Logger zum AuthController hinzugefügt.
This commit is contained in:
Developer 02
parent
3bcd723fba
commit
d76623155a
@ -20,43 +20,58 @@ namespace DigitalData.UserManager.API.Controllers
|
|||||||
private readonly IGroupOfUserService _gouService;
|
private readonly IGroupOfUserService _gouService;
|
||||||
private readonly IDirectorySearchService _dirSearchService;
|
private readonly IDirectorySearchService _dirSearchService;
|
||||||
private readonly IStringLocalizer<Resource> _localizer;
|
private readonly IStringLocalizer<Resource> _localizer;
|
||||||
|
private readonly ILogger<AuthController> _logger;
|
||||||
|
|
||||||
public AuthController(IUserService userService, IGroupOfUserService gouService, IDirectorySearchService directorySearchService, IStringLocalizer<Resource> localizer)
|
public AuthController(IUserService userService, IGroupOfUserService gouService, IDirectorySearchService directorySearchService, IStringLocalizer<Resource> localizer, ILogger<AuthController> logger)
|
||||||
{
|
{
|
||||||
_userService = userService;
|
_userService = userService;
|
||||||
_gouService = gouService;
|
_gouService = gouService;
|
||||||
_dirSearchService = directorySearchService;
|
_dirSearchService = directorySearchService;
|
||||||
_localizer = localizer;
|
_localizer = localizer;
|
||||||
|
_logger = logger;
|
||||||
}
|
}
|
||||||
|
|
||||||
[AllowAnonymous]
|
[AllowAnonymous]
|
||||||
[HttpGet("check")]
|
[HttpGet("check")]
|
||||||
public IActionResult CheckAuthentication() => Ok(new AuthCheckDto(IsAuthenticated: User.Identity?.IsAuthenticated ?? false));
|
public IActionResult CheckAuthentication()
|
||||||
|
{
|
||||||
|
try
|
||||||
|
{
|
||||||
|
return Ok(new AuthCheckDto(IsAuthenticated: User.Identity?.IsAuthenticated ?? false));
|
||||||
|
}
|
||||||
|
catch(Exception ex)
|
||||||
|
{
|
||||||
|
_logger.LogError(ex, "{Message}", ex.Message);
|
||||||
|
return StatusCode(StatusCodes.Status500InternalServerError);
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
[AllowAnonymous]
|
[AllowAnonymous]
|
||||||
[HttpPost("login")]
|
[HttpPost("login")]
|
||||||
public async Task<IActionResult> Login([FromBody] LogInDto login)
|
public async Task<IActionResult> Login([FromBody] LogInDto login)
|
||||||
{
|
{
|
||||||
bool isValid = _dirSearchService.ValidateCredentials(login.Username, login.Password);
|
try
|
||||||
|
|
||||||
if (!isValid)
|
|
||||||
return Unauthorized(Result.Fail().Message(_localizer[Key.UserNotFound]));
|
|
||||||
|
|
||||||
var gouMsg = await _gouService.HasGroup(login.Username, "PM_USER", caseSensitive:false);
|
|
||||||
if(!gouMsg.IsSuccess)
|
|
||||||
return Unauthorized(Result.Fail().Message(_localizer[Key.UnauthorizedUser]));
|
|
||||||
|
|
||||||
//find the user
|
|
||||||
var uRes = await _userService.ReadByUsernameAsync(login.Username);
|
|
||||||
if (!uRes.IsSuccess || uRes.Data is null)
|
|
||||||
{
|
{
|
||||||
return Unauthorized(uRes);
|
bool isValid = _dirSearchService.ValidateCredentials(login.Username, login.Password);
|
||||||
}
|
|
||||||
|
|
||||||
UserReadDto user = uRes.Data;
|
if (!isValid)
|
||||||
|
return Unauthorized(Result.Fail().Message(_localizer[Key.UserNotFound]));
|
||||||
|
|
||||||
// Create claims
|
var gouMsg = await _gouService.HasGroup(login.Username, "PM_USER", caseSensitive: false);
|
||||||
var claims = new List<Claim>
|
if (!gouMsg.IsSuccess)
|
||||||
|
return Unauthorized(Result.Fail().Message(_localizer[Key.UnauthorizedUser]));
|
||||||
|
|
||||||
|
//find the user
|
||||||
|
var uRes = await _userService.ReadByUsernameAsync(login.Username);
|
||||||
|
if (!uRes.IsSuccess || uRes.Data is null)
|
||||||
|
{
|
||||||
|
return Unauthorized(uRes);
|
||||||
|
}
|
||||||
|
|
||||||
|
UserReadDto user = uRes.Data;
|
||||||
|
|
||||||
|
// Create claims
|
||||||
|
var claims = new List<Claim>
|
||||||
{
|
{
|
||||||
new (ClaimTypes.NameIdentifier, user.Id.ToString()),
|
new (ClaimTypes.NameIdentifier, user.Id.ToString()),
|
||||||
new (ClaimTypes.Name, user.Username),
|
new (ClaimTypes.Name, user.Username),
|
||||||
@ -66,54 +81,74 @@ namespace DigitalData.UserManager.API.Controllers
|
|||||||
new (ClaimTypes.Role, "PM_USER")
|
new (ClaimTypes.Role, "PM_USER")
|
||||||
};
|
};
|
||||||
|
|
||||||
// Create claimsIdentity
|
// Create claimsIdentity
|
||||||
var claimsIdentity = new ClaimsIdentity(claims, CookieAuthenticationDefaults.AuthenticationScheme);
|
var claimsIdentity = new ClaimsIdentity(claims, CookieAuthenticationDefaults.AuthenticationScheme);
|
||||||
|
|
||||||
// Create authProperties
|
// Create authProperties
|
||||||
var authProperties = new AuthenticationProperties
|
var authProperties = new AuthenticationProperties
|
||||||
|
{
|
||||||
|
IsPersistent = true,
|
||||||
|
AllowRefresh = true,
|
||||||
|
ExpiresUtc = DateTime.UtcNow.AddMinutes(60)
|
||||||
|
};
|
||||||
|
|
||||||
|
// Sign in
|
||||||
|
await HttpContext.SignInAsync(
|
||||||
|
CookieAuthenticationDefaults.AuthenticationScheme,
|
||||||
|
new ClaimsPrincipal(claimsIdentity),
|
||||||
|
authProperties);
|
||||||
|
|
||||||
|
_dirSearchService.SetSearchRootCache(user.Username, login.Password);
|
||||||
|
|
||||||
|
return Ok();
|
||||||
|
}
|
||||||
|
catch(Exception ex)
|
||||||
{
|
{
|
||||||
IsPersistent = true,
|
_logger.LogError(ex, "{Message}", ex.Message);
|
||||||
AllowRefresh = true,
|
return StatusCode(StatusCodes.Status500InternalServerError);
|
||||||
ExpiresUtc = DateTime.UtcNow.AddMinutes(60)
|
}
|
||||||
};
|
|
||||||
|
|
||||||
// Sign in
|
|
||||||
await HttpContext.SignInAsync(
|
|
||||||
CookieAuthenticationDefaults.AuthenticationScheme,
|
|
||||||
new ClaimsPrincipal(claimsIdentity),
|
|
||||||
authProperties);
|
|
||||||
|
|
||||||
_dirSearchService.SetSearchRootCache(user.Username, login.Password);
|
|
||||||
|
|
||||||
return Ok();
|
|
||||||
}
|
}
|
||||||
|
|
||||||
[Authorize]
|
[Authorize]
|
||||||
[HttpGet("user")]
|
[HttpGet("user")]
|
||||||
public async Task<IActionResult> GetUserWithClaims()
|
public async Task<IActionResult> GetUserWithClaims()
|
||||||
{
|
{
|
||||||
// Extract the username from the Name claim.
|
try
|
||||||
string? username = User.Claims.FirstOrDefault(c => c.Type == ClaimTypes.Name)?.Value;
|
|
||||||
|
|
||||||
if (string.IsNullOrEmpty(username))
|
|
||||||
return Unauthorized();
|
|
||||||
|
|
||||||
var userDto = await _userService.ReadByUsernameAsync(username);
|
|
||||||
|
|
||||||
if (!userDto.IsSuccess || userDto.Data is null)
|
|
||||||
{
|
{
|
||||||
return NotFound(Result.Fail().Message(_localizer[Key.UserNotFound]));
|
// Extract the username from the Name claim.
|
||||||
}
|
string? username = User.Claims.FirstOrDefault(c => c.Type == ClaimTypes.Name)?.Value;
|
||||||
|
|
||||||
return Ok(userDto.Data);
|
if (string.IsNullOrEmpty(username))
|
||||||
|
return Unauthorized();
|
||||||
|
|
||||||
|
return await _userService.ReadByUsernameAsync(username)
|
||||||
|
.ThenAsync(Ok, IActionResult (m, n) =>
|
||||||
|
{
|
||||||
|
_logger.LogNotice(n);
|
||||||
|
return NotFound(Result.Fail().Message(_localizer[Key.UserNotFound]));
|
||||||
|
});
|
||||||
|
}
|
||||||
|
catch (Exception ex)
|
||||||
|
{
|
||||||
|
_logger.LogError(ex, "{Message}", ex.Message);
|
||||||
|
return StatusCode(StatusCodes.Status500InternalServerError);
|
||||||
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
[AllowAnonymous]
|
[Authorize]
|
||||||
[HttpPost("logout")]
|
[HttpPost("logout")]
|
||||||
public async Task<IActionResult> Logout()
|
public async Task<IActionResult> Logout()
|
||||||
{
|
{
|
||||||
await HttpContext.SignOutAsync(CookieAuthenticationDefaults.AuthenticationScheme);
|
try
|
||||||
return Ok();
|
{
|
||||||
|
await HttpContext.SignOutAsync(CookieAuthenticationDefaults.AuthenticationScheme);
|
||||||
|
return Ok();
|
||||||
|
}
|
||||||
|
catch(Exception ex)
|
||||||
|
{
|
||||||
|
_logger.LogError(ex, "{Message}", ex.Message);
|
||||||
|
return StatusCode(StatusCodes.Status500InternalServerError);
|
||||||
|
}
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
Loading…
x
Reference in New Issue
Block a user