From 19ebfbe04f07eeec3abef3530e842a10b4bb9b01 Mon Sep 17 00:00:00 2001 From: Syndamia Date: Thu, 17 Dec 2020 20:45:03 +0200 Subject: Authorization now supports multiple tokens --- src/DevHive.Services/Services/UserService.cs | 12 +++++------- 1 file changed, 5 insertions(+), 7 deletions(-) (limited to 'src') diff --git a/src/DevHive.Services/Services/UserService.cs b/src/DevHive.Services/Services/UserService.cs index 3e65dab..7092d61 100644 --- a/src/DevHive.Services/Services/UserService.cs +++ b/src/DevHive.Services/Services/UserService.cs @@ -72,12 +72,8 @@ namespace DevHive.Services.Services User user = await this._userRepository.GetByIdAsync(id) ?? throw new ArgumentException("User does not exist!"); - //Here User has 1 role - UserServiceModel model = this._userMapper.Map(user); - //here model has 0 roles - return model; } @@ -130,10 +126,12 @@ namespace DevHive.Services.Services { byte[] signingKey = Encoding.ASCII.GetBytes(_jwtOptions.Secret); - List claims = new() + List claims = new(); + + foreach(var role in roles) { - new Claim(ClaimTypes.Role, roles[0].Name) // TODO: add support for multiple roles - }; + claims.Add(new Claim(ClaimTypes.Role, role.Name)); + } SecurityTokenDescriptor tokenDescriptor = new() { -- cgit v1.2.3 From d104a6810dcca58e7003833e5b7c74a7722df879 Mon Sep 17 00:00:00 2001 From: Syndamia Date: Thu, 17 Dec 2020 21:24:55 +0200 Subject: Added username and password hash to JWT --- src/DevHive.Services/Services/UserService.cs | 12 ++++++++---- 1 file changed, 8 insertions(+), 4 deletions(-) (limited to 'src') diff --git a/src/DevHive.Services/Services/UserService.cs b/src/DevHive.Services/Services/UserService.cs index 7092d61..b60cc4c 100644 --- a/src/DevHive.Services/Services/UserService.cs +++ b/src/DevHive.Services/Services/UserService.cs @@ -40,7 +40,7 @@ namespace DevHive.Services.Services if (user.PasswordHash != GeneratePasswordHash(loginModel.Password)) throw new ArgumentException("Incorrect password!"); - return new TokenModel(WriteJWTSecurityToken(user.Roles)); + return new TokenModel(WriteJWTSecurityToken(user.UserName, user.PasswordHash, user.Roles)); } public async Task RegisterUser(RegisterServiceModel registerModel) @@ -64,7 +64,7 @@ namespace DevHive.Services.Services await this._userRepository.AddAsync(user); - return new TokenModel(WriteJWTSecurityToken(user.Roles)); + return new TokenModel(WriteJWTSecurityToken(user.UserName, user.PasswordHash, user.Roles)); } public async Task GetUserById(Guid id) @@ -122,11 +122,15 @@ namespace DevHive.Services.Services return string.Join(string.Empty, SHA512.HashData(Encoding.ASCII.GetBytes(password))); } - private string WriteJWTSecurityToken(IList roles) + private string WriteJWTSecurityToken(string userName, string passwordHash, IList roles) { byte[] signingKey = Encoding.ASCII.GetBytes(_jwtOptions.Secret); - List claims = new(); + List claims = new() + { + new Claim(ClaimTypes.Name, userName), + new Claim(ClaimTypes.Hash, passwordHash) + }; foreach(var role in roles) { -- cgit v1.2.3