using Microsoft.AspNetCore.Identity; using Microsoft.Extensions.Options; using Microsoft.IdentityModel.Tokens; using MTWorkHR.Application.Exceptions; using MTWorkHR.Application.Identity; using MTWorkHR.Application.Models; using MTWorkHR.Core.Global; using MTWorkHR.Identity.Entities; using System.IdentityModel.Tokens.Jwt; using System.Security.Claims; using System.Text; namespace MTWorkHR.Identity.Services { public class AuthService : IAuthService { private readonly UserManager _userManager; private readonly SignInManager _signInManager; private readonly AppSettingsConfiguration _configuration; public AuthService(UserManager userManager, SignInManager signInManager, AppSettingsConfiguration configuration) { _userManager = userManager; _signInManager = signInManager; _configuration = configuration; } public async Task Login(AuthRequest request) { var user = await _userManager.FindByEmailAsync(request.Email); if(user == null) { throw new NotFoundException($"User with {request.Email} not found", request.Email); } var result = await _signInManager.CheckPasswordSignInAsync(user, request.Password, false); if(!result.Succeeded) { throw new BadRequest($"Credentials for '{request.Email} are not valid'."); } JwtSecurityToken jwtToken = await GenerateToken(user); var response = new AuthResponse { Id = user.Id, Email = user.Email, UserName = user.UserName, Token = new JwtSecurityTokenHandler().WriteToken( jwtToken), Expiration = jwtToken.ValidTo }; return response; } //public async Task Register(RegistrationRequest request) //{ // var user = new ApplicationUser { // Email = request.Email , // UserName = request.UserName , // FirstName = request.FirstName , // LastName = request.LastName , // EmailConfirmed = true // }; // var result = await _userManager.CreateAsync(user, request.Password); // if (result.Succeeded) // { // await _userManager.AddToRoleAsync(user, request.RoleName); // return new RegistrationResponse(){ UserId = user.Id }; // } // else // { // StringBuilder str = new StringBuilder(); // foreach (var err in result.Errors) // { // str.AppendFormat(".{0}\n", err.Description); // } // throw new BadRequest($"{str}"); // } //} private async Task GenerateToken(ApplicationUser user) { var userCalims = await _userManager.GetClaimsAsync(user); var roles = await _userManager.GetRolesAsync(user); var roleClaims = roles.Select(r => new Claim(ClaimTypes.Role, r)).ToList(); var claims = new[] { new Claim(JwtRegisteredClaimNames.Sub, user.UserName), new Claim(JwtRegisteredClaimNames.Email, user.Email), new Claim(JwtRegisteredClaimNames.Jti, Guid.NewGuid().ToString()), new Claim("uid", user.Id) }.Union(userCalims) .Union(roleClaims); var symmetricSecurityKey = new SymmetricSecurityKey(Encoding.UTF8.GetBytes(_configuration.JwtSettings.SecretKey)); var signingCredentials = new SigningCredentials(symmetricSecurityKey, SecurityAlgorithms.HmacSha256); var jwtSecurityToken = new JwtSecurityToken( issuer: _configuration.JwtSettings.Issuer, audience: _configuration.JwtSettings.Audience, claims: claims, expires: DateTime.Now.AddMinutes(_configuration.JwtSettings.DurationInMinutes), signingCredentials: signingCredentials ); return jwtSecurityToken; } } }