From e24cede22468991ad8452fbf1eec139e1b5ff886 Mon Sep 17 00:00:00 2001 From: Ognjen Cirkovic Date: Thu, 27 Oct 2022 21:09:08 +0200 Subject: Napravljen servis za generisanje jwt tokena. Omoguceno koriscenje autentikacija. --- Backend/Api/Api/Api.csproj | 2 ++ Backend/Api/Api/Interfaces/IJwtService.cs | 9 ++++++++ Backend/Api/Api/Program.cs | 24 +++++++++++++++++++++ Backend/Api/Api/Services/JwtService.cs | 35 +++++++++++++++++++++++++++++++ Backend/Api/Api/appsettings.json | 28 ++++++++++++++----------- 5 files changed, 86 insertions(+), 12 deletions(-) create mode 100644 Backend/Api/Api/Interfaces/IJwtService.cs create mode 100644 Backend/Api/Api/Services/JwtService.cs (limited to 'Backend/Api') diff --git a/Backend/Api/Api/Api.csproj b/Backend/Api/Api/Api.csproj index eeacb93..5f63f8e 100644 --- a/Backend/Api/Api/Api.csproj +++ b/Backend/Api/Api/Api.csproj @@ -7,8 +7,10 @@ + + diff --git a/Backend/Api/Api/Interfaces/IJwtService.cs b/Backend/Api/Api/Interfaces/IJwtService.cs new file mode 100644 index 0000000..075ea6c --- /dev/null +++ b/Backend/Api/Api/Interfaces/IJwtService.cs @@ -0,0 +1,9 @@ +using Api.Models; + +namespace Api.Interfaces +{ + public interface IJwtService + { + Task GenToken(User user); + } +} \ No newline at end of file diff --git a/Backend/Api/Api/Program.cs b/Backend/Api/Api/Program.cs index 7ae8798..2c2a444 100644 --- a/Backend/Api/Api/Program.cs +++ b/Backend/Api/Api/Program.cs @@ -1,7 +1,10 @@ +using System.Text; using Api.Database; using Api.Interfaces; using Api.Services; +using Microsoft.AspNetCore.Authentication.JwtBearer; using Microsoft.Extensions.Options; +using Microsoft.IdentityModel.Tokens; using MongoDB.Driver; var builder = WebApplication.CreateBuilder(args); @@ -19,6 +22,24 @@ builder.Services.AddSingleton(s => builder.Services.AddScoped(); + + + +//Add Authentication +builder.Services.AddAuthentication( + JwtBearerDefaults.AuthenticationScheme).AddJwtBearer(options => { + options.TokenValidationParameters = new TokenValidationParameters + { + ValidateIssuerSigningKey = true, + IssuerSigningKey = new SymmetricSecurityKey(Encoding.ASCII.GetBytes(builder.Configuration.GetSection("AppSettings:JwtToken").Value)), + ValidateIssuer = false, + ValidateAudience = false + }; + + }); + + + builder.Services.AddControllers(); // Learn more about configuring Swagger/OpenAPI at https://aka.ms/aspnetcore/swashbuckle builder.Services.AddEndpointsApiExplorer(); @@ -35,6 +56,9 @@ if (app.Environment.IsDevelopment()) app.UseAuthorization(); +//Add Authentication +app.UseAuthentication(); + app.MapControllers(); app.Run(); diff --git a/Backend/Api/Api/Services/JwtService.cs b/Backend/Api/Api/Services/JwtService.cs new file mode 100644 index 0000000..0700619 --- /dev/null +++ b/Backend/Api/Api/Services/JwtService.cs @@ -0,0 +1,35 @@ +using System.Data; +using System.IdentityModel.Tokens.Jwt; +using System.Security.Claims; +using System.Text; +using System.Xml.Linq; +using Api.Interfaces; +using Api.Models; +using Microsoft.Extensions.Configuration; +using Microsoft.IdentityModel.Tokens; + +namespace Api.Services +{ + public class JwtService : IJwtService + { + private readonly IConfiguration _config; + public JwtService(IConfiguration config) + { + _config = config; + } + + public async Task GenToken(User user) + { + var tokenHandler = new JwtSecurityTokenHandler(); + var key = Encoding.ASCII.GetBytes(_config.GetSection("AppSettings:JwtToken").Value); + var tokenDescriptor = new SecurityTokenDescriptor + { + Subject = new ClaimsIdentity(new[] { new Claim("id", user._id) }), + Expires = DateTime.UtcNow.AddDays(7), + SigningCredentials = new SigningCredentials(new SymmetricSecurityKey(key), SecurityAlgorithms.HmacSha256Signature) + }; + var token = tokenHandler.CreateToken(tokenDescriptor); + return tokenHandler.WriteToken(token); + } + } +} diff --git a/Backend/Api/Api/appsettings.json b/Backend/Api/Api/appsettings.json index e02ac8d..7cc504d 100644 --- a/Backend/Api/Api/appsettings.json +++ b/Backend/Api/Api/appsettings.json @@ -1,16 +1,20 @@ { - "Logging": { - "LogLevel": { - "Default": "Information", - "Microsoft.AspNetCore": "Warning" - } - }, - "AllowedHosts": "*", - "DatabaseSettings": { + "AppSettings": { + "JwtToken": "PjrVqQJ1P2VOkuWLw7NaZUluT4z7bkau" + }, + + "Logging": { + "LogLevel": { + "Default": "Information", + "Microsoft.AspNetCore": "Warning" + } + }, + "AllowedHosts": "*", + "DatabaseSettings": { - "ConnectionString": "mongodb://127.0.0.1:27017/", - "DatabaseName": "Odyssey", - "UserCollectionName": "users" + "ConnectionString": "mongodb://127.0.0.1:27017/", + "DatabaseName": "Odyssey", + "UserCollectionName": "users" - } + } } -- cgit v1.2.3 From 8bfb37503f6af6dac4bf067337d851cedace1c67 Mon Sep 17 00:00:00 2001 From: Ognjen Cirkovic Date: Thu, 27 Oct 2022 21:36:34 +0200 Subject: Omoguceno refreshovanje tokena. Dodata mogucnost da se iz jwt-a izvuce id korisnika. --- Backend/Api/Api/Interfaces/IJwtService.cs | 3 +++ Backend/Api/Api/Interfaces/IUserService.cs | 1 + Backend/Api/Api/Program.cs | 1 + Backend/Api/Api/Services/JwtService.cs | 40 +++++++++++++++++++++++++++++- Backend/Api/Api/Services/UserService.cs | 6 +++++ 5 files changed, 50 insertions(+), 1 deletion(-) (limited to 'Backend/Api') diff --git a/Backend/Api/Api/Interfaces/IJwtService.cs b/Backend/Api/Api/Interfaces/IJwtService.cs index 075ea6c..35f5843 100644 --- a/Backend/Api/Api/Interfaces/IJwtService.cs +++ b/Backend/Api/Api/Interfaces/IJwtService.cs @@ -5,5 +5,8 @@ namespace Api.Interfaces public interface IJwtService { Task GenToken(User user); + Task TokenToId(string token); + Task RenewToken(string existingToken); + } } \ No newline at end of file diff --git a/Backend/Api/Api/Interfaces/IUserService.cs b/Backend/Api/Api/Interfaces/IUserService.cs index 63fbd18..8b6f6fc 100644 --- a/Backend/Api/Api/Interfaces/IUserService.cs +++ b/Backend/Api/Api/Interfaces/IUserService.cs @@ -10,5 +10,6 @@ namespace Api.Interfaces Task getUserByUsername(String username); Task updateUser(User user); Task deleteUser(String email); + Task getUserById(string id); } } diff --git a/Backend/Api/Api/Program.cs b/Backend/Api/Api/Program.cs index 2c2a444..1059a82 100644 --- a/Backend/Api/Api/Program.cs +++ b/Backend/Api/Api/Program.cs @@ -21,6 +21,7 @@ builder.Services.AddSingleton(s => new MongoClient(builder.Configuration.GetValue("DatabaseSettings:ConnectionString"))); builder.Services.AddScoped(); +builder.Services.AddScoped(); diff --git a/Backend/Api/Api/Services/JwtService.cs b/Backend/Api/Api/Services/JwtService.cs index 0700619..a10f093 100644 --- a/Backend/Api/Api/Services/JwtService.cs +++ b/Backend/Api/Api/Services/JwtService.cs @@ -13,9 +13,11 @@ namespace Api.Services public class JwtService : IJwtService { private readonly IConfiguration _config; - public JwtService(IConfiguration config) + private readonly IUserService _userService; + public JwtService(IConfiguration config,IUserService userService) { _config = config; + _userService = userService; } public async Task GenToken(User user) @@ -31,5 +33,41 @@ namespace Api.Services var token = tokenHandler.CreateToken(tokenDescriptor); return tokenHandler.WriteToken(token); } + public async Task TokenToId(string token) + { + if (token == null) + return null; + var tokenHandler = new JwtSecurityTokenHandler(); + var key = Encoding.ASCII.GetBytes(_config.GetSection("AppSettings:JwtToken").Value); + try + { + tokenHandler.ValidateToken(token, new TokenValidationParameters + { + ValidateIssuerSigningKey = true, + IssuerSigningKey = new SymmetricSecurityKey(key), + ValidateIssuer = false, + ValidateAudience = false, + }, out SecurityToken validatedToken); + + var jwtToken = (JwtSecurityToken)validatedToken; + return jwtToken.Claims.First(x => x.Type == "id").Value; + } + catch + { + return null; + } + + } + + public async Task RenewToken(string existingToken) + { + var id = await TokenToId(existingToken); + if (id == null) + return null; + var user = await _userService.getUserById(id); + + return await GenToken(user); + + } } } diff --git a/Backend/Api/Api/Services/UserService.cs b/Backend/Api/Api/Services/UserService.cs index 264085c..40cc507 100644 --- a/Backend/Api/Api/Services/UserService.cs +++ b/Backend/Api/Api/Services/UserService.cs @@ -40,6 +40,12 @@ namespace Api.Services return await _users.Find(_=>true).ToListAsync(); } + public async Task getUserById(string id) + { + return await _users.Find(user => user._id == id).SingleAsync(); + + } + public async Task updateUser(User user) { /* vraca broj izmenjenih korisnika -- cgit v1.2.3