sherl/QuotifyBE
1
0
Fork 0
mirror of https://github.com/QuotifyTeam/QuotifyBE.git synced 2025-12-16 16:00:06 +01:00
Code Issues Packages Projects Releases Wiki Activity
Files
76258bc0eb8c5a60efc49d376a7fdedb4fbd233a
QuotifyBE/Controllers/GeneralUseHelperFunctions.cs

136 lines
4.1 KiB
C#
Raw Blame History

using Microsoft.EntityFrameworkCore;
using Microsoft.IdentityModel.Tokens;
using QuotifyBE.Data;
using QuotifyBE.Entities;
using System.IdentityModel.Tokens.Jwt;
using System.Security.Claims;
using System.Security.Cryptography;
using System.Text;
namespace QuotifyBE.Controllers;
public class GeneralUseHelpers(ApplicationDbContext db, IConfiguration appsettings)
{
private readonly ApplicationDbContext _db = db;
private readonly IConfiguration _appsettings = appsettings;
// Allows to check whether the user is of role present in roles.
// Example:
// For user with role 0,
// - IsUser(["Manager"], req) yields false
// - IsUser(["Admin"], req) yields true
// - IsUser(["Admin", "Manager"], req) yields true because the user is an admin
public bool IsUser(string[] roles, HttpRequest req)
{
// Get the user to read its roles
User? user = GetUserFromToken(req.Headers.Authorization!);
if (user == null) {
return false;
}
foreach (var role in roles)
{
if (string.IsNullOrEmpty(role))
{
continue;
}
switch (role)
{
case "Admin":
if (user.Role == 0)
return true;
break;
case "Manager":
if (user.Role == 1)
return true;
break;
case "Pracownik":
if (user.Role == 2)
return true;
break;
default:
continue;
}
}
return false;
}
public string UserRoleAsStr(User user)
{
switch (user.Role)
{
case 0:
return "Admin";
case 1:
return "Manager";
case 2:
return "Pracownik";
default:
return "Unknown role";
}
}
public User? GetUserFromToken(string token)
{
if (token.StartsWith("Bearer ", StringComparison.OrdinalIgnoreCase))
{
token = token.Substring("Bearer ".Length).Trim();
}
var handler = new JwtSecurityTokenHandler();
var jwtSecurityToken = handler.ReadJwtToken(token);
if (int.TryParse(jwtSecurityToken.Subject, out int userId))
{
return _db.Users.FirstOrDefault(u => u.Id == userId);
}
return null;
}
async public Task<User?> GetUserFromEmail(string email)
{
return await _db.Users.FirstOrDefaultAsync(e => e.Email == email);
}
public string HashWithSHA512(string s)
{
using (var sha512 = SHA512.Create())
{
byte[] bytes = Encoding.ASCII.GetBytes(s);
byte[] hash = sha512.ComputeHash(bytes);
string hashstring = BitConverter.ToString(hash).Replace("-", "").ToLower();
return hashstring;
}
}
public string GenerateJwtToken(User user)
{
var claims = new[]
{
new Claim(JwtRegisteredClaimNames.Sub, user.Id.ToString()),
new Claim(JwtRegisteredClaimNames.Jti, Guid.NewGuid().ToString())
};
var key = new SymmetricSecurityKey(
Encoding.UTF8.GetBytes(
// JwtSecret won't be null here - otherwise Program.cs wouldn't start
_appsettings["JwtSecret"]!
)
);
var creds = new SigningCredentials(key, SecurityAlgorithms.HmacSha256);
var token = new JwtSecurityToken(
issuer: _appsettings["DomainName"]!,
audience: _appsettings["DomainName"]!,
claims: claims,
// https://stackoverflow.com/questions/21978658/invalidating-json-web-tokens#comment45057142_23089839
// small validity timeframe is important for invalidating tokens after a user changed their password
expires: DateTime.Now.AddMinutes(5),
signingCredentials: creds
);
return new JwtSecurityTokenHandler().WriteToken(token);
}
}
Reference in New Issue View Git Blame Copy Permalink