diff options
-rw-r--r-- | Controllers/AdministratorsController.cs | 11 | ||||
-rw-r--r-- | Controllers/UserAccountSessionsController.cs (renamed from Controllers/AdministratorSessionsController.cs) | 7 | ||||
-rw-r--r-- | Controllers/UserAccountsController.cs | 39 | ||||
-rw-r--r-- | Logics/BaseUserAccountLogic.cs | 3 | ||||
-rw-r--r-- | Logics/CreateUserAccountLogic.cs (renamed from Logics/CreateAdministratorLogic.cs) | 16 | ||||
-rw-r--r-- | Logics/CreateUserAccountSessionLogic.cs (renamed from Logics/CreateAdministratorSessionLogic.cs) | 10 | ||||
-rw-r--r-- | Migrations/ApplicationDbContextModelSnapshot.cs | 34 | ||||
-rw-r--r-- | Models/ApplicationDbContext.cs | 19 | ||||
-rw-r--r-- | Program.cs | 5 | ||||
-rw-r--r-- | Services/TokenGenerator.cs | 4 |
10 files changed, 68 insertions, 80 deletions
diff --git a/Controllers/AdministratorsController.cs b/Controllers/AdministratorsController.cs index 66f805c..e76581f 100644 --- a/Controllers/AdministratorsController.cs +++ b/Controllers/AdministratorsController.cs @@ -1,10 +1,10 @@ using AutoMapper; +using Microsoft.AspNetCore.Authorization; using Microsoft.AspNetCore.Identity; using Microsoft.AspNetCore.Mvc; using BackendPIA.Forms; using BackendPIA.Models; using BackendPIA.Services; -using BackendPIA.Errors; using BackendPIA.Logics; namespace BackendPIA.Controllers { @@ -16,16 +16,19 @@ namespace BackendPIA.Controllers { private readonly ITokenGenerator _token_generator; private readonly UserManager<UserAccount> _manager; - public AdministratorsController(UserManager<UserAccount> manager, IUserAccountService user_account_service, ITokenGenerator token_generator, IMapper mapper) { + public AdministratorsController(UserManager<UserAccount> manager, IUserAccountService user_account_service, + ITokenGenerator token_generator, IMapper mapper) + { _user_account_service = user_account_service; _mapper = mapper; - _manager = manager; _token_generator = token_generator; + _manager = manager; } + [Authorize(Roles = "Administrator")] [HttpPost("signup")] public async Task<ActionResult<AuthenticationToken>> Create(UserAccountForm form) { - CreateAdministratorLogic logic = new CreateAdministratorLogic(_token_generator, _manager, form, _mapper, _user_account_service); + CreateUserAccountLogic logic = new CreateUserAccountLogic(_token_generator, _manager, form, _mapper, _user_account_service, "Administrator"); var result = await logic.Call(); if(result) diff --git a/Controllers/AdministratorSessionsController.cs b/Controllers/UserAccountSessionsController.cs index 87f3034..1309c8e 100644 --- a/Controllers/AdministratorSessionsController.cs +++ b/Controllers/UserAccountSessionsController.cs @@ -1,6 +1,5 @@ +using AutoMapper; using Microsoft.AspNetCore.Identity; -using Microsoft.AspNetCore.Authentication.JwtBearer; -using Microsoft.AspNetCore.Authorization; using Microsoft.AspNetCore.Mvc; using BackendPIA.Forms; using BackendPIA.Models; @@ -9,7 +8,7 @@ using BackendPIA.Errors; using BackendPIA.Logics; namespace BackendPIA.Controllers { - [Route("api/admin")] + [Route("api/")] [ApiController] public class AdministratorSessionsController : ControllerBase { private readonly ITokenGenerator _token_generator; @@ -22,7 +21,7 @@ namespace BackendPIA.Controllers { [HttpPost("login")] public async Task<ActionResult<AuthenticationToken>> Create(UserAccountLoginForm form) { - CreateAdministratorSessionLogic logic = new CreateAdministratorSessionLogic(_token_generator, _manager, form); + CreateUserAccountSessionLogic logic = new CreateUserAccountSessionLogic(_token_generator, _manager, form); var result = await logic.Call(); if(result) diff --git a/Controllers/UserAccountsController.cs b/Controllers/UserAccountsController.cs new file mode 100644 index 0000000..51c2481 --- /dev/null +++ b/Controllers/UserAccountsController.cs @@ -0,0 +1,39 @@ +using AutoMapper; +using Microsoft.AspNetCore.Identity; +using Microsoft.AspNetCore.Mvc; +using BackendPIA.Forms; +using BackendPIA.Models; +using BackendPIA.Services; +using BackendPIA.Errors; +using BackendPIA.Logics; + +namespace BackendPIA.Controllers { + [Route("api/")] + [ApiController] + public class UserAccountsController : ControllerBase { + private readonly IUserAccountService _user_account_service; + private readonly IMapper _mapper; + private readonly ITokenGenerator _token_generator; + private readonly UserManager<UserAccount> _manager; + + public UserAccountsController(UserManager<UserAccount> manager, IUserAccountService user_account_service, + ITokenGenerator token_generator, IMapper mapper) + { + _user_account_service = user_account_service; + _mapper = mapper; + _manager = manager; + _token_generator = token_generator; + } + + [HttpPost("signup")] + public async Task<ActionResult<AuthenticationToken>> Create(UserAccountForm form) { + CreateUserAccountLogic logic = new CreateUserAccountLogic(_token_generator, _manager, form, _mapper, _user_account_service, "Regular"); + var result = await logic.Call(); + + if(result) + return Ok(logic.Token); + + return StatusCode(422, logic.Errors); + } + } +}
\ No newline at end of file diff --git a/Logics/BaseUserAccountLogic.cs b/Logics/BaseUserAccountLogic.cs index 1686bb6..82c28eb 100644 --- a/Logics/BaseUserAccountLogic.cs +++ b/Logics/BaseUserAccountLogic.cs @@ -16,7 +16,8 @@ namespace BackendPIA.Logics { } protected async Task SetAuthenticationToken(UserAccount user) { - _token = new AuthenticationToken { Token = _token_generator.Generate(user, "administrator"), + var roles = await _manager.GetRolesAsync(user); + _token = new AuthenticationToken { Token = _token_generator.Generate(user, roles[0]), RefreshToken = _token_generator.GenerateRefreshToken() }; await SetUserRefreshToken(user); } diff --git a/Logics/CreateAdministratorLogic.cs b/Logics/CreateUserAccountLogic.cs index 9f8e573..dd37837 100644 --- a/Logics/CreateAdministratorLogic.cs +++ b/Logics/CreateUserAccountLogic.cs @@ -5,27 +5,29 @@ using BackendPIA.Models; using BackendPIA.Forms; namespace BackendPIA.Logics{ - public class CreateAdministratorLogic : BaseUserAccountLogic { + public class CreateUserAccountLogic : BaseUserAccountLogic { private readonly UserAccountForm _form; private readonly IMapper _mapper; private readonly IUserAccountService _user_account_service; - private IEnumerable<IdentityError> _errors; - public IEnumerable<IdentityError> Errors { get => _errors; } + private readonly string _role; + private IEnumerable<IdentityError>? _errors; + public IEnumerable<IdentityError>? Errors { get => _errors; } - public CreateAdministratorLogic(ITokenGenerator token_generator, UserManager<UserAccount> manager, UserAccountForm form, - IMapper mapper, IUserAccountService service) : base(token_generator, manager) + public CreateUserAccountLogic(ITokenGenerator token_generator, UserManager<UserAccount> manager, UserAccountForm form, + IMapper mapper, IUserAccountService service, string role) : base(token_generator, manager) { _form = form; _mapper = mapper; _user_account_service = service; + _role = role; } public async Task<bool> Call() { UserAccount user = _mapper.Map<UserAccount>(_form); - var result = await _user_account_service.CreateUserAccount(user, _form.Password, "Administrator"); + var result = await _user_account_service.CreateUserAccount(user, _form.Password, _role); if(result.Succeeded) { - SetAuthenticationToken(user); + await SetAuthenticationToken(user); return true; } diff --git a/Logics/CreateAdministratorSessionLogic.cs b/Logics/CreateUserAccountSessionLogic.cs index ce283c7..2e51791 100644 --- a/Logics/CreateAdministratorSessionLogic.cs +++ b/Logics/CreateUserAccountSessionLogic.cs @@ -4,23 +4,23 @@ using BackendPIA.Models; using BackendPIA.Forms; namespace BackendPIA.Logics { - public class CreateAdministratorSessionLogic : BaseUserAccountLogic { + public class CreateUserAccountSessionLogic : BaseUserAccountLogic { private readonly UserAccountLoginForm _form; - public CreateAdministratorSessionLogic(ITokenGenerator token_generator, UserManager<UserAccount> manager, UserAccountLoginForm form) : base(token_generator, manager) { + public CreateUserAccountSessionLogic(ITokenGenerator token_generator, UserManager<UserAccount> manager, UserAccountLoginForm form) : base(token_generator, manager) { _form = form; } public async Task<bool> Call() { var user = await _manager.FindByEmailAsync(_form.Email); - if(user == null) + if(user == null ) return false; - + var result = await _manager.CheckPasswordAsync(user, _form.Password); if(result) { - SetAuthenticationToken(user); + await SetAuthenticationToken(user); return true; } diff --git a/Migrations/ApplicationDbContextModelSnapshot.cs b/Migrations/ApplicationDbContextModelSnapshot.cs index 5a233a6..11e74de 100644 --- a/Migrations/ApplicationDbContextModelSnapshot.cs +++ b/Migrations/ApplicationDbContextModelSnapshot.cs @@ -91,24 +91,6 @@ namespace BackendPIA.Migrations .HasDatabaseName("UserNameIndex"); b.ToTable("AspNetUsers", (string)null); - - b.HasData( - new - { - Id = "24edc3d6-bf9c-41a1-9371-224e4419ccb0", - AccessFailedCount = 0, - ConcurrencyStamp = "bd624bcb-3f06-4bce-b924-2666f82e5f23", - Email = "admin@example.com", - EmailConfirmed = false, - LockoutEnabled = false, - NormalizedEmail = "ADMIN@EXAMPLE.COM", - NormalizedUserName = "ADMIN", - PasswordHash = "AQAAAAIAAYagAAAAEL19rXYOEkR3ftL+T5E5vlsLGPu3HSnJuTSLNp/nyffvQvaXlNJFqU1UO3VKB+K6yg==", - PhoneNumberConfirmed = false, - SecurityStamp = "282566ca-8a3b-4310-8e61-8380d16fa07e", - TwoFactorEnabled = false, - UserName = "admin" - }); }); modelBuilder.Entity("Microsoft.AspNetCore.Identity.IdentityRole", b => @@ -135,15 +117,6 @@ namespace BackendPIA.Migrations .HasDatabaseName("RoleNameIndex"); b.ToTable("AspNetRoles", (string)null); - - b.HasData( - new - { - Id = "d42006bc-7f69-4aa4-b247-eb9e2abfe0ec", - ConcurrencyStamp = "d42006bc-7f69-4aa4-b247-eb9e2abfe0ec", - Name = "Administrator", - NormalizedName = "ADMINISTRATOR" - }); }); modelBuilder.Entity("Microsoft.AspNetCore.Identity.IdentityRoleClaim<string>", b => @@ -231,13 +204,6 @@ namespace BackendPIA.Migrations b.HasIndex("RoleId"); b.ToTable("AspNetUserRoles", (string)null); - - b.HasData( - new - { - UserId = "24edc3d6-bf9c-41a1-9371-224e4419ccb0", - RoleId = "d42006bc-7f69-4aa4-b247-eb9e2abfe0ec" - }); }); modelBuilder.Entity("Microsoft.AspNetCore.Identity.IdentityUserToken<string>", b => diff --git a/Models/ApplicationDbContext.cs b/Models/ApplicationDbContext.cs index eda476c..b3b0b15 100644 --- a/Models/ApplicationDbContext.cs +++ b/Models/ApplicationDbContext.cs @@ -1,8 +1,4 @@ -using System; -using System.Collections.Generic; -using System.Text; using Microsoft.AspNetCore.Identity.EntityFrameworkCore; -using Microsoft.AspNetCore.Identity; using Microsoft.EntityFrameworkCore; namespace BackendPIA.Models { @@ -11,21 +7,6 @@ namespace BackendPIA.Models { protected override void OnModelCreating(ModelBuilder builder) { base.OnModelCreating(builder); - string user_id = "24edc3d6-bf9c-41a1-9371-224e4419ccb0"; - string role_id = "d42006bc-7f69-4aa4-b247-eb9e2abfe0ec"; - var hasher = new PasswordHasher<UserAccount>(); - UserAccount user_seed = new UserAccount { Id = user_id, UserName = "admin", Email = "admin@example.com", - NormalizedEmail = "ADMIN@EXAMPLE.COM", NormalizedUserName = "ADMIN" }; - // TODO: save the seeded admin password in a user secret. - user_seed.PasswordHash = hasher.HashPassword(user_seed, "admin_password"); - builder.Entity<UserAccount>().HasData(user_seed); - builder.Entity<IdentityRole>().HasData(new IdentityRole { - Name = "Administrator", - NormalizedName = "ADMINISTRATOR", - Id = role_id, - ConcurrencyStamp = role_id - }); - builder.Entity<IdentityUserRole<string>>().HasData(new IdentityUserRole<string> { UserId = user_id, RoleId = role_id }); } } } @@ -23,7 +23,7 @@ builder.Services.AddAutoMapper(typeof(Program)); // Custom services configuration. builder.Services.AddSingleton<ITokenGenerator>(s => new TokenGenerator(builder.Configuration["Jwt:Key"])); -builder.Services.AddSingleton<IUserAccountService, UserAccountService>(); +builder.Services.AddScoped<IUserAccountService, UserAccountService>(); // End of custom services configuration. // Swagger configuration. @@ -68,9 +68,6 @@ builder.Services.AddAuthentication(options => { IssuerSigningKey = new SymmetricSecurityKey(Encoding.UTF8.GetBytes(builder.Configuration["Jwt:Key"])), ClockSkew = TimeSpan.Zero } ); -builder.Services.AddAuthorization(options => { - options.AddPolicy("IsAdministrator", policy => policy.RequireClaim("administrator")); -}); // End of authentication configuration. // Identity configuration. diff --git a/Services/TokenGenerator.cs b/Services/TokenGenerator.cs index 70aca4a..514417d 100644 --- a/Services/TokenGenerator.cs +++ b/Services/TokenGenerator.cs @@ -16,13 +16,13 @@ namespace BackendPIA.Services { public string Generate(UserAccount user, string role) { var key = new SymmetricSecurityKey(Encoding.UTF8.GetBytes(_key)); var creds = new SigningCredentials(key, SecurityAlgorithms.HmacSha256); - var expiration = DateTime.UtcNow.AddMinutes(1); + var expiration = DateTime.UtcNow.AddMinutes(5); //var issuer = _configuration["Jwt:Issuer"]; var claims = new List<Claim> { new Claim("sid", user.Id), new Claim("username", user.UserName), new Claim("email", user.Email), - new Claim("role", role) + new Claim(ClaimTypes.Role, role) }; var descriptor = new JwtSecurityToken(issuer: null, audience: null, claims: claims, expires: expiration, signingCredentials: creds); |