| 123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101 |
- using Microsoft.AspNetCore.Identity;
- using Microsoft.Extensions.Options;
- using Microsoft.IdentityModel.Tokens;
- using MTWorkHR.Application.Exceptions;
- using MTWorkHR.Application.Identity;
- using MTWorkHR.Application.Models;
- using MTWorkHR.Core;
- using MTWorkHR.Identity.Models;
- using System.IdentityModel.Tokens.Jwt;
- using System.Security.Claims;
- using System.Text;
- namespace MTWorkHR.Identity.Services
- {
- public class AuthService : IAuthService
- {
- private readonly UserManager<ApplicationUser> _userManager;
- private readonly SignInManager<ApplicationUser> _signInManager;
- private readonly JwtSettings _jwtSettings;
- public AuthService(UserManager<ApplicationUser> userManager, SignInManager<ApplicationUser> signInManager, IOptions<JwtSettings>jwtSettings)
- {
- _userManager = userManager;
- _signInManager = signInManager;
- _jwtSettings = jwtSettings.Value;
- }
- public async Task<AuthResponse> Login(AuthRequest request)
- {
- var user = await _userManager.FindByEmailAsync(request.Email);
- if(user == null)
- {
- throw new NotFoundException($"User with {request.Email} not found", request.Email);
- }
- var result = await _signInManager.CheckPasswordSignInAsync(user, request.Password, false);
- if(!result.Succeeded)
- {
- throw new BadRequest($"Credentials for '{request.Email} are not valid'.");
- }
- JwtSecurityToken jwtToken = await GenerateToken(user);
- var response = new AuthResponse
- {
- Id = user.Id,
- Email = user.Email,
- UserName = user.UserName,
- Token = new JwtSecurityTokenHandler().WriteToken( jwtToken)
- };
- return response;
- }
- public async Task<RegistrationResponse> Register(RegistrationRequest request)
- {
- var user = new ApplicationUser {
- Email = request.Email ,
- UserName = request.UserName ,
- FirstName = request.FirstName ,
- LastName = request.LastName ,
- EmailConfirmed = true
- };
- var result = await _userManager.CreateAsync(user, request.Password);
- if (result.Succeeded)
- {
- await _userManager.AddToRoleAsync(user, request.RoleName);
- return new RegistrationResponse(){ UserId = user.Id };
- }
- else
- {
- StringBuilder str = new StringBuilder();
- foreach (var err in result.Errors)
- {
- str.AppendFormat(".{0}\n", err.Description);
- }
- throw new BadRequest($"{str}");
- }
- }
- private async Task<JwtSecurityToken> GenerateToken(ApplicationUser user)
- {
- var userCalims = await _userManager.GetClaimsAsync(user);
- var roles = await _userManager.GetRolesAsync(user);
- var roleClaims = roles.Select(r => new Claim(ClaimTypes.Role, r)).ToList();
- var claims = new[]
- {
- new Claim(JwtRegisteredClaimNames.Sub, user.UserName),
- new Claim(JwtRegisteredClaimNames.Email, user.Email),
- new Claim(JwtRegisteredClaimNames.Jti, Guid.NewGuid().ToString()),
- new Claim("uid", user.Id)
- }.Union(userCalims)
- .Union(roleClaims);
- var symmetricSecurityKey = new SymmetricSecurityKey(Encoding.UTF8.GetBytes(_jwtSettings.SecretKey));
- var signingCredentials = new SigningCredentials(symmetricSecurityKey, SecurityAlgorithms.HmacSha256);
- var jwtSecurityToken = new JwtSecurityToken(
- issuer: _jwtSettings.Issuer,
- audience: _jwtSettings.Audience,
- claims: claims,
- expires: DateTime.Now.AddMinutes(_jwtSettings.DurationInMinutes),
- signingCredentials: signingCredentials
- );
- return jwtSecurityToken;
- }
-
- }
- }
|
