[a26f6a1] | 1 | namespace backend.Services;
|
---|
[b66b3ac] | 2 |
|
---|
[057037b] | 3 | using backend.Data;
|
---|
| 4 | using backend.DTOs;
|
---|
[a26f6a1] | 5 | using backend.Email;
|
---|
[b66b3ac] | 6 | using backend.Entities;
|
---|
| 7 | using backend.Helpers;
|
---|
| 8 | using backend.Models;
|
---|
[057037b] | 9 | using Microsoft.EntityFrameworkCore;
|
---|
[b66b3ac] | 10 | using Microsoft.Extensions.Options;
|
---|
| 11 | using Microsoft.IdentityModel.Tokens;
|
---|
| 12 | using System.IdentityModel.Tokens.Jwt;
|
---|
| 13 | using System.Security.Claims;
|
---|
[a26f6a1] | 14 | using System.Security.Cryptography;
|
---|
| 15 | using System.Text;
|
---|
[b66b3ac] | 16 |
|
---|
| 17 | public interface IUserService
|
---|
| 18 | {
|
---|
[057037b] | 19 | Task<AuthenticateResponse> Authenticate(AuthenticateRequest model);
|
---|
[899b19d] | 20 | Task<AuthenticateResponse> Register(CreateUserRequest req, bool isFirst);
|
---|
[057037b] | 21 | Task<User> GetById(int id);
|
---|
[a26f6a1] | 22 | Task SendEmailConfirmation(string email);
|
---|
| 23 | Task SendPasswordReset(string email);
|
---|
| 24 | Task ConfirmEmail(User user, string checkValid);
|
---|
| 25 | Task ResetPassword(string checkValid, string password);
|
---|
[b66b3ac] | 26 | }
|
---|
| 27 |
|
---|
| 28 | public class UserService : IUserService
|
---|
| 29 | {
|
---|
| 30 | private readonly AppSettings _appSettings;
|
---|
[057037b] | 31 | private readonly DataContext _context = null;
|
---|
[a26f6a1] | 32 | private readonly IEmailSender _emailSender;
|
---|
[b66b3ac] | 33 |
|
---|
[a26f6a1] | 34 | public UserService(IOptions<AppSettings> appSettings, DataContext context, IEmailSender emailSender)
|
---|
[b66b3ac] | 35 | {
|
---|
| 36 | _appSettings = appSettings.Value;
|
---|
[057037b] | 37 | _context = context;
|
---|
[a26f6a1] | 38 | _emailSender = emailSender;
|
---|
[b66b3ac] | 39 | }
|
---|
| 40 |
|
---|
[057037b] | 41 | public async Task<AuthenticateResponse> Authenticate(AuthenticateRequest model)
|
---|
[b66b3ac] | 42 | {
|
---|
[057037b] | 43 | User user = await _context.Users.FirstOrDefaultAsync(x => x.Email == model.Email && x.Password == model.Password);
|
---|
[b66b3ac] | 44 |
|
---|
| 45 | // return null if user not found
|
---|
| 46 | if (user == null) return null;
|
---|
| 47 |
|
---|
| 48 | // authentication successful so generate jwt token
|
---|
| 49 | var token = generateJwtToken(user);
|
---|
| 50 |
|
---|
[a26f6a1] | 51 | return new AuthenticateResponse { Email = user.Email, Id = user.Id, Token = token, IsAdmin = user.IsAdmin, IsConfirmed = user.IsConfirmed};
|
---|
| 52 | }
|
---|
| 53 |
|
---|
| 54 | public async Task ConfirmEmail(User user, string checkValid)
|
---|
| 55 | {
|
---|
| 56 | if(user.ConfirmationURL != checkValid)
|
---|
| 57 | {
|
---|
| 58 | throw new Exception("Invalid check");
|
---|
| 59 | }
|
---|
| 60 | if(user.ConfirmationValidTo < DateTime.UtcNow)
|
---|
| 61 | {
|
---|
| 62 | throw new Exception("Link expired");
|
---|
| 63 | }
|
---|
| 64 |
|
---|
| 65 | user.IsConfirmed = true;
|
---|
| 66 | _context.Users.Update(user);
|
---|
| 67 | await _context.SaveChangesAsync();
|
---|
[057037b] | 68 | }
|
---|
| 69 |
|
---|
| 70 | public async Task<User> GetById(int id)
|
---|
| 71 | {
|
---|
| 72 | return await _context.Users.FindAsync(id);
|
---|
[b66b3ac] | 73 | }
|
---|
| 74 |
|
---|
[899b19d] | 75 | public async Task<AuthenticateResponse> Register(CreateUserRequest req, bool isFirst)
|
---|
[b66b3ac] | 76 | {
|
---|
[a26f6a1] | 77 | User user = new User() { Email = req.Email, Password = req.Password, IsAdmin = isFirst, IsConfirmed = false };
|
---|
[057037b] | 78 | await _context.Users.AddAsync(user);
|
---|
| 79 | await _context.SaveChangesAsync();
|
---|
| 80 | var token = generateJwtToken(user);
|
---|
[a26f6a1] | 81 | return new AuthenticateResponse { Email = user.Email, Id = user.Id, Token = token, IsAdmin = user.IsAdmin, IsConfirmed = false };
|
---|
| 82 | }
|
---|
| 83 |
|
---|
| 84 | public async Task ResetPassword(string checkValid, string password)
|
---|
| 85 | {
|
---|
| 86 | var user = await _context.Users.Where(x => x.PasswordResetURL == checkValid).FirstOrDefaultAsync();
|
---|
| 87 | if (user == null)
|
---|
| 88 | {
|
---|
| 89 | throw new Exception("Invalid check");
|
---|
| 90 | }
|
---|
| 91 | if (user.PasswordResetValidTo < DateTime.UtcNow)
|
---|
| 92 | {
|
---|
| 93 | throw new Exception("Link expired");
|
---|
| 94 | }
|
---|
| 95 |
|
---|
| 96 | user.Password = password;
|
---|
| 97 | _context.Users.Update(user);
|
---|
| 98 | await _context.SaveChangesAsync();
|
---|
| 99 | }
|
---|
| 100 |
|
---|
| 101 | public async Task SendEmailConfirmation(string email)
|
---|
| 102 | {
|
---|
| 103 | User user = await _context.Users.FirstOrDefaultAsync(x => x.Email == email);
|
---|
| 104 | user.ConfirmationURL = Guid.NewGuid().ToString();
|
---|
| 105 | user.ConfirmationValidTo = DateTime.UtcNow.AddHours(24);
|
---|
| 106 | _context.Users.Update(user);
|
---|
| 107 | await _context.SaveChangesAsync();
|
---|
| 108 | await _emailSender.SendEmailAsync(
|
---|
| 109 | "Потврдете го вашиот емаил",
|
---|
| 110 | "Ве молиме кликнете на следниот линк за да го потврдите вашиот емаил: http://localhost:3000/confirm?id=" + user.ConfirmationURL,
|
---|
| 111 | email);
|
---|
| 112 | }
|
---|
| 113 |
|
---|
| 114 | public async Task SendPasswordReset(string email)
|
---|
| 115 | {
|
---|
| 116 | User user = await _context.Users.FirstOrDefaultAsync(x => x.Email == email);
|
---|
| 117 | user.PasswordResetURL = Guid.NewGuid().ToString();
|
---|
| 118 | user.PasswordResetValidTo = DateTime.UtcNow.AddHours(24);
|
---|
| 119 | _context.Users.Update(user);
|
---|
| 120 | await _context.SaveChangesAsync();
|
---|
| 121 | await _emailSender.SendEmailAsync(
|
---|
| 122 | "Ресетирајте ја лозинката",
|
---|
| 123 | "Ве молиме кликнете на следниот линк за да ја ресетирате лозинката: http://localhost:3000/reset?id=" + user.PasswordResetURL,
|
---|
| 124 | email);
|
---|
[b66b3ac] | 125 | }
|
---|
| 126 |
|
---|
| 127 | private string generateJwtToken(User user)
|
---|
| 128 | {
|
---|
| 129 | // generate token that is valid for 7 days
|
---|
| 130 | var tokenHandler = new JwtSecurityTokenHandler();
|
---|
[057037b] | 131 | var key = System.Text.Encoding.ASCII.GetBytes(_appSettings.Secret);
|
---|
[b66b3ac] | 132 | var tokenDescriptor = new SecurityTokenDescriptor
|
---|
| 133 | {
|
---|
| 134 | Subject = new ClaimsIdentity(new[] { new Claim("id", user.Id.ToString()) }),
|
---|
| 135 | Expires = DateTime.UtcNow.AddDays(7),
|
---|
| 136 | SigningCredentials = new SigningCredentials(new SymmetricSecurityKey(key), SecurityAlgorithms.HmacSha256Signature)
|
---|
| 137 | };
|
---|
| 138 | var token = tokenHandler.CreateToken(tokenDescriptor);
|
---|
| 139 | return tokenHandler.WriteToken(token);
|
---|
| 140 | }
|
---|
[a26f6a1] | 141 |
|
---|
| 142 | private string sha256Hash(String value)
|
---|
| 143 | {
|
---|
| 144 | using (SHA256 hash = SHA256.Create())
|
---|
| 145 | {
|
---|
| 146 | return String.Concat(hash
|
---|
| 147 | .ComputeHash(Encoding.UTF8.GetBytes(value))
|
---|
| 148 | .Select(item => item.ToString("x2")));
|
---|
| 149 | }
|
---|
| 150 | }
|
---|
[b66b3ac] | 151 | } |
---|