Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- [Authorize]
- [Authorize(Role="Admin")]
- public class Startup
- {
- public Startup(IConfiguration configuration)
- {
- Configuration = configuration;
- }
- public IConfiguration Configuration { get; }
- public void ConfigureServices(IServiceCollection services)
- {
- services.AddDbContext<QuotContext>(options =>
- options.UseSqlServer(Configuration.GetConnectionString("DefaultConnection")));
- services.AddIdentity<Member, IdentityRole>()
- .AddEntityFrameworkStores<QuotContext>()
- .AddDefaultTokenProviders();
- services.Configure<IdentityOptions>(options =>
- {
- // Password settings
- options.Password.RequireDigit = false;
- options.Password.RequiredLength = 4;
- options.Password.RequireNonAlphanumeric = false;
- options.Password.RequireUppercase = false;
- options.Password.RequireLowercase = false;
- options.Password.RequiredUniqueChars = 2;
- // Lockout settings
- options.Lockout.DefaultLockoutTimeSpan = TimeSpan.FromMinutes(30);
- options.Lockout.MaxFailedAccessAttempts = 10;
- options.Lockout.AllowedForNewUsers = true;
- // User settings
- options.User.RequireUniqueEmail = true;
- });
- services.AddLogging(builder =>
- {
- builder.AddConfiguration(Configuration.GetSection("Logging"))
- .AddConsole()
- .AddDebug();
- });
- JwtSecurityTokenHandler.DefaultInboundClaimTypeMap.Clear(); // => remove default claims
- services
- .AddAuthentication(options =>
- {
- options.DefaultAuthenticateScheme = JwtBearerDefaults.AuthenticationScheme;
- options.DefaultScheme = JwtBearerDefaults.AuthenticationScheme;
- options.DefaultChallengeScheme = JwtBearerDefaults.AuthenticationScheme;
- })
- .AddJwtBearer(cfg =>
- {
- cfg.RequireHttpsMetadata = false;
- cfg.SaveToken = true;
- cfg.TokenValidationParameters = new TokenValidationParameters
- {
- ValidIssuer = Configuration["JwtIssuer"],
- ValidAudience = Configuration["JwtIssuer"],
- IssuerSigningKey = new SymmetricSecurityKey(Encoding.UTF8.GetBytes(Configuration["JwtKey"])),
- ClockSkew = TimeSpan.Zero // remove delay of token when expire
- };
- });
- services.AddMvc();
- }
- public void Configure(IApplicationBuilder app, IHostingEnvironment env, IServiceProvider serviceProvider, QuotContext dbContext)
- {
- if (env.IsDevelopment())
- {
- app.UseDeveloperExceptionPage();
- app.UseBrowserLink();
- app.UseDatabaseErrorPage();
- }
- app.UseAuthentication();
- app.UseMvc();
- dbContext.Database.EnsureCreated();
- CreateRoles(serviceProvider).Wait();
- }
- private async Task CreateRoles(IServiceProvider serviceProvider)
- {
- //initializing custom roles
- var RoleManager = serviceProvider.GetRequiredService<RoleManager<IdentityRole>>();
- var UserManager = serviceProvider.GetRequiredService<UserManager<Member>>();
- string[] roleNames = { "Admin", "Member" };
- IdentityResult roleResult;
- foreach (var roleName in roleNames)
- {
- var roleExist = await RoleManager.RoleExistsAsync(roleName);
- if (!roleExist)
- roleResult = await RoleManager.CreateAsync(new IdentityRole(roleName));
- }
- var poweruser = new Member
- {
- UserName = Configuration["AppSettings:AdminEmail"],
- Email = Configuration["AppSettings:AdminEmail"],
- };
- string password = Configuration["AppSettings:AdminPassword"];
- var user = await UserManager.FindByEmailAsync(Configuration["AppSettings:AdminEmail"]);
- if (user == null)
- {
- var createPowerUser = await UserManager.CreateAsync(poweruser, password);
- if (createPowerUser.Succeeded)
- await UserManager.AddToRoleAsync(poweruser, "Admin");
- }
- }
- }
- [Authorize]
- public class MembersController : Controller
- {
- private readonly QuotContext _context;
- private readonly UserManager<Member> _userManager;
- private readonly SignInManager<Member> _signInManager;
- private readonly ILogger<MembersController> _logger;
- private readonly IConfiguration _configuration;
- public MembersController(QuotContext context, UserManager<Member> userManager,
- SignInManager<Member> signInManager, ILogger<MembersController> logger,
- IConfiguration configuration)
- {
- _context = context;
- _userManager = userManager;
- _signInManager = signInManager;
- _logger = logger;
- _configuration = configuration;
- }
- [HttpPost("register")]
- [AllowAnonymous]
- public async Task<IActionResult> Register([FromBody] RegisterModel model)
- {
- if (ModelState.IsValid)
- {
- var newMember = new Member
- {
- UserName = model.Email,
- Email = model.Email,
- PostCount = 0,
- Reputation = 10,
- ProfilePicture = "default.png"
- };
- var result = await _userManager.CreateAsync(newMember, model.Password);
- if (result.Succeeded)
- {
- _logger.LogInformation(1, "User registered.");
- await _signInManager.SignInAsync(newMember, false);
- return Ok(new { token = BuildToken(model.Email, newMember) });
- }
- _logger.LogInformation(1, "Registeration failed.");
- return BadRequest();
- }
- return BadRequest();
- }
- [HttpPost("login")]
- [AllowAnonymous]
- public async Task<IActionResult> Login([FromBody] LoginModel model)
- {
- if (ModelState.IsValid)
- {
- var result = await _signInManager.PasswordSignInAsync(model.Email,
- model.Password, model.RememberMe, lockoutOnFailure: false);
- if (result.Succeeded)
- {
- _logger.LogInformation(1, "User logged in." + _configuration["AppSettings:AdminPassword"]);
- var member = _userManager.Users.SingleOrDefault(r => r.Email == model.Email);
- return Ok(new { token = BuildToken(model.Email, member) });
- }
- _logger.LogInformation(1, "Login failed.");
- return BadRequest();
- }
- return BadRequest(ModelState);
- }
- private string BuildToken(string email, Member member)
- {
- var claims = new List<Claim>
- {
- new Claim(JwtRegisteredClaimNames.Sub, email),
- new Claim(JwtRegisteredClaimNames.Jti, Guid.NewGuid().ToString()),
- new Claim(ClaimTypes.NameIdentifier, member.Id)
- };
- var key = new SymmetricSecurityKey(Encoding.UTF8.GetBytes(_configuration["JwtKey"]));
- var creds = new SigningCredentials(key, SecurityAlgorithms.HmacSha256);
- var expires = DateTime.Now.AddDays(Convert.ToDouble(_configuration["JwtExpireDays"]));
- var token = new JwtSecurityToken(
- _configuration["JwtIssuer"],
- _configuration["JwtIssuer"],
- claims,
- expires: expires,
- signingCredentials: creds
- );
- return new JwtSecurityTokenHandler().WriteToken(token);
- }
- }
- public class AuthorsController : Controller
- {
- private readonly QuotContext _context;
- public AuthorsController(QuotContext context)
- {
- _context = context;
- }
- [HttpGet]
- [Authorize]
- public IEnumerable<Author> GetAuthors()
- {
- return _context.Authors;
- }
- [HttpPost]
- [Authorize(Roles = "Admin")]
- public async Task<IActionResult> PostAuthor([FromBody] Author author)
- {
- if (!ModelState.IsValid)
- {
- return BadRequest(ModelState);
- }
- _context.Authors.Add(author);
- await _context.SaveChangesAsync();
- return StatusCode(201);
- }
- }
Add Comment
Please, Sign In to add comment