feat(AuthController): Aktualisiert, um die Anmeldung über die Benutzer-ID zu ermöglichen.
This commit is contained in:
Developer 02
parent
a69e13c2ab
commit
85ccc52ca1
@ -3,13 +3,13 @@ using DigitalData.Core.Abstractions.Security;
|
|||||||
using Microsoft.AspNetCore.Authorization;
|
using Microsoft.AspNetCore.Authorization;
|
||||||
using Microsoft.AspNetCore.Mvc;
|
using Microsoft.AspNetCore.Mvc;
|
||||||
using Microsoft.Extensions.Options;
|
using Microsoft.Extensions.Options;
|
||||||
using DigitalData.UserManager.Application.DTOs.Auth;
|
|
||||||
using DigitalData.UserManager.Application.Contracts;
|
using DigitalData.UserManager.Application.Contracts;
|
||||||
using DigitalData.UserManager.Application.DTOs.User;
|
using DigitalData.UserManager.Application.DTOs.User;
|
||||||
using DigitalData.Core.Abstractions.Application;
|
using DigitalData.Core.Abstractions.Application;
|
||||||
using DigitalData.Auth.API.Dto;
|
using DigitalData.Auth.API.Dto;
|
||||||
using DigitalData.Auth.API.Services.Contracts;
|
using DigitalData.Auth.API.Services.Contracts;
|
||||||
using DigitalData.Auth.API.Entities;
|
using DigitalData.Auth.API.Entities;
|
||||||
|
using DigitalData.Core.DTO;
|
||||||
|
|
||||||
namespace DigitalData.Auth.API.Controllers
|
namespace DigitalData.Auth.API.Controllers
|
||||||
{
|
{
|
||||||
@ -45,18 +45,37 @@ namespace DigitalData.Auth.API.Controllers
|
|||||||
_consumerSignatureHandler = apiSignatureHandler;
|
_consumerSignatureHandler = apiSignatureHandler;
|
||||||
}
|
}
|
||||||
|
|
||||||
private async Task<IActionResult> CreateTokenAsync(LogInDto login, string consumerName, bool cookie = true)
|
private async Task<IActionResult> CreateTokenAsync(UserLogin login, string consumerName, bool cookie = true)
|
||||||
{
|
{
|
||||||
bool isValid = await _dirSearchService.ValidateCredentialsAsync(login.Username, login.Password);
|
DataResult<UserReadDto>? uRes;
|
||||||
|
if (login.Username is not null)
|
||||||
|
{
|
||||||
|
bool isValid = await _dirSearchService.ValidateCredentialsAsync(login.Username, login.Password);
|
||||||
|
|
||||||
if (!isValid)
|
if (!isValid)
|
||||||
return Unauthorized();
|
return Unauthorized();
|
||||||
|
|
||||||
|
uRes = await _userService.ReadByUsernameAsync(login.Username);
|
||||||
|
if (uRes.IsFailed)
|
||||||
|
return Unauthorized();
|
||||||
|
}
|
||||||
|
else if(login.Id is int userId)
|
||||||
|
{
|
||||||
|
uRes = await _userService.ReadByIdAsync(userId);
|
||||||
|
if (uRes.IsFailed)
|
||||||
|
return Unauthorized();
|
||||||
|
|
||||||
|
bool isValid = await _dirSearchService.ValidateCredentialsAsync(uRes.Data.Username, login.Password);
|
||||||
|
|
||||||
|
if (!isValid)
|
||||||
|
return Unauthorized();
|
||||||
|
}
|
||||||
|
else
|
||||||
|
{
|
||||||
|
return BadRequest("One of user ID or username should be provided.");
|
||||||
|
}
|
||||||
|
|
||||||
//find the user
|
//find the user
|
||||||
var uRes = await _userService.ReadByUsernameAsync(login.Username);
|
|
||||||
if (uRes.IsFailed)
|
|
||||||
return Unauthorized();
|
|
||||||
|
|
||||||
var consumer = await _consumerService.ReadByNameAsync(consumerName);
|
var consumer = await _consumerService.ReadByNameAsync(consumerName);
|
||||||
if (consumer is null)
|
if (consumer is null)
|
||||||
return Unauthorized();
|
return Unauthorized();
|
||||||
@ -64,7 +83,7 @@ namespace DigitalData.Auth.API.Controllers
|
|||||||
if (!_cryptoFactory.TokenDescriptors.TryGet(_apiParams.Issuer, consumer.Audience, out var descriptor))
|
if (!_cryptoFactory.TokenDescriptors.TryGet(_apiParams.Issuer, consumer.Audience, out var descriptor))
|
||||||
return StatusCode(StatusCodes.Status500InternalServerError);
|
return StatusCode(StatusCodes.Status500InternalServerError);
|
||||||
|
|
||||||
var token = _userSignatureHandler.WriteToken(uRes.Data, descriptor);
|
var token = _userSignatureHandler.WriteToken(uRes!.Data, descriptor);
|
||||||
|
|
||||||
//set cookie
|
//set cookie
|
||||||
if (cookie)
|
if (cookie)
|
||||||
@ -102,7 +121,7 @@ namespace DigitalData.Auth.API.Controllers
|
|||||||
//TODO: Add role depends on group name
|
//TODO: Add role depends on group name
|
||||||
[HttpPost("{consumerName}/login")]
|
[HttpPost("{consumerName}/login")]
|
||||||
[AllowAnonymous]
|
[AllowAnonymous]
|
||||||
public async Task<IActionResult> Login([FromForm] LogInDto login, [FromRoute] string consumerName)
|
public async Task<IActionResult> Login([FromForm] UserLogin login, [FromRoute] string consumerName)
|
||||||
{
|
{
|
||||||
try
|
try
|
||||||
{
|
{
|
||||||
@ -146,7 +165,7 @@ namespace DigitalData.Auth.API.Controllers
|
|||||||
}
|
}
|
||||||
|
|
||||||
[HttpPost("{consumerName}")]
|
[HttpPost("{consumerName}")]
|
||||||
public async Task<IActionResult> CreateTokenViaBody([FromBody] LogInDto login, [FromRoute] string consumerName, [FromQuery] bool cookie = false)
|
public async Task<IActionResult> CreateTokenViaBody([FromBody] UserLogin login, [FromRoute] string consumerName, [FromQuery] bool cookie = false)
|
||||||
{
|
{
|
||||||
try
|
try
|
||||||
{
|
{
|
||||||
|
|||||||
6
src/DigitalData.Auth.API/Dto/UserLogin.cs
Normal file
6
src/DigitalData.Auth.API/Dto/UserLogin.cs
Normal file
@ -0,0 +1,6 @@
|
|||||||
|
namespace DigitalData.Auth.API.Dto;
|
||||||
|
|
||||||
|
public record UserLogin(string Password, int? Id = null, string? Username = null)
|
||||||
|
{
|
||||||
|
public bool Valid => Id is not null || !string.IsNullOrWhiteSpace(Username);
|
||||||
|
};
|
||||||
Loading…
x
Reference in New Issue
Block a user