diff --git a/Back/skydiveLogs-api/Controllers/UserController.cs b/Back/skydiveLogs-api/Controllers/UserController.cs index 493711f..6276f08 100644 --- a/Back/skydiveLogs-api/Controllers/UserController.cs +++ b/Back/skydiveLogs-api/Controllers/UserController.cs @@ -3,6 +3,8 @@ using Microsoft.AspNetCore.Cors; using Microsoft.AspNetCore.Authorization; using Microsoft.IdentityModel.Tokens; using System.IdentityModel.Tokens.Jwt; +using Microsoft.Extensions.Configuration; +using System.Linq; using AutoMapper; @@ -13,7 +15,7 @@ using skydiveLogs_api.Model; using System; using System.Text; using System.Security.Claims; - +using System.Collections.Generic; namespace skydiveLogs_api.Controllers { @@ -22,10 +24,14 @@ namespace skydiveLogs_api.Controllers public class UserController : ControllerBase { public UserController(IUserService userService, - IMapper mapper) + IMapper mapper, + IConfiguration configuration) { _userService = userService; _mapper = mapper; + _jwtConf = configuration.GetSection("JWT") + .GetChildren() + .ToDictionary(d => d.Key, d => d.Value); } // POST: api/User @@ -45,7 +51,7 @@ namespace skydiveLogs_api.Controllers { foundUser.Password = null; var resp = _mapper.Map(foundUser); - resp.Token = CreateToken(value); + resp.Token = CreateToken(resp); result = Ok(resp); } @@ -62,34 +68,26 @@ namespace skydiveLogs_api.Controllers _userService.AddNewUser(_mapper.Map(value)); } - private string CreateToken(UserReq model) + private string CreateToken(UserResp foundUser) { - //var tokenHandler = new JwtSecurityTokenHandler(); - //var key = Encoding.ASCII.GetBytes("azertyuiopqsdfghjklmwxcvbn"); - //var tokenDescriptor = new SecurityTokenDescriptor - //{ - // Subject = new ClaimsIdentity(new Claim[] - // { - // new Claim(ClaimTypes.Name, model.Login) - // }), - // Expires = DateTime.UtcNow.AddMinutes(30), - // SigningCredentials = new SigningCredentials(new SymmetricSecurityKey(key), SecurityAlgorithms.HmacSha256Signature) - //}; - //var token = tokenHandler.CreateToken(tokenDescriptor); - //return tokenHandler.WriteToken(token); - - var key = new SymmetricSecurityKey(System.Text.Encoding.UTF8.GetBytes("azertyuiopqsdfghjklmwxcvbn" /* this._configuration["jwt:key"] */)); + var key = new SymmetricSecurityKey(Encoding.UTF8.GetBytes(_jwtConf["Key"])); var credentials = new SigningCredentials(key, SecurityAlgorithms.HmacSha256); - var token = new JwtSecurityToken("toto" /* this._configuration["jwt:issuer"] */, - "toto" /* this._configuration["jwt:issuer"] */, - expires: System.DateTime.Now.AddMinutes(30), - signingCredentials: credentials); + var token = new JwtSecurityToken(issuer: _jwtConf["Issuer"], + audience: _jwtConf["Issuer"], + expires: DateTime.Now.AddDays(1), + signingCredentials: credentials, + claims: new Claim[] + { + new Claim(ClaimTypes.Name, foundUser.Login), + new Claim(ClaimTypes.UserData, foundUser.Id.ToString()) + }); return new JwtSecurityTokenHandler().WriteToken(token); } private readonly IUserService _userService; private readonly IMapper _mapper; + private readonly Dictionary _jwtConf; } } diff --git a/Back/skydiveLogs-api/Startup.cs b/Back/skydiveLogs-api/Startup.cs index 317cd6e..c020106 100644 --- a/Back/skydiveLogs-api/Startup.cs +++ b/Back/skydiveLogs-api/Startup.cs @@ -29,6 +29,9 @@ namespace skydiveLogs_api .SetCompatibilityVersion(CompatibilityVersion.Version_3_0); // JWT + var jwtConf = Configuration.GetSection("JWT") + .GetChildren() + .ToDictionary(d => d.Key, d => d.Value); services.AddAuthentication(JwtBearerDefaults.AuthenticationScheme) .AddJwtBearer(options => { @@ -39,29 +42,11 @@ namespace skydiveLogs_api ValidateAudience = true, ValidateLifetime = true, ValidateIssuerSigningKey = true, - ValidIssuer = "toto", // Configuration["jwt:issuer"], - ValidAudience = "toto", // Configuration["jwt:issuer"], - IssuerSigningKey = new SymmetricSecurityKey(Encoding.UTF8.GetBytes("azertyuiopqsdfghjklmwxcvbn" /* this.Configuration["jwt:key"] */)) + ValidIssuer = jwtConf["Issuer"], + ValidAudience = jwtConf["Issuer"], + IssuerSigningKey = new SymmetricSecurityKey(Encoding.UTF8.GetBytes(jwtConf["Key"])) }; }); - //var key = Encoding.ASCII.GetBytes("azertyuiopqsdfghjklmwxcvbn"); - //services.AddAuthentication(x => - //{ - // x.DefaultAuthenticateScheme = JwtBearerDefaults.AuthenticationScheme; - // x.DefaultChallengeScheme = JwtBearerDefaults.AuthenticationScheme; - //}) - //.AddJwtBearer(x => - //{ - // x.RequireHttpsMetadata = false; - // x.SaveToken = true; - // x.TokenValidationParameters = new TokenValidationParameters - // { - // ValidateIssuerSigningKey = true, - // IssuerSigningKey = new SymmetricSecurityKey(key), - // ValidateIssuer = false, - // ValidateAudience = false - // }; - //}); // CORS var corsConf = Configuration.GetSection("Cors") diff --git a/Back/skydiveLogs-api/appsettings.Development.json b/Back/skydiveLogs-api/appsettings.Development.json index df5d901..a639a5a 100644 --- a/Back/skydiveLogs-api/appsettings.Development.json +++ b/Back/skydiveLogs-api/appsettings.Development.json @@ -9,6 +9,10 @@ "Cors": { "FrontUrl": "http://localhost:4200" }, + "JWT": { + "Issuer": "NoIdea", + "Key": "the very long and strong passphrase to crypt the token for DEV" + }, "AllowedHosts": "*", "ConnectionStrings": { "DefaultConnection": "Filename=./Data/JumpsDb.db" diff --git a/Back/skydiveLogs-api/appsettings.Release.json b/Back/skydiveLogs-api/appsettings.Release.json index 04dadd3..d231955 100644 --- a/Back/skydiveLogs-api/appsettings.Release.json +++ b/Back/skydiveLogs-api/appsettings.Release.json @@ -7,6 +7,10 @@ "Cors": { "FrontUrl": "https://skydivelogsangular.z6.web.core.windows.net" }, + "JWT": { + "Issuer": "NoIdea", + "Key": "the very long and strong passphrase to crypt the token for RELEASE" + }, "AllowedHosts": "*", "ConnectionStrings": { "DefaultConnection": "Filename=./Data/JumpsDb.db" diff --git a/Back/skydiveLogs-api/appsettings.json b/Back/skydiveLogs-api/appsettings.json index a464752..58a8453 100644 --- a/Back/skydiveLogs-api/appsettings.json +++ b/Back/skydiveLogs-api/appsettings.json @@ -9,6 +9,10 @@ "Cors": { "FrontUrl": "http://localhost:4200" }, + "JWT": { + "Issuer": "NoIdea", + "Key": "the very long and strong passphrase to crypt the token" + }, "AllowedHosts": "*", "ConnectionStrings": { "DefaultConnection": "Filename=./Data/JumpsDb.db"