Merge branch 'backend-auth' of http://gitlab.pmf.kg.ac.rs/igrannonica/neuronstellar into backend

# Conflicts: # backend/api/api/appsettings.json
author: Danijel Andjelkovic <adanijel99@gmail.com> 2022-03-07 18:58:50 +0100
committer: Danijel Andjelkovic <adanijel99@gmail.com> 2022-03-07 18:58:50 +0100
commit: b2e87a1085eee4bb60eb1db9abb29dd83118ac5a (patch)
tree: 0f89e7a58947a8d6ca693c90ef8a3cca41d4f057 /backend
parent: 82e3539f71e9a13ff5b1a0f63e2bd9bc1588344c (diff)
parent: 716754330e70a61ed0cb119d24a54e7bc7b4736b (diff)
8 files changed, 180 insertions, 7 deletions
diff --git a/backend/api/api/Controllers/AuthController.cs b/backend/api/api/Controllers/AuthController.cs
new file mode 100644
index 00000000..1f47067f
--- /dev/null
+++ b/backend/api/api/Controllers/AuthController.cs
@@ -0,0 +1,34 @@
+using api.Models.Users;
+using Microsoft.AspNetCore.Http;
+using Microsoft.AspNetCore.Mvc;
+using api.Services;
+
+namespace api.Controllers
+{
+    [Route("api/[controller]")]
+    [ApiController]
+    public class AuthController : ControllerBase
+    {
+        private AuthService _auth;
+        public AuthController(IConfiguration configuration)
+        {
+            _auth=new AuthService(configuration);
+        }
+
+        [HttpPost("register")]
+        public async Task<ActionResult<string>> Register(RegisterRequest user)
+        {
+            
+            return Ok(_auth.Register(user));
+        }
+
+        [HttpPost("login")]
+        public async Task<ActionResult<string>> Login(AuthRequest user)
+        {
+            
+            return Ok(_auth.Login(user));
+        }
+
+
+    }
+}
diff --git a/backend/api/api/Models/JwtToken.cs b/backend/api/api/Models/JwtToken.cs
new file mode 100644
index 00000000..23307185
--- /dev/null
+++ b/backend/api/api/Models/JwtToken.cs
@@ -0,0 +1,37 @@
+using System.IdentityModel.Tokens.Jwt;
+using System.Security.Claims;
+using System.Text;
+using api.Models.Users;
+using Microsoft.IdentityModel.Tokens;
+
+namespace api.Models
+{
+    public class JwtToken
+    {
+        private readonly IConfiguration _configuration;
+
+        public JwtToken(IConfiguration configuration)
+        {
+            _configuration = configuration;
+        }
+        
+        public string GenToken(AuthRequest user)
+        {
+            var tokenHandler = new JwtSecurityTokenHandler();
+            var key = Encoding.ASCII.GetBytes(_configuration.GetSection("AppSettings:JwtToken").Value);
+            var tokenDescriptor = new SecurityTokenDescriptor
+            {
+                Subject = new ClaimsIdentity(new[] { new Claim("name", user.UserName),
+                                                    new Claim("role", "User")}),
+                Expires = DateTime.UtcNow.AddDays(1),
+                SigningCredentials = new SigningCredentials(new SymmetricSecurityKey(key), SecurityAlgorithms.HmacSha256Signature)
+            };
+            var token = tokenHandler.CreateToken(tokenDescriptor);
+            return tokenHandler.WriteToken(token);
+
+        }
+
+
+
+    }
+}
diff --git a/backend/api/api/Models/PasswordCrypt.cs b/backend/api/api/Models/PasswordCrypt.cs
new file mode 100644
index 00000000..016fde51
--- /dev/null
+++ b/backend/api/api/Models/PasswordCrypt.cs
@@ -0,0 +1,27 @@
+namespace api.Models
+{
+    public class PasswordCrypt
+    {
+        private static int difficulty = 10;
+
+        public static String hashPassword(String password)
+        {
+            String salt = BCrypt.Net.BCrypt.GenerateSalt(difficulty);
+            String passwordHash = BCrypt.Net.BCrypt.HashPassword(password, salt);
+
+            return passwordHash;
+        }
+        public static Boolean checkPassword(String plainText,String hash)
+        {
+            Boolean verified = false;
+
+            if (hash == null || !hash.StartsWith("$2a$"))
+                throw new ArgumentException("invalid hash");
+
+            verified=BCrypt.Net.BCrypt.Verify(plainText, hash);
+
+            return verified;
+            
+        }
+    }
+}
diff --git a/backend/api/api/Models/Users/AuthRequest.cs b/backend/api/api/Models/Users/AuthRequest.cs
new file mode 100644
index 00000000..fbf2412d
--- /dev/null
+++ b/backend/api/api/Models/Users/AuthRequest.cs
@@ -0,0 +1,13 @@
+using System.ComponentModel.DataAnnotations;
+
+namespace api.Models.Users
+{
+    public class AuthRequest
+    {
+        [Required]
+        public string UserName { get; set; }
+        [Required]
+        public string Password { get; set; }
+
+    }
+}
diff --git a/backend/api/api/Models/Users/RegisterRequest.cs b/backend/api/api/Models/Users/RegisterRequest.cs
new file mode 100644
index 00000000..675d571d
--- /dev/null
+++ b/backend/api/api/Models/Users/RegisterRequest.cs
@@ -0,0 +1,23 @@
+using System.ComponentModel.DataAnnotations;
+
+namespace api.Models.Users
+{
+    public class RegisterRequest
+    {
+        [Required]
+        public string firstName { get; set; }
+
+        [Required] 
+        public string lastName { get; set; }
+
+        [Required] 
+        public string username { get; set; }
+
+        [Required]
+        public string email { get; set; }
+
+        [Required]
+        public string password { get; set; }
+
+    }
+}
diff --git a/backend/api/api/Services/AuthService.cs b/backend/api/api/Services/AuthService.cs
new file mode 100644
index 00000000..1a901cb8
--- /dev/null
+++ b/backend/api/api/Services/AuthService.cs
@@ -0,0 +1,36 @@
+using api.Models;
+using api.Models.Users;
+
+namespace api.Services
+{
+    public class AuthService
+    {
+        private JwtToken _jwt;
+        private readonly IConfiguration _configuration;
+        public AuthService(IConfiguration configuration)
+        {
+            _configuration = configuration;
+            _jwt = new JwtToken(_configuration);
+        }
+        public string Login(AuthRequest user)
+        {
+            //Check username in DB
+
+            //Verify password
+
+            //gen token
+
+            return _jwt.GenToken(user);
+
+        }
+        public RegisterRequest Register(RegisterRequest user)
+        {
+            //check for existing email and username
+            user.password = PasswordCrypt.hashPassword(user.password);
+            //Add to DB. TO DO
+            return user;
+        }
+
+
+    }
+}
diff --git a/backend/api/api/api.csproj b/backend/api/api/api.csproj
index d4cc5552..1451fa77 100644
--- a/backend/api/api/api.csproj
+++ b/backend/api/api/api.csproj
@@ -1,4 +1,4 @@
-<Project Sdk="Microsoft.NET.Sdk.Web">
+<Project Sdk="Microsoft.NET.Sdk.Web">
 
   <PropertyGroup>
     <TargetFramework>net6.0</TargetFramework>
@@ -7,7 +7,9 @@
   </PropertyGroup>
 
   <ItemGroup>
-    <Folder Include="Controllers\" />
+    <PackageReference Include="BCrypt.Net-Next" Version="4.0.3" />
+    <PackageReference Include="Microsoft.IdentityModel.Tokens" Version="6.16.0" />
+    <PackageReference Include="System.IdentityModel.Tokens.Jwt" Version="6.16.0" />
   </ItemGroup>
 
   <ItemGroup>
diff --git a/backend/api/api/appsettings.json b/backend/api/api/appsettings.json
index 7a5b7f7a..b9144d93 100644
--- a/backend/api/api/appsettings.json
+++ b/backend/api/api/appsettings.json
@@ -1,4 +1,7 @@
 {
+  "AppSettings": {
+    "JwtToken": "2mnttqPtRb4GIWHFtagm"
+  },
   "Logging": {
     "LogLevel": {
       "Default": "Information",
@@ -6,12 +9,10 @@
     }
   },
   "AllowedHosts": "*",
-
   "MongoDb": {
-    "ConnectionURI": "mongodb+srv://LINKIKKKKKKK"
-    "DatabaseName": ""
-      "CollectionName": ""
+    "ConnectionURI": "mongodb+srv://LINKIKKKKKKK",
+    "DatabaseName": "",
+    "CollectionName": ""
 
   }
-
 }
author	Danijel Andjelkovic <adanijel99@gmail.com>	2022-03-07 18:58:50 +0100
committer	Danijel Andjelkovic <adanijel99@gmail.com>	2022-03-07 18:58:50 +0100
commit	b2e87a1085eee4bb60eb1db9abb29dd83118ac5a (patch)
tree	0f89e7a58947a8d6ca693c90ef8a3cca41d4f057 /backend
parent	82e3539f71e9a13ff5b1a0f63e2bd9bc1588344c (diff)
parent	716754330e70a61ed0cb119d24a54e7bc7b4736b (diff)