[Authorize] [Authorize(Role="Admin")] public class Startup{ public

1. [Authorize]
2.  
3. [Authorize(Role="Admin")]
4.  
5. public class Startup
6. {
7. public Startup(IConfiguration configuration)
8. {
9. Configuration = configuration;
10. }
11.  
12. public IConfiguration Configuration { get; }
13.  
14.  
15. public void ConfigureServices(IServiceCollection services)
16. {
17. services.AddDbContext<QuotContext>(options =>
18. options.UseSqlServer(Configuration.GetConnectionString("DefaultConnection")));
19.  
20. services.AddIdentity<Member, IdentityRole>()
21. .AddEntityFrameworkStores<QuotContext>()
22. .AddDefaultTokenProviders();
23.  
24. services.Configure<IdentityOptions>(options =>
25. {
26. // Password settings
27. options.Password.RequireDigit = false;
28. options.Password.RequiredLength = 4;
29. options.Password.RequireNonAlphanumeric = false;
30. options.Password.RequireUppercase = false;
31. options.Password.RequireLowercase = false;
32. options.Password.RequiredUniqueChars = 2;
33.  
34. // Lockout settings
35. options.Lockout.DefaultLockoutTimeSpan = TimeSpan.FromMinutes(30);
36. options.Lockout.MaxFailedAccessAttempts = 10;
37. options.Lockout.AllowedForNewUsers = true;
38.  
39. // User settings
40. options.User.RequireUniqueEmail = true;
41. });
42.  
43.  
44. services.AddLogging(builder =>
45. {
46. builder.AddConfiguration(Configuration.GetSection("Logging"))
47. .AddConsole()
48. .AddDebug();
49. });
50.  
51. JwtSecurityTokenHandler.DefaultInboundClaimTypeMap.Clear(); // => remove default claims
52.  
53. services
54. .AddAuthentication(options =>
55. {
56. options.DefaultAuthenticateScheme = JwtBearerDefaults.AuthenticationScheme;
57. options.DefaultScheme = JwtBearerDefaults.AuthenticationScheme;
58. options.DefaultChallengeScheme = JwtBearerDefaults.AuthenticationScheme;
59.  
60. })
61. .AddJwtBearer(cfg =>
62. {
63. cfg.RequireHttpsMetadata = false;
64. cfg.SaveToken = true;
65. cfg.TokenValidationParameters = new TokenValidationParameters
66. {
67. ValidIssuer = Configuration["JwtIssuer"],
68. ValidAudience = Configuration["JwtIssuer"],
69. IssuerSigningKey = new SymmetricSecurityKey(Encoding.UTF8.GetBytes(Configuration["JwtKey"])),
70. ClockSkew = TimeSpan.Zero // remove delay of token when expire
71. };
72. });
73.  
74. services.AddMvc();
75. }
76.  
77.  
78. public void Configure(IApplicationBuilder app, IHostingEnvironment env, IServiceProvider serviceProvider, QuotContext dbContext)
79. {
80. if (env.IsDevelopment())
81. {
82. app.UseDeveloperExceptionPage();
83. app.UseBrowserLink();
84. app.UseDatabaseErrorPage();
85. }
86.  
87. app.UseAuthentication();
88.  
89. app.UseMvc();
90.  
91. dbContext.Database.EnsureCreated();
92.  
93. CreateRoles(serviceProvider).Wait();
94. }
95.  
96. private async Task CreateRoles(IServiceProvider serviceProvider)
97. {
98. //initializing custom roles
99. var RoleManager = serviceProvider.GetRequiredService<RoleManager<IdentityRole>>();
100. var UserManager = serviceProvider.GetRequiredService<UserManager<Member>>();
101. string[] roleNames = { "Admin", "Member" };
102. IdentityResult roleResult;
103.  
104. foreach (var roleName in roleNames)
105. {
106. var roleExist = await RoleManager.RoleExistsAsync(roleName);
107. if (!roleExist)
108. roleResult = await RoleManager.CreateAsync(new IdentityRole(roleName));
109. }
110.  
111. var poweruser = new Member
112. {
113. UserName = Configuration["AppSettings:AdminEmail"],
114. Email = Configuration["AppSettings:AdminEmail"],
115. };
116.  
117. string password = Configuration["AppSettings:AdminPassword"];
118. var user = await UserManager.FindByEmailAsync(Configuration["AppSettings:AdminEmail"]);
119.  
120. if (user == null)
121. {
122. var createPowerUser = await UserManager.CreateAsync(poweruser, password);
123. if (createPowerUser.Succeeded)
124. await UserManager.AddToRoleAsync(poweruser, "Admin");
125. }
126. }
127. }
128.  
129. [Authorize]
130. public class MembersController : Controller
131. {
132. private readonly QuotContext _context;
133. private readonly UserManager<Member> _userManager;
134. private readonly SignInManager<Member> _signInManager;
135. private readonly ILogger<MembersController> _logger;
136. private readonly IConfiguration _configuration;
137.  
138. public MembersController(QuotContext context, UserManager<Member> userManager,
139. SignInManager<Member> signInManager, ILogger<MembersController> logger,
140. IConfiguration configuration)
141. {
142. _context = context;
143. _userManager = userManager;
144. _signInManager = signInManager;
145. _logger = logger;
146. _configuration = configuration;
147. }
148.  
149. [HttpPost("register")]
150. [AllowAnonymous]
151. public async Task<IActionResult> Register([FromBody] RegisterModel model)
152. {
153. if (ModelState.IsValid)
154. {
155. var newMember = new Member
156. {
157. UserName = model.Email,
158. Email = model.Email,
159. PostCount = 0,
160. Reputation = 10,
161. ProfilePicture = "default.png"
162. };
163.  
164. var result = await _userManager.CreateAsync(newMember, model.Password);
165.  
166. if (result.Succeeded)
167. {
168. _logger.LogInformation(1, "User registered.");
169. await _signInManager.SignInAsync(newMember, false);
170.  
171. return Ok(new { token = BuildToken(model.Email, newMember) });
172. }
173.  
174. _logger.LogInformation(1, "Registeration failed.");
175. return BadRequest();
176. }
177.  
178. return BadRequest();
179. }
180.  
181. [HttpPost("login")]
182. [AllowAnonymous]
183. public async Task<IActionResult> Login([FromBody] LoginModel model)
184. {
185. if (ModelState.IsValid)
186. {
187. var result = await _signInManager.PasswordSignInAsync(model.Email,
188. model.Password, model.RememberMe, lockoutOnFailure: false);
189.  
190. if (result.Succeeded)
191. {
192. _logger.LogInformation(1, "User logged in." + _configuration["AppSettings:AdminPassword"]);
193. var member = _userManager.Users.SingleOrDefault(r => r.Email == model.Email);
194.  
195. return Ok(new { token = BuildToken(model.Email, member) });
196. }
197.  
198. _logger.LogInformation(1, "Login failed.");
199. return BadRequest();
200. }
201.  
202. return BadRequest(ModelState);
203. }
204.  
205. private string BuildToken(string email, Member member)
206. {
207. var claims = new List<Claim>
208. {
209. new Claim(JwtRegisteredClaimNames.Sub, email),
210. new Claim(JwtRegisteredClaimNames.Jti, Guid.NewGuid().ToString()),
211. new Claim(ClaimTypes.NameIdentifier, member.Id)
212. };
213.  
214. var key = new SymmetricSecurityKey(Encoding.UTF8.GetBytes(_configuration["JwtKey"]));
215. var creds = new SigningCredentials(key, SecurityAlgorithms.HmacSha256);
216. var expires = DateTime.Now.AddDays(Convert.ToDouble(_configuration["JwtExpireDays"]));
217.  
218. var token = new JwtSecurityToken(
219. _configuration["JwtIssuer"],
220. _configuration["JwtIssuer"],
221. claims,
222. expires: expires,
223. signingCredentials: creds
224. );
225.  
226. return new JwtSecurityTokenHandler().WriteToken(token);
227. }
228.  
229. }
230.  
231. public class AuthorsController : Controller
232. {
233. private readonly QuotContext _context;
234.  
235. public AuthorsController(QuotContext context)
236. {
237. _context = context;
238. }
239.  
240. [HttpGet]
241. [Authorize]
242. public IEnumerable<Author> GetAuthors()
243. {
244. return _context.Authors;
245. }
246.  
247. [HttpPost]
248. [Authorize(Roles = "Admin")]
249. public async Task<IActionResult> PostAuthor([FromBody] Author author)
250. {
251. if (!ModelState.IsValid)
252. {
253. return BadRequest(ModelState);
254. }
255.  
256. _context.Authors.Add(author);
257. await _context.SaveChangesAsync();
258.  
259. return StatusCode(201);
260. }
261. }