Add few config to create the token

2020-03-20 15:10:18 +01:00
parent 8dc6310080
commit 7bad7e80d5
5 changed files with 39 additions and 44 deletions
--- a/Back/skydiveLogs-api/Controllers/UserController.cs
+++ b/Back/skydiveLogs-api/Controllers/UserController.cs
@@ -3,6 +3,8 @@ using Microsoft.AspNetCore.Cors;
 using Microsoft.AspNetCore.Authorization;
 using Microsoft.IdentityModel.Tokens;
 using System.IdentityModel.Tokens.Jwt;
 using Microsoft.Extensions.Configuration;
 using System.Linq;
 using AutoMapper;
@@ -13,7 +15,7 @@ using skydiveLogs_api.Model;
 using System;
 using System.Text;
 using System.Security.Claims;
-
+using System.Collections.Generic;
 namespace skydiveLogs_api.Controllers
 {
@@ -22,10 +24,14 @@ namespace skydiveLogs_api.Controllers
    public class UserController : ControllerBase
    {
        public UserController(IUserService userService,
-                              IMapper mapper)
+                              IMapper mapper,
                              IConfiguration configuration)
        {
            _userService = userService;
            _mapper = mapper;
            _jwtConf = configuration.GetSection("JWT")
                                    .GetChildren()
                                    .ToDictionary(d => d.Key, d => d.Value);
        }
        // POST: api/User
@@ -45,7 +51,7 @@ namespace skydiveLogs_api.Controllers
            {
                foundUser.Password = null;
                var resp = _mapper.Map<UserResp>(foundUser);
-                resp.Token = CreateToken(value);
+                resp.Token = CreateToken(resp);
                result = Ok(resp);
            }
@@ -62,34 +68,26 @@ namespace skydiveLogs_api.Controllers
            _userService.AddNewUser(_mapper.Map<User>(value));
        }
-        private string CreateToken(UserReq model)
+        private string CreateToken(UserResp foundUser)
        {
-            //var tokenHandler = new JwtSecurityTokenHandler();
+            var key = new SymmetricSecurityKey(Encoding.UTF8.GetBytes(_jwtConf["Key"]));
            //var key = Encoding.ASCII.GetBytes("azertyuiopqsdfghjklmwxcvbn");
            //var tokenDescriptor = new SecurityTokenDescriptor
            //{
            //    Subject = new ClaimsIdentity(new Claim[]
            //    {
            //        new Claim(ClaimTypes.Name, model.Login)
            //    }),
            //    Expires = DateTime.UtcNow.AddMinutes(30),
            //    SigningCredentials = new SigningCredentials(new SymmetricSecurityKey(key), SecurityAlgorithms.HmacSha256Signature)
            //};
            //var token = tokenHandler.CreateToken(tokenDescriptor);
            //return tokenHandler.WriteToken(token);
            var key = new SymmetricSecurityKey(System.Text.Encoding.UTF8.GetBytes("azertyuiopqsdfghjklmwxcvbn" /* this._configuration["jwt:key"] */));
            var credentials = new SigningCredentials(key, SecurityAlgorithms.HmacSha256);
-            var token = new JwtSecurityToken("toto" /* this._configuration["jwt:issuer"] */,
+            var token = new JwtSecurityToken(issuer: _jwtConf["Issuer"],
-                                             "toto" /* this._configuration["jwt:issuer"] */,
+                                             audience: _jwtConf["Issuer"],
-                                             expires: System.DateTime.Now.AddMinutes(30),
+                                             expires: DateTime.Now.AddDays(1),
-                                             signingCredentials: credentials);
+                                             signingCredentials: credentials,
                                             claims: new Claim[]
                                             {
                                                new Claim(ClaimTypes.Name, foundUser.Login),
                                                new Claim(ClaimTypes.UserData, foundUser.Id.ToString())
                                             });
            return new JwtSecurityTokenHandler().WriteToken(token);
        }
        private readonly IUserService _userService;
        private readonly IMapper _mapper;
        private readonly Dictionary<string, string> _jwtConf;
    }
 }
--- a/Back/skydiveLogs-api/Startup.cs
+++ b/Back/skydiveLogs-api/Startup.cs
@@ -29,6 +29,9 @@ namespace skydiveLogs_api
                    .SetCompatibilityVersion(CompatibilityVersion.Version_3_0);
            // JWT
            var jwtConf = Configuration.GetSection("JWT")
                                       .GetChildren()
                                       .ToDictionary(d => d.Key, d => d.Value);
            services.AddAuthentication(JwtBearerDefaults.AuthenticationScheme)
                    .AddJwtBearer(options =>
                    {
@@ -39,29 +42,11 @@ namespace skydiveLogs_api
                            ValidateAudience = true,
                            ValidateLifetime = true,
                            ValidateIssuerSigningKey = true,
-                            ValidIssuer = "toto", // Configuration["jwt:issuer"],
+                            ValidIssuer = jwtConf["Issuer"],
-                            ValidAudience = "toto", // Configuration["jwt:issuer"],
+                            ValidAudience = jwtConf["Issuer"],
-                            IssuerSigningKey = new SymmetricSecurityKey(Encoding.UTF8.GetBytes("azertyuiopqsdfghjklmwxcvbn" /* this.Configuration["jwt:key"] */))
+                            IssuerSigningKey = new SymmetricSecurityKey(Encoding.UTF8.GetBytes(jwtConf["Key"]))
                        };
                    });
            //var key = Encoding.ASCII.GetBytes("azertyuiopqsdfghjklmwxcvbn");
            //services.AddAuthentication(x =>
            //{
            //    x.DefaultAuthenticateScheme = JwtBearerDefaults.AuthenticationScheme;
            //    x.DefaultChallengeScheme = JwtBearerDefaults.AuthenticationScheme;
            //})
            //.AddJwtBearer(x =>
            //{
            //    x.RequireHttpsMetadata = false;
            //    x.SaveToken = true;
            //    x.TokenValidationParameters = new TokenValidationParameters
            //    {
            //        ValidateIssuerSigningKey = true,
            //        IssuerSigningKey = new SymmetricSecurityKey(key),
            //        ValidateIssuer = false,
            //        ValidateAudience = false
            //    };
            //});
            // CORS
            var corsConf = Configuration.GetSection("Cors")
--- a/Back/skydiveLogs-api/appsettings.Development.json
+++ b/Back/skydiveLogs-api/appsettings.Development.json
@@ -9,6 +9,10 @@
  "Cors": {
    "FrontUrl": "http://localhost:4200"
  },
  "JWT": {
    "Issuer": "NoIdea",
    "Key": "the very long and strong passphrase to crypt the token for DEV"
  },
  "AllowedHosts": "*",
  "ConnectionStrings": {
    "DefaultConnection": "Filename=./Data/JumpsDb.db"
--- a/Back/skydiveLogs-api/appsettings.Release.json
+++ b/Back/skydiveLogs-api/appsettings.Release.json
@@ -7,6 +7,10 @@
  "Cors": {
    "FrontUrl": "https://skydivelogsangular.z6.web.core.windows.net"
  },
  "JWT": {
    "Issuer": "NoIdea",
    "Key": "the very long and strong passphrase to crypt the token for RELEASE"
  },
  "AllowedHosts": "*",
  "ConnectionStrings": {
    "DefaultConnection": "Filename=./Data/JumpsDb.db"
--- a/Back/skydiveLogs-api/appsettings.json
+++ b/Back/skydiveLogs-api/appsettings.json
@@ -9,6 +9,10 @@
  "Cors": {
    "FrontUrl": "http://localhost:4200"
  },
  "JWT": {
    "Issuer": "NoIdea",
    "Key": "the very long and strong passphrase to crypt the token"
  },
  "AllowedHosts": "*",
  "ConnectionStrings": {
    "DefaultConnection": "Filename=./Data/JumpsDb.db"