Skip to content

Instantly share code, notes, and snippets.

View evgomes's full-sized avatar

Evandro Gomes evgomes

209 followers · 13 following
View GitHub Profile
@evgomes
evgomes / UsersController.cs
Last active November 6, 2018 23:55
Create user method from JWT API.
[HttpPost]
public async Task<IActionResult> CreateUserAsync([FromBody] UserCredentialsResource userCredentials)
{
if (!ModelState.IsValid)
{
return BadRequest(ModelState);
}
var user = _mapper.Map<UserCredentialsResource, User>(userCredentials);
@evgomes
evgomes / PasswordHasher.cs
Last active November 6, 2018 23:55
Implementation of IPasswordHasher of JWT API.
public class PasswordHasher : IPasswordHasher
{
public string HashPassword(string password)
{
byte[] salt;
byte[] buffer2;
if (string.IsNullOrEmpty(password))
{
throw new ArgumentNullException("password");
}
@evgomes
evgomes / LoginController.cs
Last active November 6, 2018 23:55
Login endpoint of JWT API.
[Route("/api/login")]
[HttpPost]
public async Task<IActionResult> LoginAsync([FromBody] UserCredentialsResource userCredentials)
{
if (!ModelState.IsValid)
{
return BadRequest(ModelState);
}
var response = await _authenticationService.CreateAccessTokenAsync(userCredentials.Email, userCredentials.Password);
@evgomes
evgomes / AuthenticationService.cs
Last active November 6, 2018 23:55
Token creation method of JWT API.
public async Task<TokenResponse> CreateAccessTokenAsync(string email, string password)
{
var user = await _userService.FindByEmailAsync(email);
if (user == null || !_passwordHasher.PasswordMatches(password, user.Password))
{
return new TokenResponse(false, "Invalid credentials.", null);
}
var token = _tokenHandler.CreateAccessToken(user);
@evgomes
evgomes / appsettings.json
Last active November 6, 2018 23:55
Token options of JWT API.
"TokenOptions": {
"Audience": "SampleAudience",
"Issuer": "JWPAPI",
"AccessTokenExpiration": 30,
"RefreshTokenExpiration": 60
},
@evgomes
evgomes / TokenHandler.cs
Last active July 31, 2018 01:48
Create token method from the token handler of JWT API.
public AccessToken CreateAccessToken(User user)
{
var refreshToken = BuildRefreshToken(user);
var accessToken = BuildAccessToken(user, refreshToken);
_refreshTokens.Add(refreshToken);
return accessToken;
}
@evgomes
evgomes / TokenHandler.cs
Last active November 6, 2018 23:54
Build refresh token method from token handler of JWT API.
private RefreshToken BuildRefreshToken(User user)
{
var refreshToken = new RefreshToken
(
token : _passwordHaser.HashPassword(Guid.NewGuid().ToString()),
expiration : DateTime.UtcNow.AddSeconds(_tokenOptions.RefreshTokenExpiration).Ticks
);
return refreshToken;
}
@evgomes
evgomes / TokenHandler.cs
Last active November 6, 2018 23:54
Build access token method from the token handler of JWT API.
private AccessToken BuildAccessToken(User user, RefreshToken refreshToken)
{
var accessTokenExpiration = DateTime.UtcNow.AddSeconds(_tokenOptions.AccessTokenExpiration);
var securityToken = new JwtSecurityToken
(
issuer : _tokenOptions.Issuer,
audience : _tokenOptions.Audience,
claims : GetClaims(user),
expires : accessTokenExpiration,
@evgomes
evgomes / TokenHandler.cs
Last active November 6, 2018 23:54
Get claims method from the token handler of JWT API.
private IEnumerable<Claim> GetClaims(User user)
{
var claims = new List<Claim>
{
new Claim(JwtRegisteredClaimNames.Jti, Guid.NewGuid().ToString()),
new Claim(JwtRegisteredClaimNames.Sub, user.Email)
};
foreach (var userRole in user.UserRoles)
{
@evgomes
evgomes / SigningConfigurations.cs
Last active November 6, 2018 23:54
Signing configurations for tokens of JWT API.
public class SigningConfigurations
{
public SecurityKey Key { get; }
public SigningCredentials SigningCredentials { get; }
public SigningConfigurations()
{
using(var provider = new RSACryptoServiceProvider(2048))
{
Key = new RsaSecurityKey(provider.ExportParameters(true));