hmaxnl/DotBased
1
1
Fork 0
mirror of https://github.com/hmaxnl/DotBased.git synced 2025-06-06 16:36:19 +02:00
Code Issues 3 Actions Packages Projects 1 Releases Wiki Activity

[WIP]

Browse Source
This commit is contained in:
max 2025-05-18 22:36:12 +02:00
parent 217c55df00
commit 333cf66cb4
4 changed files with 99 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

81
DotBased.AspNet.Authority/Handlers/AuthorityLoginAuthenticationHandler.cs
View File

@ -1,3 +1,5 @@
using System.Buffers.Text;
using System.Net.Http.Headers;
using System.Security.Claims; using System.Security.Claims;
using System.Text.Encodings.Web; using System.Text.Encodings.Web;
using DotBased.AspNet.Authority.Managers; using DotBased.AspNet.Authority.Managers;
@ -5,6 +7,7 @@ using DotBased.AspNet.Authority.Models.Options.Auth;
using Microsoft.AspNetCore.Authentication; using Microsoft.AspNetCore.Authentication;
using Microsoft.Extensions.Logging; using Microsoft.Extensions.Logging;
using Microsoft.Extensions.Options; using Microsoft.Extensions.Options;
using Microsoft.Extensions.Primitives;
namespace DotBased.AspNet.Authority.Handlers; namespace DotBased.AspNet.Authority.Handlers;
@ -19,9 +22,81 @@ public class AuthorityLoginAuthenticationHandler(IOptionsMonitor<AuthorityLoginO
// Validate credentials // Validate credentials
protected override async Task<AuthenticateResult> HandleAuthenticateAsync() protected override async Task<AuthenticateResult> HandleAuthenticateAsync()
{ {
//TODO: Check headers for login credentials. var authResult = GetBasicAuthorization(out var email, out var password);
/*var ticket = new AuthenticationTicket(new ClaimsPrincipal(), Scheme.Name);*/ if (authResult != null || string.IsNullOrEmpty(email) || string.IsNullOrEmpty(password))
var result = AuthenticateResult.Fail("No login found!"); {
return AuthenticateResult.Fail(authResult ?? "Failed to get basic authorization from header.");
}
var userResult = await manager.GetUserByEmailAsync(email);
if (userResult is { IsSuccess: false, Error: not null })
{
return AuthenticateResult.Fail(userResult.Error.Description);
}
var user = userResult.Value;
var passwordValidateResult = await manager.ValidatePasswordAsync(user, password);
if (!passwordValidateResult.IsSuccess)
{
return AuthenticateResult.Fail(passwordValidateResult.Error?.Description ?? "Failed to validate password.");
}
var identityClaims = new List<Claim>();
var rolesResult = await manager.GetAllUserRolesAsync(user);
if (rolesResult.IsSuccess)
{
var roles = rolesResult.Value;
foreach (var authorityRole in roles)
{
identityClaims.Add(new Claim(ClaimTypes.Role, authorityRole.Name));
}
}
var principal = new ClaimsPrincipal(new ClaimsIdentity(identityClaims, Scheme.Name));
var ticket = new AuthenticationTicket(principal, Scheme.Name);
var result = AuthenticateResult.Success(ticket);
return result; return result;
} }
private string? GetBasicAuthorization(out string? email, out string? password)
{
email = null;
password = null;
if (StringValues.IsNullOrEmpty(Context.Request.Headers.Authorization))
{
return "Missing authorization header";
}
var basicAuth = string.Empty;
foreach (var authorizationValue in Context.Request.Headers.Authorization)
{
if (string.IsNullOrWhiteSpace(authorizationValue))
{
continue;
}
if (AuthenticationHeaderValue.TryParse(authorizationValue, out var basicAuthHeader) && !string.IsNullOrWhiteSpace(basicAuthHeader.Parameter))
{
basicAuth = basicAuthHeader.Parameter;
}
}
if (!Base64.IsValid(basicAuth))
{
return "Invalid basic authorization data!";
}
var base64Auth = Convert.FromBase64String(basicAuth);
var decodedAuth = System.Text.Encoding.UTF8.GetString(base64Auth);
var parts = decodedAuth.Split(':');
if (parts.Length != 2)
{
return "No email and/or password found!";
}
email = parts[0];
password = parts[1];
return null;
}
} }

16
DotBased.AspNet.Authority/Managers/AuthorityUserManager.cs
View File

@ -36,6 +36,22 @@ public partial class AuthorityManager
return errors.Count > 0 ? ValidationResult.Fail(errors) : ValidationResult.Success(); return errors.Count > 0 ? ValidationResult.Fail(errors) : ValidationResult.Success();
} }
public async Task<Result<AuthorityUser>> GetUserByEmailAsync(string email)
{
if (string.IsNullOrEmpty(email))
{
return ResultError.Fail("No email given.");
}
var user = await userRepository.GetUserByEmailAsync(email);
if (user == null)
{
return ResultError.Fail("No user found with given email.");
}
return user;
}
public async Task<Result<QueryItems<AuthorityUserItem>>> SearchUsersAsync(string query, int maxResults = 20, int offset = 0, CancellationToken cancellationToken = default) public async Task<Result<QueryItems<AuthorityUserItem>>> SearchUsersAsync(string query, int maxResults = 20, int offset = 0, CancellationToken cancellationToken = default)
{ {
var result = await UserRepository.GetUsersAsync(maxResults, offset, query, cancellationToken); var result = await UserRepository.GetUsersAsync(maxResults, offset, query, cancellationToken);

1
TestWebApi/Program.cs
View File

@ -34,6 +34,7 @@ builder.Services.AddAuthority()
.AddAuthorityAuth(options => .AddAuthorityAuth(options =>
{ {
options.DefaultScheme = AuthorityDefaults.Scheme.Authority.AuthenticationScheme; options.DefaultScheme = AuthorityDefaults.Scheme.Authority.AuthenticationScheme;
options.DefaultAuthenticateScheme = AuthorityDefaults.Scheme.Authority.AuthenticationScheme;
options.DefaultSignInScheme = AuthorityDefaults.Scheme.Cookie.AuthenticationScheme; options.DefaultSignInScheme = AuthorityDefaults.Scheme.Cookie.AuthenticationScheme;
options.DefaultSignOutScheme = AuthorityDefaults.Scheme.Cookie.AuthenticationScheme; options.DefaultSignOutScheme = AuthorityDefaults.Scheme.Cookie.AuthenticationScheme;
options.SchemeInfoMap = [ options.SchemeInfoMap = [

4
TestWebApi/TestWebApi.csproj
View File

@ -25,4 +25,8 @@
<ProjectReference Include="..\DotBased\DotBased.csproj" /> <ProjectReference Include="..\DotBased\DotBased.csproj" />
</ItemGroup> </ItemGroup>
<ItemGroup>
<Folder Include="Migrations\" />
</ItemGroup>
</Project> </Project>