Auth

2018-10-05 01:51:23 +02:00
parent d2c1a9d5f9
commit 335c496133
6 changed files with 343 additions and 6 deletions
--- a/LaDOSE.Src/LaDOSE.Api/Controllers/UsersController.cs
+++ b/LaDOSE.Src/LaDOSE.Api/Controllers/UsersController.cs
@@ -0,0 +1,106 @@
+using System;
+using System.Collections.Generic;
+using System.IdentityModel.Tokens.Jwt;
+using System.Linq;
+using System.Security.Claims;
+using System.Text;
+using System.Threading.Tasks;
+using LaDOSE.Api.Services;
+using LaDOSE.Entity;
+using Microsoft.AspNetCore.Authorization;
+using Microsoft.AspNetCore.Mvc;
+using Microsoft.Extensions.Options;
+using Microsoft.IdentityModel.Tokens;
+
+namespace LaDOSE.Api.Controllers
+{
+    [Authorize]
+    [ApiController]
+    [Route("[controller]")]
+    public class UsersController : ControllerBase
+    {
+        private IUserService _userService;
+
+
+        public UsersController(
+            IUserService userService
+        )
+        {
+            _userService = userService;
+           
+        }
+
+        [AllowAnonymous]
+        [HttpGet("test")]
+        public String Test()
+        {
+            return "DEAD";
+        }
+
+
+       
+        [HttpGet("test2")]
+        public String Test2()
+        {
+            return "DEAD";
+        }
+
+
+        [AllowAnonymous]
+        [HttpPost("authenticate")]
+        public IActionResult Authenticate([FromBody]ApplicationUser userDto)
+        {
+            var user = _userService.Authenticate(userDto.Username, userDto.Password);
+
+            if (user == null)
+                return BadRequest(new { message = "Username or password is incorrect" });
+
+            var tokenHandler = new JwtSecurityTokenHandler();
+            var key = Encoding.ASCII.GetBytes("this is my custom Secret key for authnetication");
+            var tokenDescriptor = new SecurityTokenDescriptor
+            {
+                Subject = new ClaimsIdentity(new Claim[]
+                {
+                    new Claim(ClaimTypes.Name, user.Id.ToString())
+                }),
+                Expires = DateTime.UtcNow.AddDays(7),
+                SigningCredentials = new SigningCredentials(new SymmetricSecurityKey(key), SecurityAlgorithms.HmacSha256Signature)
+            };
+            var token = tokenHandler.CreateToken(tokenDescriptor);
+            var tokenString = tokenHandler.WriteToken(token);
+
+            // return basic user info (without password) and token to store client side
+            return Ok(new
+            {
+                Id = user.Id,
+                Username = user.Username,
+                FirstName = user.FirstName,
+                LastName = user.LastName,
+                Token = tokenString
+            });
+        }
+
+        [AllowAnonymous]
+        [HttpPost("register")]
+        public IActionResult Register([FromBody]ApplicationUser userDto)
+        {
+            // map dto to entity
+     
+
+            try
+            {
+                // save 
+                _userService.Create(userDto, userDto.Password);
+                return Ok();
+            }
+            catch (Exception ex)
+            {
+                // return error message if there was an exception
+                return BadRequest(new { message = ex.Message });
+            }
+        }
+
+
+    }
+
+}