diff options
Diffstat (limited to 'Backend/Api')
| -rw-r--r-- | Backend/Api/Api/Interfaces/IJwtService.cs | 7 | ||||
| -rw-r--r-- | Backend/Api/Api/Models/User.cs | 2 | ||||
| -rw-r--r-- | Backend/Api/Api/Services/JwtService.cs | 50 | ||||
| -rw-r--r-- | Backend/Api/Api/Services/UserService.cs | 47 | ||||
| -rw-r--r-- | Backend/Api/Api/appsettings.json | 22 |
5 files changed, 109 insertions, 19 deletions
diff --git a/Backend/Api/Api/Interfaces/IJwtService.cs b/Backend/Api/Api/Interfaces/IJwtService.cs index 35f5843..adb83a2 100644 --- a/Backend/Api/Api/Interfaces/IJwtService.cs +++ b/Backend/Api/Api/Interfaces/IJwtService.cs @@ -4,9 +4,10 @@ namespace Api.Interfaces { public interface IJwtService { - Task<string> GenToken(User user); - Task<string> TokenToId(string token); + string GenToken(User user); + string TokenToId(string token); Task<string> RenewToken(string existingToken); - + public string GenEmailToken(User user); + public string EmailTokenToId(string token); } }
\ No newline at end of file diff --git a/Backend/Api/Api/Models/User.cs b/Backend/Api/Api/Models/User.cs index 1d351d1..e9947a2 100644 --- a/Backend/Api/Api/Models/User.cs +++ b/Backend/Api/Api/Models/User.cs @@ -11,6 +11,8 @@ namespace Api.Models public String name { get; set; } public String username { get; set; } public String email { get; set; } + public String emailToken { get; set; } + public Boolean verified { get; set; } public String password { get; set; } public DateTime creationDate { get; set; } } diff --git a/Backend/Api/Api/Services/JwtService.cs b/Backend/Api/Api/Services/JwtService.cs index a10f093..42716fa 100644 --- a/Backend/Api/Api/Services/JwtService.cs +++ b/Backend/Api/Api/Services/JwtService.cs @@ -20,7 +20,7 @@ namespace Api.Services _userService = userService; } - public async Task<string> GenToken(User user) + public string GenToken(User user) { var tokenHandler = new JwtSecurityTokenHandler(); var key = Encoding.ASCII.GetBytes(_config.GetSection("AppSettings:JwtToken").Value); @@ -33,7 +33,7 @@ namespace Api.Services var token = tokenHandler.CreateToken(tokenDescriptor); return tokenHandler.WriteToken(token); } - public async Task<string> TokenToId(string token) + public string TokenToId(string token) { if (token == null) return null; @@ -58,16 +58,56 @@ namespace Api.Services } } - public async Task<string> RenewToken(string existingToken) { - var id = await TokenToId(existingToken); + var id = TokenToId(existingToken); if (id == null) return null; var user = await _userService.getUserById(id); - return await GenToken(user); + return GenToken(user); } + public string GenEmailToken(User user) + { + var tokenHandler = new JwtSecurityTokenHandler(); + var key = Encoding.ASCII.GetBytes(_config.GetSection("AppSettings:EmailToken").Value); + var tokenDescriptor = new SecurityTokenDescriptor + { + Subject = new ClaimsIdentity(new[] { new Claim("username", user.username), new Claim("id", user._id) }), + Expires = DateTime.UtcNow.AddMinutes(30), + SigningCredentials = new SigningCredentials(new SymmetricSecurityKey(key), SecurityAlgorithms.HmacSha256Signature) + }; + var token = tokenHandler.CreateToken(tokenDescriptor); + return tokenHandler.WriteToken(token); + } + + public string EmailTokenToId(string token) + { + if (token == null) + return null; + var tokenHandler = new JwtSecurityTokenHandler(); + var key = Encoding.ASCII.GetBytes(_config.GetSection("AppSettings:EmailToken").Value.ToString()); + try + { + tokenHandler.ValidateToken(token, new TokenValidationParameters + { + ValidateIssuerSigningKey = true, + IssuerSigningKey = new SymmetricSecurityKey(key), + ValidateIssuer = false, + ValidateAudience = false, + ClockSkew = TimeSpan.Zero + }, + out SecurityToken validatedToken); + var jwtToken = (JwtSecurityToken)validatedToken; + var username = (jwtToken.Claims.First(x => x.Type == "username").Value.ToString()); + return username; + //return jwtToken.Claims.First(x => x.Type == "id").Value; + } + catch + { + return null; + } + } } } diff --git a/Backend/Api/Api/Services/UserService.cs b/Backend/Api/Api/Services/UserService.cs index 2940d2e..b632ebc 100644 --- a/Backend/Api/Api/Services/UserService.cs +++ b/Backend/Api/Api/Services/UserService.cs @@ -7,11 +7,12 @@ namespace Api.Services public class UserService : IUserService { private readonly IMongoCollection<User> _users; - public UserService(IDatabaseConnection settings, IMongoClient mongoClient) + private readonly IJwtService _jwtService; + public UserService(IDatabaseConnection settings, IMongoClient mongoClient, IJwtService jwtService) { var database = mongoClient.GetDatabase(settings.DatabaseName); _users = database.GetCollection<User>(settings.UserCollectionName); - + _jwtService=jwtService; } public async Task<int> createUser(User user) @@ -67,6 +68,46 @@ namespace Api.Services return 0; } - + public async Task<string> Register(Register register) + { + if (await _users.FindAsync(x => x.email == register.email && x.verified==true).Result.AnyAsync()) + return "Email Exists"; + else if (await _users.FindAsync(x => x.username == register.username && x.verified==true).Result.AnyAsync()) + return "Username Exists"; + else + { + List<User> unverified = await _users.Find(x => (x.username == register.username || x.email == register.email) && x.verified == false).ToListAsync(); + if (unverified.Count > 0) + { + foreach(var usr in unverified) + { + //ako user nema validan emailtoken, a nije verifikovan prethodno, onda se brise iz baze + if (_jwtService.EmailTokenToId(usr.emailToken) == null) + await _users.FindOneAndDeleteAsync(x => x._id == usr._id); + } + } + } + var user = new User(); + user.email = register.email; + user.username = register.username; + user.name = register.name; + user.verified = false; + user.password = register.password; // unhashed for now + + + return ""; + } + + public async Task<Boolean> VerifyUser(string _id) + { + User user = await _users.FindAsync(x => x._id==_id).Result.FirstAsync(); + if(user != null) + { + user.verified = true; + await _users.ReplaceOneAsync(x => x._id == _id, user); + return true; + } + return false; + } } } diff --git a/Backend/Api/Api/appsettings.json b/Backend/Api/Api/appsettings.json index 7cc504d..aa9b675 100644 --- a/Backend/Api/Api/appsettings.json +++ b/Backend/Api/Api/appsettings.json @@ -1,7 +1,8 @@ { - "AppSettings": { - "JwtToken": "PjrVqQJ1P2VOkuWLw7NaZUluT4z7bkau" - }, + "AppSettings": { + "JwtToken": "PjrVqQJ1P2VOkuWLw7NaZUluT4z7bkau", + "EmailToken": "e8X8c0lm9KS7itWi3wgE6BiPXR21WPvO" + }, "Logging": { "LogLevel": { @@ -10,11 +11,16 @@ } }, "AllowedHosts": "*", - "DatabaseSettings": { + "DatabaseSettings": { - "ConnectionString": "mongodb://127.0.0.1:27017/", - "DatabaseName": "Odyssey", - "UserCollectionName": "users" + "ConnectionString": "mongodb://127.0.0.1:27017/", + "DatabaseName": "Odyssey", + "UserCollectionName": "users" - } + }, + "EmailCfg": { + "Email": "oddyssey.brzodolokacije@gmail.com", + "SmtpServer": "smtp.gmail.com", + "Password": "msbs#556" + } } |