Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- import { Aurelia } from 'aurelia-framework';
- import 'src/helpers/exceptionHelpers'
- import config from "./auth-config";
- export function configure(aurelia: Aurelia) {
- aurelia.use
- .standardConfiguration()
- .feature('src/resources')
- .developmentLogging()
- .plugin('aurelia-dialog')
- .plugin('aurelia-api', config => {
- // Register an authentication hosts
- config.registerEndpoint('auth', 'http://localhost:7987/auth/');
- })
- .plugin('aurelia-authentication', (baseConfig) => {
- baseConfig.configure(config);
- });
- aurelia.start().then(x => x.setRoot('src/app'));
- }
- var config = {
- endpoint: 'auth', // use 'auth' endpoint for the auth server
- configureEndpoints: ['auth'], // add Authorization header to 'auth' endpoint
- // The API specifies that new users register at the POST /users enpoint
- signupUrl: null,
- // The API endpoint used in profile requests (inc. `find/get` and `update`)
- profileUrl: null,
- // Logins happen at the POST /sessions/create endpoint
- loginUrl: '',
- // The API serves its tokens with a key of id_token which differs from
- // aurelia-auth's standard
- accessTokenName: 'SessionId',
- // Once logged in, we want to redirect the user to the welcome view
- loginRedirect: '#/pending',
- // The SPA url to which the user is redirected after a successful logout
- logoutRedirect: '#/login',
- // The SPA route used when an unauthenticated user tries to access an SPA page that requires authentication
- loginRoute : '#/help'
- };
- export default config;
- import { AuthService } from 'aurelia-authentication';
- import { inject, computedFrom } from 'aurelia-framework';
- @inject(AuthService)
- export class Login {
- heading: string;
- auth: AuthService;
- userName: string;
- password: string;
- constructor(authService) {
- this.auth = authService;
- this.heading = 'Login';
- }
- login() {
- var credentials = {
- username: this.userName,
- password: this.password,
- grant_type: "password"
- };
- return this.auth.login(credentials,
- { headers: { 'Content-Type': 'application/x-www-form-urlencoded' } }
- ).then(response => {
- console.log("success logged " + response);
- })
- .catch(err => {
- console.log("login failure");
- });
- };
- }
- public override void Configure(Container container)
- {
- var privateKey = RsaUtils.CreatePrivateKeyParams(RsaKeyLengths.Bit2048);
- var publicKey = privateKey.ToPublicRsaParameters();
- var privateKeyXml = privateKey.ToPrivateKeyXml();
- var publicKeyXml = privateKey.ToPublicKeyXml();
- SetConfig(new HostConfig
- {
- #if DEBUG
- DebugMode = true,
- WebHostPhysicalPath = Path.GetFullPath(Path.Combine("~".MapServerPath(), "..", "..")),
- #endif
- });
- container.RegisterAs<LDAPAuthProvider, IAuthProvider>();
- container.Register<ICacheClient>(new MemoryCacheClient { FlushOnDispose = false });
- container.RegisterAs<MemoryCacheClient, ICacheClient>();
- Plugins.Add(new AuthFeature(() => new AuthUserSession(),
- new[] {
- container.Resolve<IAuthProvider>(),
- new JwtAuthProvider {
- HashAlgorithm = "RS256",
- PrivateKeyXml = privateKeyXml,
- RequireSecureConnection = false,
- }
- })
- {
- HtmlRedirect = "~/#/pending",
- IncludeRegistrationService = false,
- IncludeAssignRoleServices = false,
- MaxLoginAttempts = Settings.Default.MaxLoginAttempts
- });
- }
- public class LDAPAuthProvider : CredentialsAuthProvider
- {
- private readonly IHoldingsManagerSettings _settings;
- public LDAPAuthProvider(IHoldingsManagerSettings settings)
- {
- _settings = settings;
- }
- public override bool TryAuthenticate(IServiceBase authService, string userName, string password)
- {
- //Check to see if the username/password combo is valid, an exception will be thrown if the username or password is wrong
- try
- {
- var entry = new DirectoryEntry($"LDAP://{_settings.Domain}", userName, password);
- var nativeObject = entry.NativeObject;
- using (var identity = new WindowsIdentity(userName))
- {
- var principal = new WindowsPrincipal(identity);
- return principal.IsInRole(_settings.AdminGroupName);
- }
- }
- catch (Exception)
- {
- //This means the username/password combo failed
- return false;
- }
- }
- public override IHttpResult OnAuthenticated(IServiceBase authService,
- IAuthSession session,
- IAuthTokens tokens,
- Dictionary<string, string> authInfo)
- {
- //Fill IAuthSession with data you want to retrieve in the app eg:
- session.DisplayName = "Testy McTesterson";
- //...
- //Call base method to Save Session and fire Auth/Session callbacks:
- return base.OnAuthenticated(authService, session, tokens, authInfo);
- //Alternatively avoid built-in behavior and explicitly save session with
- //authService.SaveSession(session, SessionExpiry);
- //return null;
- }
- }
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement