken = refreshToken,
|
|
AccessToken = newAccessToken
|
|
};
|
|
return Ok(response);
|
|
}
|
|
else
|
|
{
|
|
return NotFound("Invalid Token Found");
|
|
}
|
|
|
|
}
|
|
|
|
private ClaimsPrincipal GetPrincipalFromExpiredToken(string token)
|
|
{
|
|
var tokenHandler = new JwtSecurityTokenHandler();
|
|
|
|
var keyDetail = Encoding.UTF8.GetBytes(_configuration["JWT:Key"]);
|
|
|
|
var tokenValidationParameter = new TokenValidationParameters
|
|
{
|
|
ValidateIssuer = false,
|
|
ValidateAudience = false,
|
|
ValidateLifetime = false,
|
|
ValidateIssuerSigningKey = true,
|
|
ValidIssuer = _configuration["JWT:Issuer"],
|
|
ValidAudience = _configuration["JWT:Audience"],
|
|
IssuerSigningKey = new SymmetricSecurityKey(keyDetail),
|
|
};
|
|
|
|
SecurityToken securityToken;
|
|
var principal = tokenHandler.ValidateToken(token, tokenValidationParameter, out securityToken);
|
|
var jwtSecurityToken = securityToken as JwtSecurityToken;
|
|
if (jwtSecurityToken == null || !jwtSecurityToken.Header.Alg.Equals(SecurityAlgorithms.HmacSha256, StringComparison.InvariantCultureIgnoreCase))
|
|
throw new SecurityTokenException("Invalid token");
|
|
return principal;
|
|
}
|
|
|
|
private string GenerateRefreshToken()
|
|
{
|
|
|
|
var randomNumber = new byte[32];
|
|
using (var rng = RandomNumberGenerator.Create())
|
|
{
|
|
rng.GetBytes(randomNumber);
|
|
return Convert.ToBase64String(randomNumber);
|
|
}
|
|
}
|
|
|
|
|
|
|
|
[HttpPost]
|
|
[Route("CreateUser")]
|
|
public async Task<IActionResult> CreateUser([FromBody] JsonElement SerializedRegistrationModel)
|
|
{
|
|
if (string.IsNullOrEmpty(SerializedRegistrationModel.GetRawText()))
|
|
{
|
|
return BadRequest("SerializedLoginModel is required");
|
|
}
|
|
else
|
|
{
|
|
var user = JObject.Parse(SerializedRegistrationModel.GetRawText()).ToObject<RegistrationModel>();
|
|
|
|
if (users != null)
|
|
{
|
|
//add userModel to users array
|
|
Array.Resize(ref users, users.Length + 1);
|
|
users[users.Length - 1] = new UserModel(user.Email, user.PhoneNumber, user.Password);
|
|
return Ok("yes");
|
|
}
|
|
else
|
|
{
|
|
return Ok("no");
|
|
}
|
|
|
|
}
|
|
|
|
|
|
}
|
|
|
|
[HttpPost]
|
|
[Route("Test1")]
|
|
public async Task<IActionResult> TestEndpoint([FromBody] int testParam)
|
|
{
|
|
return Ok(testParam.ToString());
|
|
|
|
}
|
|
[HttpGet]
|
|
[Route("Test2")]
|
|
public string TestEndpoint2(int testParam)
|
|
{
|
|
return testParam.ToString();
|
|
|
|
}
|
|
|
|
|
|
[HttpGet]
|
|
[Route("GetUsers")]
|
|
public Task<List<User?>> GetUsers()
|
|
{
|
|
//var users = await _userDal.Ctx.Users.ToListAsync();//.GetUsersAsync();
|
|
//return users;
|
|
return _userDal.GetUsersAsync();
|
|
}
|
|
|
|
[HttpGet]
|
|
[Route("GetUserByEmail")]
|
|
public Task<User?> GetUserByEmail(string email)
|
|
{
|
|
return _userDal.GetUserByEmailAsync(email);
|
|
}
|
|
|
|
private bool VerifyPassword(string password, string hashedPassword)
|
|
{
|
|
bool isPasswordValid = hasher.VerifyPassword(password, hashedPassword);
|
|
return isPasswordValid;
|
|
}
|
|
|
|
private string HashPassword(string password)
|
|
{
|
|
var hashedPassword = hasher.HashPassword(password);
|
|
return hashedPassword;
|
|
}
|
|
}
|
|
} |