DiunaBI/WebAPI/Controllers/AuthController.cs

using Google.Apis.Auth;
using Google.Apis.Http;
using Microsoft.AspNetCore.Authorization;
using Microsoft.AspNetCore.Mvc;
using Microsoft.Extensions.Configuration;
using Microsoft.Identity.Client.Platforms.Features.DesktopOs.Kerberos;
using Microsoft.IdentityModel.Tokens;
using System.Configuration;
using System.IdentityModel.Tokens.Jwt;
using System.Security.Claims;
using System.Text;
using WebAPI.Models;

namespace WebAPI.Controllers
{
    [ApiController]
    [Route("api/[controller]")]
    // [Authorize]
    public class AuthController : Controller
    {
        private readonly AppDbContext db;
        private readonly IConfiguration configuration;
        public AuthController(
            AppDbContext _db, IConfiguration _configuration)
        { db = _db; configuration = _configuration; }

        [HttpPost]
        [Route("apiToken")]
        public async Task<IActionResult> apiToken([FromBody] string credential)
        {
            var settings = new GoogleJsonWebSignature.ValidationSettings()
            {
                Audience = new List<string> { configuration.GetValue<string>("GoogleClientId") }
            };
            var payload = await GoogleJsonWebSignature.ValidateAsync(credential, settings);
            var user = db.Users.Where(x => x.Email == payload.Email).FirstOrDefault();
            if (user != null)
            {
                return Ok(JWTGenerator(user));
            }
            else
            {
                return Unauthorized();
            }
        }

        private dynamic JWTGenerator(User user)
        {
            var key = Encoding.ASCII.GetBytes(configuration.GetValue<string>("Secret"));
            var expirationTime = DateTime.UtcNow.AddMinutes(5);
            var tokenDescriptor = new SecurityTokenDescriptor
            {
                Subject = new ClaimsIdentity(new[]
                {
                new Claim("Id", Guid.NewGuid().ToString()),
                new Claim(JwtRegisteredClaimNames.Sub, user.Id.ToString()),
                new Claim(JwtRegisteredClaimNames.Jti,
                Guid.NewGuid().ToString())
             }),
                Expires = expirationTime,
                SigningCredentials = new SigningCredentials
                (new SymmetricSecurityKey(key),
                SecurityAlgorithms.HmacSha512Signature)
            };
            var tokenHandler = new JwtSecurityTokenHandler();
            var token = tokenHandler.CreateToken(tokenDescriptor);
            var jwtToken = tokenHandler.WriteToken(token);
            var stringToken = tokenHandler.WriteToken(token);
            return new { token = stringToken, id = user.Id, expirationTime };
        }
    }
}
WIP: backend protection 2022-12-06 12:27:09 +01:00			`using Google.Apis.Auth;`
			`using Google.Apis.Http;`
Backend authentication 2022-12-09 00:14:05 +01:00			`using Microsoft.AspNetCore.Authorization;`
WIP: backend protection 2022-12-06 12:27:09 +01:00			`using Microsoft.AspNetCore.Mvc;`
			`using Microsoft.Extensions.Configuration;`
			`using Microsoft.Identity.Client.Platforms.Features.DesktopOs.Kerberos;`
			`using Microsoft.IdentityModel.Tokens;`
			`using System.Configuration;`
			`using System.IdentityModel.Tokens.Jwt;`
			`using System.Security.Claims;`
			`using System.Text;`
			`using WebAPI.Models;`

			`namespace WebAPI.Controllers`
			`{`
			`[ApiController]`
			`[Route("api/[controller]")]`
Backend authentication 2022-12-09 00:14:05 +01:00			`// [Authorize]`
WIP: backend protection 2022-12-06 12:27:09 +01:00			`public class AuthController : Controller`
			`{`
			`private readonly AppDbContext db;`
			`private readonly IConfiguration configuration;`
			`public AuthController(`
			`AppDbContext _db, IConfiguration _configuration)`
			`{ db = _db; configuration = _configuration; }`

			`[HttpPost]`
			`[Route("apiToken")]`
			`public async Task<IActionResult> apiToken([FromBody] string credential)`
			`{`
			`var settings = new GoogleJsonWebSignature.ValidationSettings()`
			`{`
			`Audience = new List<string> { configuration.GetValue<string>("GoogleClientId") }`
			`};`
			`var payload = await GoogleJsonWebSignature.ValidateAsync(credential, settings);`
			`var user = db.Users.Where(x => x.Email == payload.Email).FirstOrDefault();`
			`if (user != null)`
			`{`
			`return Ok(JWTGenerator(user));`
			`}`
			`else`
			`{`
Login fix and rename columns in DB 2022-12-19 18:36:57 +01:00			`return Unauthorized();`
WIP: backend protection 2022-12-06 12:27:09 +01:00			`}`
			`}`

			`private dynamic JWTGenerator(User user)`
			`{`
			`var key = Encoding.ASCII.GetBytes(configuration.GetValue<string>("Secret"));`
Restore API token if expired 2023-01-12 18:14:40 +01:00			`var expirationTime = DateTime.UtcNow.AddMinutes(5);`
WIP: backend protection 2022-12-06 12:27:09 +01:00			`var tokenDescriptor = new SecurityTokenDescriptor`
			`{`
Backend authentication 2022-12-09 00:14:05 +01:00			`Subject = new ClaimsIdentity(new[]`
			`{`
			`new Claim("Id", Guid.NewGuid().ToString()),`
Save DataSet 2022-12-21 18:35:26 +01:00			`new Claim(JwtRegisteredClaimNames.Sub, user.Id.ToString()),`
Backend authentication 2022-12-09 00:14:05 +01:00			`new Claim(JwtRegisteredClaimNames.Jti,`
			`Guid.NewGuid().ToString())`
			`}),`
Refresh api token 2023-01-08 18:19:49 +01:00			`Expires = expirationTime,`
Backend authentication 2022-12-09 00:14:05 +01:00			`SigningCredentials = new SigningCredentials`
			`(new SymmetricSecurityKey(key),`
			`SecurityAlgorithms.HmacSha512Signature)`
WIP: backend protection 2022-12-06 12:27:09 +01:00			`};`
Backend authentication 2022-12-09 00:14:05 +01:00			`var tokenHandler = new JwtSecurityTokenHandler();`
WIP: backend protection 2022-12-06 12:27:09 +01:00			`var token = tokenHandler.CreateToken(tokenDescriptor);`
Backend authentication 2022-12-09 00:14:05 +01:00			`var jwtToken = tokenHandler.WriteToken(token);`
			`var stringToken = tokenHandler.WriteToken(token);`
Refresh api token 2023-01-08 18:19:49 +01:00			`return new { token = stringToken, id = user.Id, expirationTime };`
WIP: backend protection 2022-12-06 12:27:09 +01:00			`}`
			`}`
			`}`