refactor: Projektdateien migriert. Cloud-NuGet-Pakete durch lokale NuGet-Projekte ersetzt.
This commit is contained in:
Developer 02
16
StaffDBServer/_Shared/SharedControllers/InfoController.cs
Normal file
16
StaffDBServer/_Shared/SharedControllers/InfoController.cs
Normal file
@@ -0,0 +1,16 @@
|
||||
using DAL;
|
||||
using HRD.WebApi.Controllers;
|
||||
using Microsoft.AspNetCore.Mvc;
|
||||
|
||||
namespace StaffDBServer.SharedExtensions
|
||||
{
|
||||
[Route("api/[controller]")]
|
||||
[Produces("application/json")]
|
||||
[ApiController]
|
||||
public class InfoController : InfoBaseController
|
||||
{
|
||||
public InfoController() : base(new WebApiContext())
|
||||
{
|
||||
}
|
||||
}
|
||||
}
|
||||
@@ -0,0 +1,99 @@
|
||||
using DAL;
|
||||
using DAL._Shared.SharedModels;
|
||||
using DAL._Shared.SharedRepositories;
|
||||
using HRD.LDAPService.JWT;
|
||||
using HRD.WebApi.Controllers;
|
||||
using Microsoft.AspNetCore.Http;
|
||||
using Microsoft.AspNetCore.Mvc;
|
||||
using Microsoft.Net.Http.Headers;
|
||||
using System;
|
||||
using System.Threading.Tasks;
|
||||
|
||||
namespace StaffDBServer.SharedControllers
|
||||
{
|
||||
[JWTAuthorizeAttribute]
|
||||
public class WebAppUserController : BaseMiniController
|
||||
{
|
||||
public WebAppUserController() : base(new WebApiContext())
|
||||
{
|
||||
}
|
||||
|
||||
[HttpPost("Culture")]
|
||||
public async Task<IActionResult> UpdateCultureAsync([FromBody] WebAppUser userFromClient)
|
||||
{
|
||||
try
|
||||
{
|
||||
//User Should by in the DB
|
||||
WebAppUserRepository webAppUserRepository = new WebAppUserRepository();
|
||||
WebAppUser userFromDB = await webAppUserRepository.GetByAsync(u => u.LoginName == userFromClient.LoginName, false);
|
||||
|
||||
if (userFromDB != default) //first login, get User from WebAppEmployeeInfo
|
||||
{
|
||||
userFromDB.Language = userFromClient.Language;
|
||||
userFromDB.Culture = userFromClient.Culture;
|
||||
if (!await webAppUserRepository.UpdateAsync(userFromDB))
|
||||
{
|
||||
return StatusCode(StatusCodes.Status400BadRequest, $"Cannot set User's language/culture");
|
||||
}
|
||||
}
|
||||
return new OkObjectResult(userFromClient);
|
||||
}
|
||||
catch (Exception ex)
|
||||
{
|
||||
WriteLogException(ex, ex.Message);
|
||||
return StatusCode(StatusCodes.Status400BadRequest, $"Cannot set User's language/culture");
|
||||
}
|
||||
}
|
||||
|
||||
[HttpPost("LoginWithJWT")]
|
||||
public async Task<IActionResult> LoginWithAuthorizationAsync([FromBody] WebAppUser userFromClient)
|
||||
{
|
||||
try
|
||||
{
|
||||
var accessToken = Request.Headers[HeaderNames.Authorization];
|
||||
WebAppUserHelper webAppUserHelper = new WebAppUserHelper();
|
||||
WebAppUser result = await webAppUserHelper.CheckLoginWithJWTAsync(accessToken, userFromClient.ClientVersion);
|
||||
return new OkObjectResult(result);
|
||||
}
|
||||
catch (Exception ex)
|
||||
{
|
||||
WriteLogException(ex, ex.Message);
|
||||
return Unauthorized(ex.Message);
|
||||
}
|
||||
}
|
||||
|
||||
[HttpPost("LoginWithNameAndPassword/{webApiId}"),]
|
||||
[Microsoft.AspNetCore.Authorization.AllowAnonymous]
|
||||
public async Task<IActionResult> LoginWithNameAndPasswordAsync([FromBody] WebAppUser userFromClient, int webApiId)
|
||||
{
|
||||
try
|
||||
{
|
||||
WebAppUserHelper webAppUserHelper = new WebAppUserHelper();
|
||||
var result = await webAppUserHelper.CheckLoginWithNameAndPasswordAsync(userFromClient, webApiId);
|
||||
return new OkObjectResult(result);
|
||||
}
|
||||
catch (Exception ex)
|
||||
{
|
||||
WriteLogException(ex, ex.Message);
|
||||
return NotFound(ex.Message);
|
||||
}
|
||||
}
|
||||
|
||||
[HttpPost("LoginWithNameAndPassword")]
|
||||
[Microsoft.AspNetCore.Authorization.AllowAnonymous]
|
||||
public async Task<IActionResult> LoginWithNameAndPasswordAsync([FromBody] WebAppUser userFromClient)
|
||||
{
|
||||
try
|
||||
{
|
||||
WebAppUserHelper webAppUserHelper = new WebAppUserHelper();
|
||||
var result = await webAppUserHelper.CheckLoginWithNameAndPasswordAsync(userFromClient);
|
||||
return new OkObjectResult(result);
|
||||
}
|
||||
catch (Exception ex)
|
||||
{
|
||||
WriteLogException(ex, ex.Message);
|
||||
return NotFound(ex.Message);
|
||||
}
|
||||
}
|
||||
}
|
||||
}
|
||||
204
StaffDBServer/_Shared/SharedControllers/WebAppUserHelper.cs
Normal file
204
StaffDBServer/_Shared/SharedControllers/WebAppUserHelper.cs
Normal file
@@ -0,0 +1,204 @@
|
||||
using DAL._Shared.SharedModels;
|
||||
using DAL._Shared.SharedRepositories;
|
||||
using HRD.LDAPService;
|
||||
using HRD.LDAPService.JWT;
|
||||
using Microsoft.Extensions.Primitives;
|
||||
using System;
|
||||
using System.Threading.Tasks;
|
||||
|
||||
namespace StaffDBServer.SharedControllers
|
||||
{
|
||||
public class WebAppUserHelper
|
||||
{
|
||||
private const int GLB_LOGIN_LOCK_TIME_IN_MIN = 5;
|
||||
|
||||
public int GlbWebApiIdStaffDB { get; private set; } = 2;
|
||||
|
||||
public async Task<WebAppUser> CheckLoginWithJWTAsync(StringValues accessToken, string clientVersion)
|
||||
{
|
||||
WebAppUserRepository webAppUserRepository = new WebAppUserRepository();
|
||||
if (!JwtManager.IsValidatJwtTokenSubject(accessToken))
|
||||
{
|
||||
throw new UnauthorizedAccessException($"Not valid JWT");
|
||||
}
|
||||
|
||||
var ldapUser = JwtManager.DecryptTokenAsLdapUser(accessToken);
|
||||
if (ldapUser == null)
|
||||
{
|
||||
throw new UnauthorizedAccessException($"Unable to decrypt JWT");
|
||||
}
|
||||
|
||||
WebAppEmployeeInfoRepository webAppEmployeeInfoRepository = new WebAppEmployeeInfoRepository();
|
||||
WebAppEmployeeInfo webAppEmployeeInfo = await webAppEmployeeInfoRepository.GetByAsync(x => x.LoginName == ldapUser.LoginName);
|
||||
if (webAppEmployeeInfo == default)
|
||||
{
|
||||
throw new UnauthorizedAccessException($"User '{ldapUser.LoginName}' cannot be found in StaffDB.");
|
||||
}
|
||||
|
||||
var userFromDB = await webAppUserRepository.GetByAsync(u => u.LoginName == ldapUser.LoginName, false);
|
||||
if (userFromDB == default)
|
||||
{
|
||||
throw new UnauthorizedAccessException($"Unable to load WebApiUser:{ldapUser.LoginName}");
|
||||
}
|
||||
|
||||
if (userFromDB.JwtExpiredOn == null)
|
||||
{
|
||||
throw new UnauthorizedAccessException($"User have to relogin; LoginName: {ldapUser.LoginName}");
|
||||
}
|
||||
|
||||
userFromDB.RoleList = ldapUser.RoleListAsString(EN_LdapRoleListFilter.OnlyRoleList);
|
||||
userFromDB.WebAppRoleList = ldapUser.RoleListAsString(EN_LdapRoleListFilter.OnlyWebAppRoleList);
|
||||
userFromDB.Token = ldapUser.Token;
|
||||
userFromDB.JwtExpiredOn = ldapUser.JwtExpiredOn;
|
||||
userFromDB.LastLogin = DateTime.Now;
|
||||
userFromDB.ClientVersion = clientVersion;
|
||||
|
||||
if (await webAppUserRepository.SaveChangesAsync())
|
||||
{
|
||||
return userFromDB;
|
||||
}
|
||||
return (default);
|
||||
}
|
||||
|
||||
public async Task<WebAppUser> CheckLoginWithNameAndPasswordAsync(WebAppUser userFromClient, int webAppId)
|
||||
{
|
||||
try
|
||||
{
|
||||
WebAppEmployeeInfoRepository webAppEmployeeInfoRepository = new WebAppEmployeeInfoRepository();
|
||||
WebAppEmployeeInfo webAppEmployeeInfo = await webAppEmployeeInfoRepository.GetByAsync(x => x.LoginName == userFromClient.LoginName && x.WebAppId == webAppId);
|
||||
WebAppUserRepository webAppUserRepository = new WebAppUserRepository();
|
||||
return await DoCheckLoginWithNameAndPasswordAsync(userFromClient, webAppUserRepository, webAppEmployeeInfoRepository);
|
||||
}
|
||||
catch (Exception ex)
|
||||
{
|
||||
throw ex;
|
||||
}
|
||||
}
|
||||
|
||||
public async Task<WebAppUser> CheckLoginWithNameAndPasswordAsync(WebAppUser userFromClient)
|
||||
{
|
||||
try
|
||||
{
|
||||
WebAppEmployeeInfoRepository webAppEmployeeInfoRepository = new WebAppEmployeeInfoRepository();
|
||||
WebAppEmployeeInfo webAppEmployeeInfo = await webAppEmployeeInfoRepository.GetByAsync(x => x.LoginName == userFromClient.LoginName && x.WebAppId == GlbWebApiIdStaffDB);
|
||||
WebAppUserRepository webAppUserRepository = new WebAppUserRepository();
|
||||
return await DoCheckLoginWithNameAndPasswordAsync(userFromClient, webAppUserRepository, webAppEmployeeInfoRepository);
|
||||
}
|
||||
catch (Exception ex)
|
||||
{
|
||||
throw ex;
|
||||
}
|
||||
}
|
||||
|
||||
private static async Task<WebAppUser> DoCheckLoginWithNameAndPasswordAsync(WebAppUser userFromClient, WebAppUserRepository webAppUserRepository, WebAppEmployeeInfoRepository webAppEmployeeInfoRepository)
|
||||
{
|
||||
try
|
||||
{
|
||||
WebAppEmployeeInfo webAppEmployeeInfo = await webAppEmployeeInfoRepository.GetByAsync(x => x.LoginName == userFromClient.LoginName);
|
||||
if (webAppEmployeeInfo == default)
|
||||
{
|
||||
if (userFromClient.IsGermanCulture())
|
||||
{
|
||||
throw new UnauthorizedAccessException($"Benutzer '{userFromClient.LoginName}' wurde in der StaffDB nicht freigeschaltet.");
|
||||
}
|
||||
else
|
||||
{
|
||||
throw new UnauthorizedAccessException($"User '{userFromClient.LoginName}' was not set in der StaffDB.");
|
||||
}
|
||||
}
|
||||
|
||||
LdapUser ldapUser = new LdapUser(userFromClient.LoginName, webAppEmployeeInfo.EmployeeId, userFromClient.Password, webAppEmployeeInfo.DepartmentId, webAppEmployeeInfo.ExtendedDepartmentIdList);
|
||||
if (!JwtManager.GenerateLdapUserWithJwtToken(ldapUser))
|
||||
{
|
||||
if (ldapUser == default)
|
||||
{
|
||||
if (userFromClient.IsGermanCulture())
|
||||
{
|
||||
throw new UnauthorizedAccessException($"Mit den Anmeldeinformationen (Loginname: '{userFromClient.LoginName}') konnte keine Verbindung hergestellt werden");
|
||||
}
|
||||
else
|
||||
{
|
||||
throw new UnauthorizedAccessException($"With login data (Loginname: '{userFromClient.LoginName}') cannot be logged");
|
||||
}
|
||||
}
|
||||
|
||||
if (ldapUser.IsAccountLockedOut)
|
||||
{
|
||||
System.Globalization.CultureInfo cultureinfo = new System.Globalization.CultureInfo(userFromClient.Culture);
|
||||
var lastBadPasswordAttemptLocalTime = ldapUser.AccountLockoutTime - TimeSpan.FromMinutes(userFromClient.TimeZoneOffsetInMin);
|
||||
var waitTillTime = lastBadPasswordAttemptLocalTime?.AddMinutes(GLB_LOGIN_LOCK_TIME_IN_MIN + 1);
|
||||
|
||||
if (userFromClient.IsGermanCulture())
|
||||
{
|
||||
throw new UnauthorizedAccessException($"Der Benutzer mit Loginnamen '{ldapUser.LoginName}' wurde am {lastBadPasswordAttemptLocalTime?.ToString(cultureinfo)} gesperrt!\nVersuchen Sie sich um {waitTillTime?.ToString(cultureinfo.DateTimeFormat.ShortTimePattern)} neuanzumelden.");
|
||||
}
|
||||
else
|
||||
{
|
||||
throw new UnauthorizedAccessException($"The user with the loginname '{ldapUser.LoginName}' was locked on {lastBadPasswordAttemptLocalTime?.ToString(cultureinfo)}!\nTry to log again at {waitTillTime?.ToString(cultureinfo.DateTimeFormat.ShortTimePattern)}.");
|
||||
}
|
||||
}
|
||||
|
||||
if (!ldapUser.Enabled)
|
||||
{
|
||||
if (userFromClient.IsGermanCulture())
|
||||
{
|
||||
throw new UnauthorizedAccessException($"Der Benutzer mit Loginnamen '{userFromClient.LoginName}' ist deaktiviert!");
|
||||
}
|
||||
else
|
||||
{
|
||||
throw new UnauthorizedAccessException($"The user with loginname '{userFromClient.LoginName}' is inactive!");
|
||||
}
|
||||
}
|
||||
|
||||
if (!ldapUser.IsValidatCredentials)
|
||||
{
|
||||
if (userFromClient.IsGermanCulture())
|
||||
{
|
||||
throw new UnauthorizedAccessException($"Sie haben Ihren Loginnamen '{userFromClient.LoginName}' oder Ihr Passwort falsch eingegeben.\nAchtung, das Passwort wurde {ldapUser.BadLogonCount} Mal falsch eingegeben!");
|
||||
}
|
||||
else
|
||||
{
|
||||
throw new UnauthorizedAccessException($"Your loginname '{userFromClient.LoginName}' or password is wrong.\nAttention, you have input wrong password {ldapUser.BadLogonCount} times!");
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
WebAppUser userFromDB = await webAppUserRepository.GetByAsync(u => u.LoginName == userFromClient.LoginName, false);
|
||||
if (userFromDB == default) //get the WebAppUser data from LDAP & StaffDB
|
||||
{
|
||||
userFromDB = new WebAppUser(ldapUser.LoginName, webAppEmployeeInfo.ShortName, ldapUser.RoleListAsString(), $"{webAppEmployeeInfo.FirstName} {webAppEmployeeInfo.LastName}");
|
||||
userFromDB.Language = userFromClient.Language;
|
||||
userFromDB.Culture = userFromClient.Culture;
|
||||
if (!await webAppUserRepository.AddAsync(userFromDB))
|
||||
{
|
||||
if (userFromClient.IsGermanCulture())
|
||||
{
|
||||
throw new UnauthorizedAccessException($"Benutzer '{userFromClient.LoginName}' konnte nicht automatisch erstellt werden.");
|
||||
}
|
||||
else
|
||||
{
|
||||
throw new UnauthorizedAccessException($"User '{userFromClient.LoginName}' cannot be created automatically.");
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
userFromDB.RoleList = ldapUser.RoleListAsString(EN_LdapRoleListFilter.OnlyRoleList);
|
||||
userFromDB.WebAppRoleList = ldapUser.RoleListAsString(EN_LdapRoleListFilter.OnlyWebAppRoleList);
|
||||
userFromDB.Token = ldapUser.Token;
|
||||
userFromDB.JwtExpiredOn = ldapUser.JwtExpiredOn;
|
||||
userFromDB.LastLogin = DateTime.Now;
|
||||
userFromDB.ClientVersion = userFromClient.ClientVersion;
|
||||
|
||||
if (await webAppUserRepository.SaveChangesAsync())
|
||||
{
|
||||
return userFromDB;
|
||||
}
|
||||
return (default);
|
||||
}
|
||||
catch (Exception ex)
|
||||
{
|
||||
throw ex;
|
||||
}
|
||||
}
|
||||
}
|
||||
}
|
||||
49
StaffDBServer/_Shared/SharedExtensions/ServiceExtensions.cs
Normal file
49
StaffDBServer/_Shared/SharedExtensions/ServiceExtensions.cs
Normal file
@@ -0,0 +1,49 @@
|
||||
using HRD.AppLogger;
|
||||
using HRD.LDAPService.JWT;
|
||||
using HRD.WebApi.DAL.Middleware;
|
||||
using HRD.WebApi.Helpers;
|
||||
using Microsoft.AspNetCore.Builder;
|
||||
using Microsoft.AspNetCore.Mvc;
|
||||
using Microsoft.AspNetCore.Server.IISIntegration;
|
||||
using Microsoft.Extensions.DependencyInjection;
|
||||
|
||||
namespace StaffDBServer.SharedExtensions
|
||||
{
|
||||
public static class ServiceExtensions
|
||||
{
|
||||
public static void ConfigureWebApiExtensionsAtFirst(this IServiceCollection services)
|
||||
{
|
||||
//services.AddCors();
|
||||
services.AddCustomCors("AllowAllOrigins");
|
||||
|
||||
services.Configure<IISOptions>(options =>
|
||||
{
|
||||
options.AuthenticationDisplayName = "Windows";
|
||||
options.ForwardClientCertificate = true;
|
||||
options.AutomaticAuthentication = true;
|
||||
});
|
||||
services.AddAuthentication(IISDefaults.AuthenticationScheme);
|
||||
|
||||
services.ConfigureJWT(Extends.JwtMiddlewareOptionsHelper.GetJwtMiddlewareOptions()); ;
|
||||
|
||||
services.ConfigureDAL(WebApiMiddlewareOptionsHelper.GetWebApiMiddlewareOptions());
|
||||
|
||||
services.AddSingleton<ILoggerManager, LoggerManager>();
|
||||
|
||||
services.ConfigureSwagger();
|
||||
}
|
||||
|
||||
public static void ConfigureWebApiExtensionsEnd(this IServiceCollection services)
|
||||
{
|
||||
services.AddMvc()
|
||||
.ConfigureApiBehaviorOptions(options =>
|
||||
{
|
||||
options.InvalidModelStateResponseFactory = context =>
|
||||
{
|
||||
var errors = new HRD.WebApi.Helpers.HttpErrorDetails(context);
|
||||
return new BadRequestObjectResult(errors);
|
||||
};
|
||||
});
|
||||
}
|
||||
}
|
||||
}
|
||||
@@ -0,0 +1,59 @@
|
||||
using Microsoft.AspNetCore.Builder;
|
||||
using Microsoft.Extensions.DependencyInjection;
|
||||
using Microsoft.Extensions.PlatformAbstractions;
|
||||
using NSwag;
|
||||
using NSwag.Generation.Processors.Security;
|
||||
using System.Linq;
|
||||
|
||||
namespace StaffDBServer.SharedExtensions
|
||||
{
|
||||
public static class ServiceSwaggerExtensions
|
||||
{
|
||||
public static void ConfigureSwagger(this IApplicationBuilder app)
|
||||
{
|
||||
app.UseSwaggerUi(cfg =>
|
||||
cfg.DocExpansion = "none" //"list"
|
||||
);
|
||||
}
|
||||
|
||||
public static void ConfigureSwagger(this IServiceCollection services)
|
||||
{
|
||||
services.AddSwaggerDocument(config =>
|
||||
{
|
||||
#region add Bearer Authorization
|
||||
|
||||
config.AddSecurity("JWT", Enumerable.Empty<string>(), new OpenApiSecurityScheme
|
||||
{
|
||||
Type = OpenApiSecuritySchemeType.ApiKey,
|
||||
Name = "Authorization",
|
||||
In = OpenApiSecurityApiKeyLocation.Header,
|
||||
Description = "Bearer JWT token."
|
||||
});
|
||||
|
||||
config.OperationProcessors.Add(
|
||||
new AspNetCoreOperationSecurityScopeProcessor("JWT"));
|
||||
|
||||
#endregion add Bearer Authorization
|
||||
|
||||
config.PostProcess = document =>
|
||||
{
|
||||
document.Info.Version = "V." + PlatformServices.Default.Application.ApplicationVersion + "; " + PlatformServices.Default.Application.RuntimeFramework;
|
||||
document.Info.Title = $" {PlatformServices.Default.Application.ApplicationName} API";
|
||||
document.Info.Description = $" {PlatformServices.Default.Application.ApplicationName} Backend ";
|
||||
document.Info.TermsOfService = "None";
|
||||
document.Info.Contact = new NSwag.OpenApiContact
|
||||
{
|
||||
Name = "IT",
|
||||
Email = string.Empty,
|
||||
Url = "https://hensel-recycling.com"
|
||||
};
|
||||
document.Info.License = new NSwag.OpenApiLicense
|
||||
{
|
||||
Name = "Commercial License",
|
||||
Url = "https://hensel-recycling.com"
|
||||
};
|
||||
};
|
||||
});
|
||||
}
|
||||
}
|
||||
}
|
||||
@@ -0,0 +1,26 @@
|
||||
using HRD.WebApi;
|
||||
using HRD.WebApi.DAL.Middleware;
|
||||
|
||||
namespace StaffDBServer.SharedExtensions
|
||||
{
|
||||
public static class WebApiMiddlewareOptionsHelper
|
||||
{
|
||||
public static WebApiMiddlewareOptions GetWebApiMiddlewareOptions()
|
||||
{
|
||||
WebApiMiddlewareOptions options = new WebApiMiddlewareOptions
|
||||
{
|
||||
AssemblyVersion = WebApiConfig.AssemblyVersion,
|
||||
AssemblyName = WebApiConfig.AssemblyName,
|
||||
ClientVersion = WebApiConfig.ClientVersion,
|
||||
|
||||
Connectionstring = WebApiConfig.Connectionstring,
|
||||
|
||||
NlogConnectionstring = WebApiConfig.NlogConnectionstring,
|
||||
NlogDBLogLevel = WebApiConfig.NlogDBLogLevel,
|
||||
NlogFileLogLevel = WebApiConfig.NlogFileLogLevel,
|
||||
NlogLogDirectory = WebApiConfig.NlogLogDirectory
|
||||
};
|
||||
return options;
|
||||
}
|
||||
}
|
||||
}
|
||||
Reference in New Issue
Block a user