From e347b4a4092a24ff7106ffd3aca67d6ca7decca8 Mon Sep 17 00:00:00 2001
From: crupest <crupest@outlook.com>
Date: Sun, 21 Apr 2019 23:23:49 +0800
Subject: Allow ordinary user to patch his password.

---
 Timeline/Services/JwtService.cs  | 22 +++++++++++++---------
 Timeline/Services/UserService.cs | 21 +++++----------------
 2 files changed, 18 insertions(+), 25 deletions(-)

(limited to 'Timeline/Services')

diff --git a/Timeline/Services/JwtService.cs b/Timeline/Services/JwtService.cs
index 91e7f879..bf470354 100644
--- a/Timeline/Services/JwtService.cs
+++ b/Timeline/Services/JwtService.cs
@@ -7,25 +7,28 @@ using System.Linq;
 using System.Security.Claims;
 using System.Text;
 using Timeline.Configs;
+using Timeline.Entities;
 
 namespace Timeline.Services
 {
     public interface IJwtService
     {
         /// <summary>
-        /// Create a JWT token for a given user id.
+        /// Create a JWT token for a given user info.
         /// </summary>
-        /// <param name="userId">The user id used to generate token.</param>
+        /// <param name="userId">The user id contained in generate token.</param>
+        /// <param name="username">The username contained in token.</param>
+        /// <param name="roles">The roles contained in token.</param>
         /// <returns>Return the generated token.</returns>
-        string GenerateJwtToken(long userId, string[] roles);
+        string GenerateJwtToken(long userId, string username, string[] roles);
 
         /// <summary>
         /// Verify a JWT token.
         /// Return null is <paramref name="token"/> is null.
         /// </summary>
         /// <param name="token">The token string to verify.</param>
-        /// <returns>Return null if <paramref name="token"/> is null or token is invalid. Return the saved user id otherwise.</returns>
-        long? VerifyJwtToken(string token);
+        /// <returns>Return null if <paramref name="token"/> is null or token is invalid. Return the saved user info otherwise.</returns>
+        UserInfo VerifyJwtToken(string token);
 
     }
 
@@ -41,12 +44,13 @@ namespace Timeline.Services
             _logger = logger;
         }
 
-        public string GenerateJwtToken(long id, string[] roles)
+        public string GenerateJwtToken(long id, string username, string[] roles)
         {
             var jwtConfig = _jwtConfig.CurrentValue;
 
             var identity = new ClaimsIdentity();
             identity.AddClaim(new Claim(ClaimTypes.NameIdentifier, id.ToString()));
+            identity.AddClaim(new Claim(identity.NameClaimType, username));
             identity.AddClaims(roles.Select(role => new Claim(identity.RoleClaimType, role)));
 
             var tokenDescriptor = new SecurityTokenDescriptor()
@@ -67,13 +71,12 @@ namespace Timeline.Services
         }
 
 
-        public long? VerifyJwtToken(string token)
+        public UserInfo VerifyJwtToken(string token)
         {
             if (token == null)
                 return null;
 
             var config = _jwtConfig.CurrentValue;
-
             try
             {
                 var principal = _tokenHandler.ValidateToken(token, new TokenValidationParameters
@@ -87,7 +90,8 @@ namespace Timeline.Services
                     IssuerSigningKey = new SymmetricSecurityKey(Encoding.ASCII.GetBytes(config.SigningKey))
                 }, out SecurityToken validatedToken);
 
-                return long.Parse(principal.FindAll(ClaimTypes.NameIdentifier).Single().Value);
+                return new UserInfo(principal.Identity.Name,
+                    principal.FindAll(ClaimTypes.Role).Select(c => c.Value).ToArray());
             }
             catch (Exception e)
             {
diff --git a/Timeline/Services/UserService.cs b/Timeline/Services/UserService.cs
index 34eeb1ad..a0d358dd 100644
--- a/Timeline/Services/UserService.cs
+++ b/Timeline/Services/UserService.cs
@@ -101,7 +101,7 @@ namespace Timeline.Services
         /// <param name="roles">New roles. If not modify, then null.</param>
         /// <returns>Return <see cref="PatchUserResult.Success"/> if modification succeeds.
         /// Return <see cref="PatchUserResult.NotExists"/> if the user of given username doesn't exist.</returns>
-        Task<PatchUserResult> PatchUser(string username, string password, string[] roles); 
+        Task<PatchUserResult> PatchUser(string username, string password, string[] roles);
 
         /// <summary>
         /// Delete a user of given username.
@@ -148,7 +148,7 @@ namespace Timeline.Services
 
                 return new CreateTokenResult
                 {
-                    Token = _jwtService.GenerateJwtToken(user.Id, userInfo.Roles),
+                    Token = _jwtService.GenerateJwtToken(user.Id, userInfo.Username, userInfo.Roles),
                     UserInfo = userInfo
                 };
             }
@@ -161,26 +161,15 @@ namespace Timeline.Services
 
         public async Task<UserInfo> VerifyToken(string token)
         {
-            var userId = _jwtService.VerifyJwtToken(token);
+            var userInfo = _jwtService.VerifyJwtToken(token);
 
-            if (userId == null)
+            if (userInfo == null)
             {
                 _logger.LogInformation($"Verify token falied. Reason: invalid token. Token: {token} .");
                 return null;
             }
 
-            var user = await _databaseContext.Users
-                .Where(u => u.Id == userId.Value)
-                .Select(u => UserInfo.Create(u.Name, u.RoleString))
-                .SingleOrDefaultAsync();
-
-            if (user == null)
-            {
-                _logger.LogInformation($"Verify token falied. Reason: invalid user id. UserId: {userId} Token: {token} .");
-                return null;
-            }
-
-            return user;
+            return await Task.FromResult(userInfo);
         }
 
         public async Task<UserInfo> GetUser(string username)
-- 
cgit v1.2.3