forked from MDCPS/DamageAssessment_Backend
User Role and Authorization features added
This commit is contained in:
Reginald Cherenfant Jasmin
@ -8,6 +8,7 @@
|
||||
|
||||
<ItemGroup>
|
||||
<PackageReference Include="AutoMapper.Extensions.Microsoft.DependencyInjection" Version="12.0.1" />
|
||||
<PackageReference Include="Microsoft.AspNetCore.Authentication.JwtBearer" Version="6.0.21" />
|
||||
<PackageReference Include="Microsoft.EntityFrameworkCore" Version="7.0.9" />
|
||||
<PackageReference Include="Microsoft.EntityFrameworkCore.InMemory" Version="7.0.9" />
|
||||
<PackageReference Include="Swashbuckle.AspNetCore" Version="6.2.3" />
|
||||
|
||||
@ -1,4 +1,7 @@
|
||||
{
|
||||
"JwtSettings": {
|
||||
"securitykey": "bWlhbWkgZGFkZSBzY2hvb2xzIHNlY3JldCBrZXk="
|
||||
},
|
||||
"Logging": {
|
||||
"LogLevel": {
|
||||
"Default": "Information",
|
||||
|
||||
@ -9,6 +9,7 @@
|
||||
<ItemGroup>
|
||||
<PackageReference Include="AutoMapper.Extensions.Microsoft.DependencyInjection" Version="12.0.1" />
|
||||
<PackageReference Include="Azure.Storage.Blobs" Version="12.16.0" />
|
||||
<PackageReference Include="Microsoft.AspNetCore.Authentication.JwtBearer" Version="6.0.21" />
|
||||
<PackageReference Include="Microsoft.AspNetCore.Hosting" Version="2.2.7" />
|
||||
<PackageReference Include="Microsoft.EntityFrameworkCore" Version="7.0.5" />
|
||||
<PackageReference Include="Microsoft.EntityFrameworkCore.InMemory" Version="7.0.5" />
|
||||
|
||||
@ -1,4 +1,7 @@
|
||||
{
|
||||
"JwtSettings": {
|
||||
"securitykey": "bWlhbWkgZGFkZSBzY2hvb2xzIHNlY3JldCBrZXk="
|
||||
},
|
||||
"Logging": {
|
||||
"LogLevel": {
|
||||
"Default": "Information",
|
||||
|
||||
@ -8,6 +8,7 @@
|
||||
|
||||
<ItemGroup>
|
||||
<PackageReference Include="AutoMapper.Extensions.Microsoft.DependencyInjection" Version="12.0.1" />
|
||||
<PackageReference Include="Microsoft.AspNetCore.Authentication.JwtBearer" Version="6.0.21" />
|
||||
<PackageReference Include="Microsoft.EntityFrameworkCore" Version="7.0.5" />
|
||||
<PackageReference Include="Microsoft.EntityFrameworkCore.InMemory" Version="7.0.5" />
|
||||
<PackageReference Include="Swashbuckle.AspNetCore" Version="6.2.3" />
|
||||
|
||||
@ -1,4 +1,7 @@
|
||||
{
|
||||
"JwtSettings": {
|
||||
"securitykey": "bWlhbWkgZGFkZSBzY2hvb2xzIHNlY3JldCBrZXk="
|
||||
},
|
||||
"Logging": {
|
||||
"LogLevel": {
|
||||
"Default": "Information",
|
||||
|
||||
@ -8,6 +8,7 @@
|
||||
|
||||
<ItemGroup>
|
||||
<PackageReference Include="AutoMapper.Extensions.Microsoft.DependencyInjection" Version="12.0.1" />
|
||||
<PackageReference Include="Microsoft.AspNetCore.Authentication.JwtBearer" Version="6.0.21" />
|
||||
<PackageReference Include="Microsoft.EntityFrameworkCore" Version="7.0.5" />
|
||||
<PackageReference Include="Microsoft.EntityFrameworkCore.InMemory" Version="7.0.5" />
|
||||
<PackageReference Include="Swashbuckle.AspNetCore" Version="6.2.3" />
|
||||
|
||||
@ -1,4 +1,7 @@
|
||||
{
|
||||
"JwtSettings": {
|
||||
"securitykey": "bWlhbWkgZGFkZSBzY2hvb2xzIHNlY3JldCBrZXk="
|
||||
},
|
||||
"Logging": {
|
||||
"LogLevel": {
|
||||
"Default": "Information",
|
||||
|
||||
@ -8,6 +8,7 @@
|
||||
|
||||
<ItemGroup>
|
||||
<PackageReference Include="AutoMapper.Extensions.Microsoft.DependencyInjection" Version="12.0.1" />
|
||||
<PackageReference Include="Microsoft.AspNetCore.Authentication.JwtBearer" Version="6.0.21" />
|
||||
<PackageReference Include="Microsoft.EntityFrameworkCore" Version="7.0.5" />
|
||||
<PackageReference Include="Microsoft.EntityFrameworkCore.InMemory" Version="7.0.5" />
|
||||
<PackageReference Include="Swashbuckle.AspNetCore" Version="6.2.3" />
|
||||
|
||||
@ -1,4 +1,7 @@
|
||||
{
|
||||
"JwtSettings": {
|
||||
"securitykey": "bWlhbWkgZGFkZSBzY2hvb2xzIHNlY3JldCBrZXk="
|
||||
},
|
||||
"Logging": {
|
||||
"LogLevel": {
|
||||
"Default": "Information",
|
||||
|
||||
@ -8,9 +8,9 @@
|
||||
|
||||
<ItemGroup>
|
||||
<PackageReference Include="AutoMapper.Extensions.Microsoft.DependencyInjection" Version="12.0.1" />
|
||||
<PackageReference Include="Microsoft.AspNetCore.Authentication.JwtBearer" Version="6.0.21" />
|
||||
<PackageReference Include="Microsoft.EntityFrameworkCore" Version="7.0.5" />
|
||||
<PackageReference Include="Microsoft.EntityFrameworkCore.InMemory" Version="7.0.5" />
|
||||
<PackageReference Include="Microsoft.Extensions.Configuration.Json" Version="7.0.0" />
|
||||
<PackageReference Include="Microsoft.Extensions.Http.Polly" Version="7.0.5" />
|
||||
<PackageReference Include="Newtonsoft.Json" Version="13.0.3" />
|
||||
<PackageReference Include="Swashbuckle.AspNetCore" Version="6.2.3" />
|
||||
|
||||
@ -1,4 +1,5 @@
|
||||
using DamageAssesment.Api.Surveys.Interfaces;
|
||||
using Microsoft.AspNetCore.Authorization;
|
||||
using Microsoft.AspNetCore.Http;
|
||||
using Microsoft.AspNetCore.Mvc;
|
||||
|
||||
@ -25,6 +26,7 @@ namespace DamageAssesment.Api.Surveys.Controllers
|
||||
}
|
||||
return NoContent();
|
||||
}
|
||||
|
||||
[HttpGet("{Id}")]
|
||||
public async Task<ActionResult> GetSurveysAsync(int Id)
|
||||
{
|
||||
|
||||
@ -8,6 +8,7 @@
|
||||
|
||||
<ItemGroup>
|
||||
<PackageReference Include="AutoMapper.Extensions.Microsoft.DependencyInjection" Version="12.0.1" />
|
||||
<PackageReference Include="Microsoft.AspNetCore.Authentication.JwtBearer" Version="6.0.21" />
|
||||
<PackageReference Include="Microsoft.EntityFrameworkCore" Version="7.0.5" />
|
||||
<PackageReference Include="Microsoft.EntityFrameworkCore.InMemory" Version="7.0.5" />
|
||||
<PackageReference Include="Swashbuckle.AspNetCore" Version="6.2.3" />
|
||||
|
||||
@ -1,11 +1,32 @@
|
||||
using DamageAssesment.Api.Surveys.Db;
|
||||
using DamageAssesment.Api.Surveys.Interfaces;
|
||||
using DamageAssesment.Api.Surveys.Providers;
|
||||
using Microsoft.AspNetCore.Authentication.JwtBearer;
|
||||
using Microsoft.EntityFrameworkCore;
|
||||
using Microsoft.IdentityModel.Tokens;
|
||||
using System.Text;
|
||||
|
||||
var builder = WebApplication.CreateBuilder(args);
|
||||
|
||||
// Add services to the container.
|
||||
var authkey = builder.Configuration.GetValue<string>("JwtSettings:securitykey");
|
||||
builder.Services.AddAuthentication(item =>
|
||||
{
|
||||
item.DefaultAuthenticateScheme = JwtBearerDefaults.AuthenticationScheme;
|
||||
item.DefaultChallengeScheme = JwtBearerDefaults.AuthenticationScheme;
|
||||
}).AddJwtBearer(item =>
|
||||
{
|
||||
item.RequireHttpsMetadata = true;
|
||||
item.SaveToken = true;
|
||||
item.TokenValidationParameters = new TokenValidationParameters()
|
||||
{
|
||||
ValidateIssuerSigningKey = true,
|
||||
IssuerSigningKey = new SymmetricSecurityKey(Encoding.UTF8.GetBytes(authkey)),
|
||||
ValidateIssuer = false,
|
||||
ValidateAudience = false,
|
||||
ClockSkew = TimeSpan.Zero
|
||||
};
|
||||
});
|
||||
|
||||
builder.Services.AddControllers();
|
||||
// Learn more about configuring Swagger/OpenAPI at https://aka.ms/aspnetcore/swashbuckle
|
||||
@ -26,6 +47,7 @@ if (app.Environment.IsDevelopment())
|
||||
app.UseSwaggerUI();
|
||||
}
|
||||
|
||||
app.UseAuthentication();
|
||||
app.UseAuthorization();
|
||||
|
||||
app.MapControllers();
|
||||
|
||||
@ -26,7 +26,7 @@ namespace DamageAssesment.Api.Surveys.Providers
|
||||
surveyDbContext.Surveys.Add(new Db.Survey { Id = 1, Title = "Sample Survey Title:Damage Assesment 2014", IsEnabled = true, StartDate = DateTime.Now, EndDate = DateTime.Now.AddDays(90) });
|
||||
surveyDbContext.Surveys.Add(new Db.Survey { Id = 2, Title = "Sample Survey Title: Damage Assesment 2016", IsEnabled = true, StartDate = DateTime.Now, EndDate = DateTime.Now.AddDays(90) });
|
||||
surveyDbContext.Surveys.Add(new Db.Survey { Id = 3, Title = "Sample Survey Title: Damage Assesment 2018", IsEnabled = true, StartDate = DateTime.Now, EndDate = DateTime.Now.AddDays(90) });
|
||||
surveyDbContext.SaveChanges();
|
||||
surveyDbContext.SaveChangesAsync();
|
||||
}
|
||||
}
|
||||
|
||||
@ -80,7 +80,7 @@ namespace DamageAssesment.Api.Surveys.Providers
|
||||
var surveys = await surveyDbContext.Surveys.ToListAsync();
|
||||
survey.Id = surveys.Count + 1;
|
||||
surveyDbContext.Surveys.Add(mapper.Map<Models.Survey, Db.Survey>(survey));
|
||||
surveyDbContext.SaveChanges();
|
||||
await surveyDbContext.SaveChangesAsync();
|
||||
return (true, survey, "Successful");
|
||||
}
|
||||
else
|
||||
@ -110,7 +110,7 @@ namespace DamageAssesment.Api.Surveys.Providers
|
||||
_survey.IsEnabled = survey.IsEnabled;
|
||||
_survey.StartDate = survey.StartDate;
|
||||
_survey.EndDate = survey.EndDate;
|
||||
surveyDbContext.SaveChanges();
|
||||
await surveyDbContext.SaveChangesAsync();
|
||||
return (true, mapper.Map<Db.Survey, Models.Survey>(_survey), "Successful");
|
||||
}
|
||||
else
|
||||
@ -141,7 +141,7 @@ namespace DamageAssesment.Api.Surveys.Providers
|
||||
if (survey != null)
|
||||
{
|
||||
surveyDbContext.Surveys.Remove(survey);
|
||||
surveyDbContext.SaveChanges();
|
||||
await surveyDbContext.SaveChangesAsync();
|
||||
return (true, mapper.Map<Db.Survey, Models.Survey>(survey), $"Survey Id: {Id} deleted Successfuly");
|
||||
}
|
||||
else
|
||||
|
||||
@ -1,4 +1,7 @@
|
||||
{
|
||||
"JwtSettings": {
|
||||
"securitykey": "bWlhbWkgZGFkZSBzY2hvb2xzIHNlY3JldCBrZXk="
|
||||
},
|
||||
"Logging": {
|
||||
"LogLevel": {
|
||||
"Default": "Information",
|
||||
|
||||
@ -0,0 +1,21 @@
|
||||
namespace DamageAssesment.Api.UsersAccess.Bases
|
||||
{
|
||||
public class ServiceProviderBase
|
||||
{
|
||||
protected readonly IConfiguration configuration;
|
||||
protected readonly HttpClient httpClient;
|
||||
protected private readonly ILogger<ServiceProviderBase> logger;
|
||||
protected string ressource;
|
||||
protected string urlBase;
|
||||
|
||||
|
||||
public ServiceProviderBase(IConfiguration configuration, HttpClient httpClient, ILogger<ServiceProviderBase> logger, string ressource, string urlBase)
|
||||
{
|
||||
this.configuration = configuration;
|
||||
this.httpClient = httpClient;
|
||||
this.logger = logger;
|
||||
this.ressource = ressource;
|
||||
this.urlBase = urlBase;
|
||||
}
|
||||
}
|
||||
}
|
||||
@ -0,0 +1,97 @@
|
||||
using DamageAssesment.Api.UsersAccess.Interfaces;
|
||||
using DamageAssesment.Api.UsersAccess.Models;
|
||||
using Microsoft.AspNetCore.Mvc;
|
||||
|
||||
namespace DamageAssesment.Api.UsersAccess.Controllers
|
||||
{
|
||||
[Route("api")]
|
||||
[ApiController]
|
||||
public class UsersAccessController : ControllerBase
|
||||
{
|
||||
private IUsersAccessProvider userAccessProvider;
|
||||
|
||||
public UsersAccessController(IUsersAccessProvider userAccessProvider)
|
||||
{
|
||||
this.userAccessProvider = userAccessProvider;
|
||||
}
|
||||
[HttpPost("authenticate")]
|
||||
public async Task<ActionResult> AuthenticateAsync(UserCredentials userCredentials)
|
||||
{
|
||||
var result = await userAccessProvider.AuthenticateAsync(userCredentials);
|
||||
if (result.IsSuccess)
|
||||
{
|
||||
return Ok(result.TokenResponse);
|
||||
}
|
||||
return Unauthorized(result.ErrorMessage);
|
||||
}
|
||||
|
||||
[HttpPost("refreshToken")]
|
||||
public async Task<ActionResult> RefreshTokenAsync(TokenResponse tokenResponse)
|
||||
{
|
||||
var result = await userAccessProvider.RefreshTokenAsync(tokenResponse);
|
||||
if (result.IsSuccess)
|
||||
{
|
||||
return Ok(result.TokenResponse);
|
||||
}
|
||||
return Unauthorized(result.ErrorMessage);
|
||||
}
|
||||
|
||||
[HttpGet("users")]
|
||||
public async Task<ActionResult> GetUsersAsync()
|
||||
{
|
||||
var result = await userAccessProvider.GetUsersAsync();
|
||||
if (result.IsSuccess)
|
||||
{
|
||||
return Ok(result.Users);
|
||||
}
|
||||
return NoContent();
|
||||
}
|
||||
|
||||
[HttpGet("users/{Id}")]
|
||||
public async Task<ActionResult> GetUsersAsync(int Id)
|
||||
{
|
||||
var result = await userAccessProvider.GetUsersAsync(Id);
|
||||
if (result.IsSuccess)
|
||||
{
|
||||
return Ok(result.User);
|
||||
}
|
||||
return NotFound();
|
||||
}
|
||||
|
||||
[HttpPost("users")]
|
||||
public async Task<ActionResult> PostUserAsync(User user)
|
||||
{
|
||||
var result = await userAccessProvider.PostUserAsync(user);
|
||||
if (result.IsSuccess)
|
||||
{
|
||||
return Ok(result.User);
|
||||
}
|
||||
return BadRequest(result.ErrorMessage);
|
||||
}
|
||||
|
||||
[HttpPut("users/{Id}")]
|
||||
public async Task<ActionResult> PutUserAsync(int Id, User user)
|
||||
{
|
||||
var result = await userAccessProvider.PutUserAsync(Id, user);
|
||||
if (result.IsSuccess)
|
||||
{
|
||||
return Ok(result.User);
|
||||
}
|
||||
if (result.ErrorMessage == "Not Found")
|
||||
return NotFound(result.ErrorMessage);
|
||||
|
||||
return BadRequest(result.ErrorMessage);
|
||||
}
|
||||
|
||||
[HttpDelete("users/{Id}")]
|
||||
public async Task<ActionResult> DeleteSurveysAsync(int Id)
|
||||
{
|
||||
var result = await userAccessProvider.DeleteUserAsync(Id);
|
||||
if (result.IsSuccess)
|
||||
{
|
||||
return Ok(result.User);
|
||||
}
|
||||
return NotFound();
|
||||
}
|
||||
}
|
||||
}
|
||||
@ -0,0 +1,19 @@
|
||||
<Project Sdk="Microsoft.NET.Sdk.Web">
|
||||
|
||||
<PropertyGroup>
|
||||
<TargetFramework>net6.0</TargetFramework>
|
||||
<Nullable>enable</Nullable>
|
||||
<ImplicitUsings>enable</ImplicitUsings>
|
||||
</PropertyGroup>
|
||||
|
||||
<ItemGroup>
|
||||
<PackageReference Include="AutoMapper.Extensions.Microsoft.DependencyInjection" Version="12.0.1" />
|
||||
<PackageReference Include="Microsoft.AspNetCore.Authentication.JwtBearer" Version="6.0.21" />
|
||||
<PackageReference Include="Microsoft.EntityFrameworkCore" Version="7.0.5" />
|
||||
<PackageReference Include="Microsoft.EntityFrameworkCore.InMemory" Version="7.0.5" />
|
||||
<PackageReference Include="Microsoft.Extensions.Http.Polly" Version="7.0.10" />
|
||||
<PackageReference Include="Newtonsoft.Json" Version="13.0.3" />
|
||||
<PackageReference Include="Swashbuckle.AspNetCore" Version="6.2.3" />
|
||||
</ItemGroup>
|
||||
|
||||
</Project>
|
||||
@ -0,0 +1,21 @@
|
||||
using System.ComponentModel.DataAnnotations;
|
||||
using System.ComponentModel.DataAnnotations.Schema;
|
||||
using System.Text.Json.Serialization;
|
||||
|
||||
namespace DamageAssesment.Api.UsersAccess.Db
|
||||
{
|
||||
public class Role
|
||||
{
|
||||
[Key]
|
||||
public int Id { get; set; }
|
||||
|
||||
[StringLength(100)]
|
||||
[Required]
|
||||
public string Name { get; set; }
|
||||
|
||||
// add a status field
|
||||
|
||||
[StringLength(100)]
|
||||
public string? Description { get; set; }
|
||||
}
|
||||
}
|
||||
@ -0,0 +1,17 @@
|
||||
using Microsoft.EntityFrameworkCore.Metadata.Internal;
|
||||
using System.ComponentModel.DataAnnotations;
|
||||
using System.ComponentModel.DataAnnotations.Schema;
|
||||
|
||||
namespace DamageAssesment.Api.UsersAccess.Db
|
||||
{
|
||||
public class Token
|
||||
{
|
||||
[Key]
|
||||
public string Id { get; set; }
|
||||
[Required]
|
||||
[ForeignKey("User")]
|
||||
public int UserId { get; set; }
|
||||
public string? RefreshToken { get; set; }
|
||||
public bool? IsActive { get; set; }
|
||||
}
|
||||
}
|
||||
@ -0,0 +1,27 @@
|
||||
using System.ComponentModel.DataAnnotations;
|
||||
using System.ComponentModel.DataAnnotations.Schema;
|
||||
using System.Text.Json.Serialization;
|
||||
|
||||
namespace DamageAssesment.Api.UsersAccess.Db
|
||||
{
|
||||
public class User
|
||||
{
|
||||
[Key]
|
||||
public int Id { get; set; }
|
||||
|
||||
[ForeignKey("Employee")]
|
||||
public string EmployeeId { get; set; }
|
||||
|
||||
[ForeignKey("Role")]
|
||||
[Required]
|
||||
public int RoleId { get; set; }
|
||||
[Required]
|
||||
public bool? IsActive { get; set; } = true;
|
||||
|
||||
[Required]
|
||||
public DateTime? CreateDate { get; set; } = DateTime.Now;
|
||||
|
||||
public DateTime? UpdateDate { get; set; }
|
||||
|
||||
}
|
||||
}
|
||||
@ -0,0 +1,17 @@
|
||||
using Microsoft.EntityFrameworkCore;
|
||||
|
||||
namespace DamageAssesment.Api.UsersAccess.Db
|
||||
{
|
||||
public class UsersAccessDbContext:DbContext
|
||||
{
|
||||
public DbSet<Db.User> Users { get; set; }
|
||||
public DbSet<Db.Role> Roles { get; set; }
|
||||
public DbSet<Db.Token> Tokens { get; set; }
|
||||
public UsersAccessDbContext(DbContextOptions options) : base(options)
|
||||
{
|
||||
|
||||
}
|
||||
|
||||
|
||||
}
|
||||
}
|
||||
@ -0,0 +1,10 @@
|
||||
using DamageAssesment.Api.UsersAccess.Models;
|
||||
|
||||
namespace DamageAssesment.Api.UsersAccess.Interfaces
|
||||
{
|
||||
public interface IEmployeeServiceProvider
|
||||
{
|
||||
Task<List<Employee>> getEmployeesAsync();
|
||||
Task<Employee> getEmployeeAsync(string employeeID);
|
||||
}
|
||||
}
|
||||
@ -0,0 +1,12 @@
|
||||
namespace DamageAssesment.Api.UsersAccess.Interfaces
|
||||
{
|
||||
public interface IRoleProvider
|
||||
{
|
||||
Task<(bool IsSuccess, IEnumerable< Models.Role> Roles, string ErrorMessage)> GetRolesAsync();
|
||||
Task<(bool IsSuccess, Models.Role Roles, string ErrorMessage)> GetRolesAsync(int Id);
|
||||
Task<(bool IsSuccess, Models.Role Role, string ErrorMessage)> PostRoleAsync(Models.Role Role);
|
||||
Task<(bool IsSuccess, Models.Role Role, string ErrorMessage)> PutRoleAsync(int Id,Models.Role Role);
|
||||
Task<(bool IsSuccess, Models.Role Role, string ErrorMessage)> DeleteRoleAsync(int Id);
|
||||
|
||||
}
|
||||
}
|
||||
@ -0,0 +1,11 @@
|
||||
using DamageAssesment.Api.UsersAccess.Models;
|
||||
using System.Security.Claims;
|
||||
|
||||
namespace DamageAssesment.Api.UsersAccess.Interfaces
|
||||
{
|
||||
public interface ITokenServiceProvider
|
||||
{
|
||||
Task<string> GenerateToken(User user);
|
||||
Task<TokenResponse> TokenAuthenticate(User user, Claim[] claims);
|
||||
}
|
||||
}
|
||||
@ -0,0 +1,16 @@
|
||||
using DamageAssesment.Api.UsersAccess.Models;
|
||||
|
||||
namespace DamageAssesment.Api.UsersAccess.Interfaces
|
||||
{
|
||||
public interface IUsersAccessProvider
|
||||
{
|
||||
public Task<(bool IsSuccess, IEnumerable< Models.User> Users, string ErrorMessage)> GetUsersAsync();
|
||||
public Task<(bool IsSuccess, Models.User User, string ErrorMessage)> GetUsersAsync(int Id);
|
||||
public Task<(bool IsSuccess, Models.User User, string ErrorMessage)> PostUserAsync(Models.User User);
|
||||
public Task<(bool IsSuccess, Models.User User, string ErrorMessage)> PutUserAsync(int Id,Models.User User);
|
||||
public Task<(bool IsSuccess, Models.User User, string ErrorMessage)> DeleteUserAsync(int Id);
|
||||
public Task<(bool IsSuccess, IEnumerable<Models.Role> Roles, string ErrorMessage)> GetRolesAsync();
|
||||
public Task<(bool IsSuccess, Models.TokenResponse TokenResponse, string ErrorMessage)> AuthenticateAsync(UserCredentials userCredentials);
|
||||
public Task<(bool IsSuccess, Models.TokenResponse TokenResponse, string ErrorMessage)>RefreshTokenAsync(TokenResponse tokenResponse);
|
||||
}
|
||||
}
|
||||
@ -0,0 +1,21 @@
|
||||
using System.ComponentModel.DataAnnotations;
|
||||
|
||||
namespace DamageAssesment.Api.UsersAccess.Models
|
||||
{
|
||||
public class Employee
|
||||
{
|
||||
public string Id { get; set; }
|
||||
|
||||
[StringLength(50)]
|
||||
public string Name { get; set; }
|
||||
|
||||
public DateTime BirthDate { get; set; }
|
||||
|
||||
[StringLength(50)]
|
||||
public string OfficePhoneNumber { get; set; }
|
||||
|
||||
[StringLength(50)]
|
||||
public string Email { get; set; }
|
||||
public bool IsActive { get; set; }
|
||||
}
|
||||
}
|
||||
@ -0,0 +1,9 @@
|
||||
using System.ComponentModel.DataAnnotations;
|
||||
namespace DamageAssesment.Api.UsersAccess.Models
|
||||
{
|
||||
|
||||
public class JwtSettings
|
||||
{
|
||||
public string securitykey { get; set; }
|
||||
}
|
||||
}
|
||||
@ -0,0 +1,9 @@
|
||||
using System.ComponentModel.DataAnnotations;
|
||||
namespace DamageAssesment.Api.UsersAccess.Models
|
||||
{
|
||||
public class Role {
|
||||
public int Id { get; set; }
|
||||
public string Name { get; set; }
|
||||
public string? Description { get; set; }
|
||||
}
|
||||
}
|
||||
@ -0,0 +1,10 @@
|
||||
namespace DamageAssesment.Api.UsersAccess.Models
|
||||
{
|
||||
public class Token
|
||||
{
|
||||
public string Id { get; set; }
|
||||
public int UserId { get; set; }
|
||||
public string? RefreshToken { get; set; }
|
||||
public bool? IsActive { get; set; }
|
||||
}
|
||||
}
|
||||
@ -0,0 +1,8 @@
|
||||
namespace DamageAssesment.Api.UsersAccess.Models
|
||||
{
|
||||
public class TokenResponse
|
||||
{
|
||||
public string? jwttoken { get; set; }
|
||||
public string? refreshtoken { get; set; }
|
||||
}
|
||||
}
|
||||
@ -0,0 +1,12 @@
|
||||
namespace DamageAssesment.Api.UsersAccess.Models
|
||||
{
|
||||
public class User
|
||||
{
|
||||
public int Id { get; set; }
|
||||
public string EmployeeId { get; set; }
|
||||
public int RoleId { get; set; }
|
||||
public bool? IsActive { get; set; }
|
||||
public DateTime? CreateDate { get; set; }
|
||||
public DateTime? UpdateDate { get; set; }
|
||||
}
|
||||
}
|
||||
@ -0,0 +1,5 @@
|
||||
public class UserCredentials
|
||||
{
|
||||
public string? username { get; set; }
|
||||
// public string? password { get; set; }
|
||||
}
|
||||
@ -0,0 +1,14 @@
|
||||
namespace DamageAssesment.Api.UsersAccess.Profiles
|
||||
{
|
||||
public class UsersAccessProfile : AutoMapper.Profile
|
||||
{
|
||||
public UsersAccessProfile()
|
||||
{
|
||||
CreateMap<Db.User, Models.User>();
|
||||
CreateMap<Models.User, Db.User>();
|
||||
|
||||
CreateMap<Db.Role, Models.Role>();
|
||||
CreateMap<Models.Role, Db.Role>();
|
||||
}
|
||||
}
|
||||
}
|
||||
@ -0,0 +1,77 @@
|
||||
using DamageAssesment.Api.UsersAccess.Db;
|
||||
using DamageAssesment.Api.UsersAccess.Interfaces;
|
||||
using DamageAssesment.Api.UsersAccess.Providers;
|
||||
using DamageAssesment.Api.UsersAccess.Models;
|
||||
using Microsoft.AspNetCore.Authentication.JwtBearer;
|
||||
using Microsoft.EntityFrameworkCore;
|
||||
using Microsoft.IdentityModel.Tokens;
|
||||
using System.Text;
|
||||
using Polly;
|
||||
using DamageAssesment.Api.SurveyResponses.Providers;
|
||||
|
||||
const int maxApiCallRetries = 3;
|
||||
const int intervalToRetry = 2; //2 seconds
|
||||
const int maxRetryForCircuitBraker = 5;
|
||||
const int intervalForCircuitBraker = 5; //5 seconds
|
||||
|
||||
var builder = WebApplication.CreateBuilder(args);
|
||||
|
||||
// Add services to the container.
|
||||
var authkey = builder.Configuration.GetValue<string>("JwtSettings:securitykey");
|
||||
builder.Services.AddAuthentication(item =>
|
||||
{
|
||||
item.DefaultAuthenticateScheme = JwtBearerDefaults.AuthenticationScheme;
|
||||
item.DefaultChallengeScheme = JwtBearerDefaults.AuthenticationScheme;
|
||||
}).AddJwtBearer(item =>
|
||||
{
|
||||
item.RequireHttpsMetadata = true;
|
||||
item.SaveToken = true;
|
||||
item.TokenValidationParameters = new TokenValidationParameters()
|
||||
{
|
||||
ValidateIssuerSigningKey = true,
|
||||
IssuerSigningKey = new SymmetricSecurityKey(Encoding.UTF8.GetBytes(authkey)),
|
||||
ValidateIssuer = false,
|
||||
ValidateAudience = false,
|
||||
ClockSkew = TimeSpan.Zero
|
||||
};
|
||||
});
|
||||
|
||||
var _jwtsettings = builder.Configuration.GetSection("JwtSettings");
|
||||
builder.Services.Configure<JwtSettings>(_jwtsettings);
|
||||
|
||||
|
||||
|
||||
builder.Services.AddHttpClient<IEmployeeServiceProvider, EmployeeServiceProvider>().
|
||||
AddTransientHttpErrorPolicy(policy => policy.WaitAndRetryAsync(maxApiCallRetries, _ => TimeSpan.FromSeconds(intervalToRetry))).
|
||||
AddTransientHttpErrorPolicy(policy => policy.CircuitBreakerAsync(maxRetryForCircuitBraker, TimeSpan.FromSeconds(intervalForCircuitBraker)));
|
||||
|
||||
builder.Services.AddControllers();
|
||||
// Learn more about configuring Swagger/OpenAPI at https://aka.ms/aspnetcore/swashbuckle
|
||||
builder.Services.AddScoped<IUsersAccessProvider, UsersAccessProvider>();
|
||||
builder.Services.AddScoped<ITokenServiceProvider, TokenServiceProvider>();
|
||||
builder.Services.AddAutoMapper(AppDomain.CurrentDomain.GetAssemblies());
|
||||
builder.Services.AddEndpointsApiExplorer();
|
||||
builder.Services.AddSwaggerGen();
|
||||
builder.Services.AddDbContext<UsersAccessDbContext>(option =>
|
||||
{
|
||||
option.UseInMemoryDatabase("UsersAccess");
|
||||
});
|
||||
|
||||
|
||||
|
||||
|
||||
var app = builder.Build();
|
||||
|
||||
// Configure the HTTP request pipeline.
|
||||
if (app.Environment.IsDevelopment())
|
||||
{
|
||||
app.UseSwagger();
|
||||
app.UseSwaggerUI();
|
||||
}
|
||||
|
||||
app.UseAuthentication();
|
||||
app.UseAuthorization();
|
||||
|
||||
app.MapControllers();
|
||||
|
||||
app.Run();
|
||||
@ -0,0 +1,31 @@
|
||||
{
|
||||
"$schema": "https://json.schemastore.org/launchsettings.json",
|
||||
"iisSettings": {
|
||||
"windowsAuthentication": false,
|
||||
"anonymousAuthentication": true,
|
||||
"iisExpress": {
|
||||
"applicationUrl": "http://localhost:28382",
|
||||
"sslPort": 0
|
||||
}
|
||||
},
|
||||
"profiles": {
|
||||
"DamageAssesment.Api.Users": {
|
||||
"commandName": "Project",
|
||||
"dotnetRunMessages": true,
|
||||
"launchBrowser": true,
|
||||
"launchUrl": "swagger",
|
||||
"applicationUrl": "http://localhost:5027",
|
||||
"environmentVariables": {
|
||||
"ASPNETCORE_ENVIRONMENT": "Development"
|
||||
}
|
||||
},
|
||||
"IIS Express": {
|
||||
"commandName": "IISExpress",
|
||||
"launchBrowser": true,
|
||||
"launchUrl": "swagger",
|
||||
"environmentVariables": {
|
||||
"ASPNETCORE_ENVIRONMENT": "Development"
|
||||
}
|
||||
}
|
||||
}
|
||||
}
|
||||
@ -0,0 +1,58 @@
|
||||
using DamageAssesment.Api.UsersAccess.Bases;
|
||||
using DamageAssesment.Api.UsersAccess.Interfaces;
|
||||
using DamageAssesment.Api.UsersAccess.Models;
|
||||
using Newtonsoft.Json;
|
||||
using System.Reflection;
|
||||
|
||||
namespace DamageAssesment.Api.SurveyResponses.Providers
|
||||
{
|
||||
public class EmployeeServiceProvider :ServiceProviderBase, IEmployeeServiceProvider
|
||||
{
|
||||
public EmployeeServiceProvider(IConfiguration configuration, HttpClient httpClient, ILogger<EmployeeServiceProvider> logger) : base(configuration, httpClient, logger, "/api/Employees", configuration.GetValue<string>("EndPointSettings:EmployeeUrlBase"))
|
||||
{
|
||||
}
|
||||
|
||||
public async Task<List<Employee>> getEmployeesAsync()
|
||||
{
|
||||
try
|
||||
{
|
||||
httpClient.BaseAddress = new Uri(urlBase);
|
||||
var response = await httpClient.GetAsync(ressource);
|
||||
response.EnsureSuccessStatusCode();
|
||||
var responseString = await response.Content.ReadAsStringAsync();
|
||||
var employees = JsonConvert.DeserializeObject<List<Employee>>(responseString);
|
||||
|
||||
if (employees == null || !employees.Any())
|
||||
return null;
|
||||
else return employees;
|
||||
}
|
||||
catch (Exception ex)
|
||||
{
|
||||
logger?.LogError($"Exception Found : {ex.Message} - Ref: EmployeeServiceProvider.getEmployeesAsync()");
|
||||
return null;
|
||||
}
|
||||
}
|
||||
|
||||
public async Task<Employee> getEmployeeAsync(string employeeID)
|
||||
{
|
||||
try
|
||||
{
|
||||
httpClient.BaseAddress = new Uri(urlBase);
|
||||
//ressource = ressource + "/" + employeeID;
|
||||
var response = await httpClient.GetAsync("/api/Employees/"+ employeeID);
|
||||
response.EnsureSuccessStatusCode();
|
||||
var responseString = await response.Content.ReadAsStringAsync();
|
||||
var employee = JsonConvert.DeserializeObject<Employee>(responseString);
|
||||
|
||||
if (employee == null )
|
||||
return null;
|
||||
else return employee;
|
||||
}
|
||||
catch (Exception ex)
|
||||
{
|
||||
logger?.LogError($"Exception Found : {ex.Message} - Ref: EmployeeServiceProvider.getEmployeeAsync()");
|
||||
return null;
|
||||
}
|
||||
}
|
||||
}
|
||||
}
|
||||
@ -0,0 +1,57 @@
|
||||
using System.IdentityModel.Tokens.Jwt;
|
||||
using System.Security.Claims;
|
||||
using System.Security.Cryptography;
|
||||
using System.Text;
|
||||
using DamageAssesment.Api.UsersAccess.Db;
|
||||
using DamageAssesment.Api.UsersAccess.Interfaces;
|
||||
using DamageAssesment.Api.UsersAccess.Models;
|
||||
using Microsoft.EntityFrameworkCore;
|
||||
using Microsoft.Extensions.Options;
|
||||
using Microsoft.IdentityModel.Tokens;
|
||||
|
||||
public class TokenServiceProvider : ITokenServiceProvider
|
||||
{
|
||||
private readonly UsersAccessDbContext usersAccessDbContext;
|
||||
private readonly JwtSettings jwtSettings;
|
||||
public TokenServiceProvider(IOptions<JwtSettings> options,UsersAccessDbContext usersAccessDbContext)
|
||||
{
|
||||
this.usersAccessDbContext = usersAccessDbContext;
|
||||
this.jwtSettings = options.Value;
|
||||
}
|
||||
public async Task<string> GenerateToken(DamageAssesment.Api.UsersAccess.Models.User user)
|
||||
{
|
||||
var randomnumber = new byte[32];
|
||||
using (var ramdomnumbergenerator = RandomNumberGenerator.Create())
|
||||
{
|
||||
ramdomnumbergenerator.GetBytes(randomnumber);
|
||||
string refreshtoken = Convert.ToBase64String(randomnumber);
|
||||
var token = await usersAccessDbContext.Tokens.FirstOrDefaultAsync(item => item.UserId == user.Id);
|
||||
if (token != null)
|
||||
{
|
||||
token.RefreshToken = refreshtoken;
|
||||
}
|
||||
else
|
||||
{
|
||||
usersAccessDbContext.Tokens.Add(new DamageAssesment.Api.UsersAccess.Db.Token()
|
||||
{
|
||||
Id = new Random().Next().ToString(),
|
||||
UserId = user.Id,
|
||||
RefreshToken = refreshtoken,
|
||||
IsActive = true
|
||||
});
|
||||
}
|
||||
await usersAccessDbContext.SaveChangesAsync();
|
||||
|
||||
return refreshtoken;
|
||||
}
|
||||
}
|
||||
|
||||
public async Task<TokenResponse> TokenAuthenticate(DamageAssesment.Api.UsersAccess.Models.User user, Claim[] claims)
|
||||
{
|
||||
var token = new JwtSecurityToken(claims: claims, expires: DateTime.Now.AddSeconds(20),
|
||||
signingCredentials: new SigningCredentials(new SymmetricSecurityKey(Encoding.UTF8.GetBytes(jwtSettings.securitykey)), SecurityAlgorithms.HmacSha256)
|
||||
);
|
||||
var jwttoken = new JwtSecurityTokenHandler().WriteToken(token);
|
||||
return new TokenResponse() { jwttoken = jwttoken, refreshtoken = await GenerateToken(user) };
|
||||
}
|
||||
}
|
||||
@ -0,0 +1,341 @@
|
||||
using AutoMapper;
|
||||
using DamageAssesment.Api.UsersAccess.Db;
|
||||
using DamageAssesment.Api.UsersAccess.Interfaces;
|
||||
using DamageAssesment.Api.UsersAccess.Models;
|
||||
using Microsoft.EntityFrameworkCore;
|
||||
using Microsoft.Extensions.Options;
|
||||
using Microsoft.IdentityModel.Tokens;
|
||||
using System.Data;
|
||||
using System.IdentityModel.Tokens.Jwt;
|
||||
using System.Security.Claims;
|
||||
using System.Text;
|
||||
|
||||
namespace DamageAssesment.Api.UsersAccess.Providers
|
||||
{
|
||||
public class UsersAccessProvider : IUsersAccessProvider
|
||||
{
|
||||
private readonly UsersAccessDbContext userAccessDbContext;
|
||||
private readonly ILogger<UsersAccessProvider> logger;
|
||||
private readonly IMapper mapper;
|
||||
private readonly IEmployeeServiceProvider employeeServiceProvider;
|
||||
private readonly JwtSettings jwtSettings;
|
||||
private readonly ITokenServiceProvider tokenServiceProvider;
|
||||
|
||||
public UsersAccessProvider(IOptions<JwtSettings> options, ITokenServiceProvider tokenServiceProvider, UsersAccessDbContext userAccessDbContext, IEmployeeServiceProvider employeeServiceProvider, ILogger<UsersAccessProvider> logger, IMapper mapper)
|
||||
{
|
||||
this.userAccessDbContext = userAccessDbContext;
|
||||
this.employeeServiceProvider = employeeServiceProvider;
|
||||
this.logger = logger;
|
||||
this.mapper = mapper;
|
||||
jwtSettings = options.Value;
|
||||
this.tokenServiceProvider = tokenServiceProvider;
|
||||
seedData();
|
||||
}
|
||||
|
||||
private void seedData()
|
||||
{
|
||||
if (!userAccessDbContext.Users.Any())
|
||||
{
|
||||
userAccessDbContext.Users.Add(new Db.User { Id = 1, EmployeeId = "Emp1", RoleId = 1 });
|
||||
userAccessDbContext.Users.Add(new Db.User { Id = 2, EmployeeId = "Emp2", RoleId = 2 });
|
||||
userAccessDbContext.Users.Add(new Db.User { Id = 3, EmployeeId = "Emp3", RoleId = 3 });
|
||||
userAccessDbContext.SaveChanges();
|
||||
}
|
||||
|
||||
if (!userAccessDbContext.Roles.Any())
|
||||
{
|
||||
userAccessDbContext.Roles.Add(new Db.Role { Id = 1, Name = "admin" });
|
||||
userAccessDbContext.Roles.Add(new Db.Role { Id = 2, Name = "user" });
|
||||
userAccessDbContext.Roles.Add(new Db.Role { Id = 3, Name = "survey" });
|
||||
userAccessDbContext.Roles.Add(new Db.Role { Id = 4, Name = "report" });
|
||||
userAccessDbContext.Roles.Add(new Db.Role { Id = 5, Name = "document" });
|
||||
userAccessDbContext.SaveChanges();
|
||||
}
|
||||
}
|
||||
|
||||
public async Task<(bool IsSuccess, IEnumerable<Models.User> Users, string ErrorMessage)> GetUsersAsync()
|
||||
{
|
||||
try
|
||||
{
|
||||
logger?.LogInformation("Gell all Users from DB");
|
||||
var users = await userAccessDbContext.Users.ToListAsync();
|
||||
if (users != null)
|
||||
{
|
||||
logger?.LogInformation($"{users.Count} Items(s) found");
|
||||
var result = mapper.Map<IEnumerable<Db.User>, IEnumerable<Models.User>>(users);
|
||||
return (true, result, null);
|
||||
}
|
||||
return (false, null, "Not found");
|
||||
}
|
||||
catch (Exception ex)
|
||||
{
|
||||
logger?.LogError(ex.ToString());
|
||||
return (false, null, ex.Message);
|
||||
}
|
||||
}
|
||||
|
||||
public async Task<(bool IsSuccess, Models.User User, string ErrorMessage)> GetUsersAsync(int Id)
|
||||
{
|
||||
try
|
||||
{
|
||||
logger?.LogInformation("Querying Users table");
|
||||
var user = await userAccessDbContext.Users.SingleOrDefaultAsync(s => s.Id == Id);
|
||||
if (user != null)
|
||||
{
|
||||
logger?.LogInformation($"User Id: {Id} found");
|
||||
var result = mapper.Map<Db.User, Models.User>(user);
|
||||
return (true, result, null);
|
||||
}
|
||||
return (false, null, "Not found");
|
||||
}
|
||||
catch (Exception ex)
|
||||
{
|
||||
logger?.LogError(ex.ToString());
|
||||
return (false, null, ex.Message);
|
||||
}
|
||||
}
|
||||
|
||||
public async Task<(bool IsSuccess, Models.User User, string ErrorMessage)> PostUserAsync(Models.User user)
|
||||
{
|
||||
try
|
||||
{
|
||||
if (user != null)
|
||||
{
|
||||
var users = await userAccessDbContext.Users.ToListAsync();
|
||||
int count = users.Where(u => u.EmployeeId == user.EmployeeId).Count();
|
||||
if (count == 0)
|
||||
{
|
||||
user.Id = users.Count + 1;
|
||||
userAccessDbContext.Users.Add(mapper.Map<Models.User, Db.User>(user));
|
||||
await userAccessDbContext.SaveChangesAsync();
|
||||
return (true, user, "Successful");
|
||||
}
|
||||
else
|
||||
{
|
||||
logger?.LogInformation($"Employee Id: {user.EmployeeId} is already exist");
|
||||
return (false, null, $"Employee Id: {user.EmployeeId} is already exist");
|
||||
}
|
||||
}
|
||||
else
|
||||
{
|
||||
logger?.LogInformation($"Employee Id: {user.EmployeeId} cannot be added");
|
||||
return (false, null, $"Employee Id: {user.EmployeeId} cannot be added");
|
||||
}
|
||||
}
|
||||
catch (Exception ex)
|
||||
{
|
||||
logger?.LogError(ex.ToString());
|
||||
return (false, null, ex.Message);
|
||||
}
|
||||
}
|
||||
|
||||
public async Task<(bool IsSuccess, Models.User User, string ErrorMessage)> PutUserAsync(int Id, Models.User user)
|
||||
{
|
||||
try
|
||||
{
|
||||
if (user != null)
|
||||
{
|
||||
var _user = await userAccessDbContext.Users.Where(s => s.Id == Id).SingleOrDefaultAsync();
|
||||
|
||||
if (_user != null)
|
||||
{
|
||||
int count = userAccessDbContext.Users.Where(u => u.Id != user.Id && u.EmployeeId == user.EmployeeId).Count();
|
||||
if (count == 0)
|
||||
{
|
||||
_user.EmployeeId = user.EmployeeId;
|
||||
_user.RoleId = user.RoleId;
|
||||
_user.IsActive = user.IsActive;
|
||||
_user.UpdateDate = DateTime.Now;
|
||||
await userAccessDbContext.SaveChangesAsync();
|
||||
|
||||
|
||||
logger?.LogInformation($"Employee Id: {user.EmployeeId} updated successfuly");
|
||||
return (true, mapper.Map<Db.User, Models.User>(_user), $"Employee Id: {_user.EmployeeId} updated successfuly");
|
||||
}
|
||||
else
|
||||
{
|
||||
logger?.LogInformation($"Employee Id: {user.EmployeeId} is already exist");
|
||||
return (false, null, $"Employee Id: {user.EmployeeId} is already exist");
|
||||
}
|
||||
}
|
||||
else
|
||||
{
|
||||
logger?.LogInformation($"User Id : {Id} Not found");
|
||||
return (false, null, "Not Found");
|
||||
}
|
||||
}
|
||||
else
|
||||
{
|
||||
logger?.LogInformation($"User Id: {Id} Bad Request");
|
||||
return (false, null, "Bad request");
|
||||
}
|
||||
}
|
||||
catch (Exception ex)
|
||||
{
|
||||
logger?.LogError(ex.ToString());
|
||||
return (false, null, ex.Message);
|
||||
}
|
||||
}
|
||||
|
||||
public async Task<(bool IsSuccess, Models.User User, string ErrorMessage)> DeleteUserAsync(int Id)
|
||||
{
|
||||
try
|
||||
{
|
||||
var user = await userAccessDbContext.Users.Where(x => x.Id == Id).SingleOrDefaultAsync();
|
||||
|
||||
if (user != null)
|
||||
{
|
||||
userAccessDbContext.Users.Remove(user);
|
||||
await userAccessDbContext.SaveChangesAsync();
|
||||
logger?.LogInformation($"User Id: {Id} deleted Successfuly");
|
||||
return (true, mapper.Map<Db.User, Models.User>(user), $"User Id: {Id} deleted Successfuly");
|
||||
}
|
||||
else
|
||||
{
|
||||
logger?.LogInformation($"User Id : {Id} Not found");
|
||||
return (false, null, "Not Found");
|
||||
}
|
||||
}
|
||||
catch (Exception ex)
|
||||
{
|
||||
logger?.LogError(ex.ToString());
|
||||
return (false, null, ex.Message);
|
||||
}
|
||||
}
|
||||
|
||||
public async Task<(bool IsSuccess, TokenResponse TokenResponse, string ErrorMessage)> AuthenticateAsync(UserCredentials userCredentials)
|
||||
{
|
||||
|
||||
if (userCredentials != null)
|
||||
{
|
||||
//implementation for dadeschools authentication
|
||||
|
||||
var employee = await employeeServiceProvider.getEmployeeAsync(userCredentials.username);
|
||||
|
||||
if (employee != null)
|
||||
{
|
||||
var result = await GetUsersAsync();
|
||||
|
||||
if (result.IsSuccess)
|
||||
{
|
||||
var user = result.Users.Where(x => x.IsActive == true && x.EmployeeId.ToLower().Equals(userCredentials.username.ToLower())).SingleOrDefault();
|
||||
|
||||
if (user != null)
|
||||
{
|
||||
|
||||
var r = await GetRolesAsync();
|
||||
var role = r.Roles.Where(x => x.Id == user.RoleId).SingleOrDefault();
|
||||
|
||||
var authClaims = new List<Claim> {
|
||||
new Claim(ClaimTypes.Name, user.EmployeeId),
|
||||
new Claim(ClaimTypes.Role, role.Name),
|
||||
new Claim(JwtRegisteredClaimNames.Jti,Guid.NewGuid().ToString())
|
||||
|
||||
};
|
||||
|
||||
/// Generate Token
|
||||
var tokenhandler = new JwtSecurityTokenHandler();
|
||||
var tokenkey = Encoding.UTF8.GetBytes(jwtSettings.securitykey);
|
||||
var tokendesc = new SecurityTokenDescriptor
|
||||
{
|
||||
Audience = "",
|
||||
NotBefore = DateTime.Now,
|
||||
Subject = new ClaimsIdentity(authClaims),
|
||||
Expires = DateTime.Now.AddMinutes(30),
|
||||
SigningCredentials = new SigningCredentials(new SymmetricSecurityKey(tokenkey), SecurityAlgorithms.HmacSha256)
|
||||
};
|
||||
var token = tokenhandler.CreateToken(tokendesc);
|
||||
string finaltoken = tokenhandler.WriteToken(token);
|
||||
|
||||
var response = new TokenResponse() { jwttoken = finaltoken, refreshtoken = await tokenServiceProvider.GenerateToken(user) };
|
||||
|
||||
|
||||
return (true, response, "Authentication success and token issued.");
|
||||
|
||||
}
|
||||
else
|
||||
{
|
||||
return (false, null, "user inactive or not exist.");
|
||||
}
|
||||
}
|
||||
else
|
||||
{
|
||||
return (false, null, "users list empty.");
|
||||
}
|
||||
}
|
||||
else
|
||||
{
|
||||
return (false, null, "Employee not exist.");
|
||||
}
|
||||
}
|
||||
else
|
||||
{
|
||||
return (false, null, "Credentials are required to authenticate.");
|
||||
|
||||
}
|
||||
|
||||
}
|
||||
public async Task<(bool IsSuccess, IEnumerable<Models.Role> Roles, string ErrorMessage)> GetRolesAsync()
|
||||
{
|
||||
try
|
||||
{
|
||||
logger?.LogInformation("Gell all Roles from DB");
|
||||
var roles = await userAccessDbContext.Roles.ToListAsync();
|
||||
if (roles != null)
|
||||
{
|
||||
logger?.LogInformation($"{roles.Count} Items(s) found");
|
||||
var result = mapper.Map<IEnumerable<Db.Role>, IEnumerable<Models.Role>>(roles);
|
||||
return (true, result, null);
|
||||
}
|
||||
return (false, null, "Not found");
|
||||
}
|
||||
catch (Exception ex)
|
||||
{
|
||||
logger?.LogError(ex.ToString());
|
||||
return (false, null, ex.Message);
|
||||
}
|
||||
}
|
||||
|
||||
public async Task<(bool IsSuccess, Models.TokenResponse TokenResponse, string ErrorMessage)> RefreshTokenAsync(TokenResponse tokenResponse)
|
||||
{
|
||||
//Generate token
|
||||
var tokenhandler = new JwtSecurityTokenHandler();
|
||||
var tokenkey = Encoding.UTF8.GetBytes(this.jwtSettings.securitykey);
|
||||
SecurityToken securityToken;
|
||||
var principal = tokenhandler.ValidateToken(tokenResponse.jwttoken, new TokenValidationParameters
|
||||
{
|
||||
ValidateIssuerSigningKey = true,
|
||||
IssuerSigningKey = new SymmetricSecurityKey(tokenkey),
|
||||
ValidateIssuer = false,
|
||||
ValidateAudience = false,
|
||||
|
||||
}, out securityToken);
|
||||
|
||||
var token = securityToken as JwtSecurityToken;
|
||||
if (token != null && !token.Header.Alg.Equals(SecurityAlgorithms.HmacSha256))
|
||||
{
|
||||
return (false, null, "Unauthorized");
|
||||
}
|
||||
var username = principal.Identity?.Name;
|
||||
|
||||
var tokens = await userAccessDbContext.Tokens.ToListAsync();
|
||||
var users = await userAccessDbContext.Users.ToListAsync();
|
||||
|
||||
var user = (from u in users
|
||||
join t in tokens
|
||||
on u.Id equals t.UserId
|
||||
where u.EmployeeId == username
|
||||
&& t.RefreshToken == tokenResponse.refreshtoken
|
||||
select u).FirstOrDefault();
|
||||
|
||||
if (user == null)
|
||||
return (false, null, "Invalid Token Response object provided");
|
||||
|
||||
var _user = mapper.Map<Db.User, Models.User>(user);
|
||||
var response = tokenServiceProvider.TokenAuthenticate(_user, principal.Claims.ToArray()).Result;
|
||||
return (true, response, "Token authenticated and refreshed.");
|
||||
}
|
||||
|
||||
|
||||
}
|
||||
}
|
||||
@ -0,0 +1,8 @@
|
||||
{
|
||||
"Logging": {
|
||||
"LogLevel": {
|
||||
"Default": "Information",
|
||||
"Microsoft.AspNetCore": "Warning"
|
||||
}
|
||||
}
|
||||
}
|
||||
@ -0,0 +1,15 @@
|
||||
{
|
||||
"JwtSettings": {
|
||||
"securitykey": "bWlhbWkgZGFkZSBzY2hvb2xzIHNlY3JldCBrZXk="
|
||||
},
|
||||
"Logging": {
|
||||
"LogLevel": {
|
||||
"Default": "Information",
|
||||
"Microsoft.AspNetCore": "Warning"
|
||||
}
|
||||
},
|
||||
"EndPointSettings": {
|
||||
"EmployeeUrlBase": "http://localhost:5135"
|
||||
},
|
||||
"AllowedHosts": "*"
|
||||
}
|
||||
@ -37,6 +37,8 @@ Project("{9A19103F-16F7-4668-BE54-9A1E7A4F7556}") = "DamageAssesment.Api.Employe
|
||||
EndProject
|
||||
Project("{9A19103F-16F7-4668-BE54-9A1E7A4F7556}") = "DamageAssesment.Api.Employees.Test", "DamageAssesment.Api.Employees.Test\DamageAssesment.Api.Employees.Test.csproj", "{D6BF9AE9-72FA-4726-A326-35A35D27FFB8}"
|
||||
EndProject
|
||||
Project("{9A19103F-16F7-4668-BE54-9A1E7A4F7556}") = "DamageAssesment.Api.UsersAccess", "DamageAssesment.Api.UsersAccess\DamageAssesment.Api.UsersAccess.csproj", "{83177BB9-DD23-4A85-A000-D60F843D0835}"
|
||||
EndProject
|
||||
Global
|
||||
GlobalSection(SolutionConfigurationPlatforms) = preSolution
|
||||
Debug|Any CPU = Debug|Any CPU
|
||||
@ -64,6 +66,7 @@ Global
|
||||
{D11808FE-AD1C-4BA6-87FD-9D18B2DC81F2}.Release|Any CPU.ActiveCfg = Release|Any CPU
|
||||
{D11808FE-AD1C-4BA6-87FD-9D18B2DC81F2}.Release|Any CPU.Build.0 = Release|Any CPU
|
||||
{35CD9231-034D-4999-BCFC-1786DD007ED2}.Debug|Any CPU.ActiveCfg = Debug|Any CPU
|
||||
{35CD9231-034D-4999-BCFC-1786DD007ED2}.Debug|Any CPU.Build.0 = Debug|Any CPU
|
||||
{35CD9231-034D-4999-BCFC-1786DD007ED2}.Release|Any CPU.ActiveCfg = Release|Any CPU
|
||||
{35CD9231-034D-4999-BCFC-1786DD007ED2}.Release|Any CPU.Build.0 = Release|Any CPU
|
||||
{ADFB79E3-83C9-454F-A070-49D167BD28CC}.Debug|Any CPU.ActiveCfg = Debug|Any CPU
|
||||
@ -98,6 +101,10 @@ Global
|
||||
{D6BF9AE9-72FA-4726-A326-35A35D27FFB8}.Debug|Any CPU.Build.0 = Debug|Any CPU
|
||||
{D6BF9AE9-72FA-4726-A326-35A35D27FFB8}.Release|Any CPU.ActiveCfg = Release|Any CPU
|
||||
{D6BF9AE9-72FA-4726-A326-35A35D27FFB8}.Release|Any CPU.Build.0 = Release|Any CPU
|
||||
{83177BB9-DD23-4A85-A000-D60F843D0835}.Debug|Any CPU.ActiveCfg = Debug|Any CPU
|
||||
{83177BB9-DD23-4A85-A000-D60F843D0835}.Debug|Any CPU.Build.0 = Debug|Any CPU
|
||||
{83177BB9-DD23-4A85-A000-D60F843D0835}.Release|Any CPU.ActiveCfg = Release|Any CPU
|
||||
{83177BB9-DD23-4A85-A000-D60F843D0835}.Release|Any CPU.Build.0 = Release|Any CPU
|
||||
EndGlobalSection
|
||||
GlobalSection(SolutionProperties) = preSolution
|
||||
HideSolutionNode = FALSE
|
||||
|
||||
Reference in New Issue
Block a user