Services, service registration and dependency injection for auth

2026-02-12 19:49:37 +01:00
parent 95d5f9da87
commit c7e7735075
9 changed files with 160 additions and 20 deletions
--- a/dotnet/AipsCore/Infrastructure/Persistence/Authentication/HttpUserContext.cs
+++ b/dotnet/AipsCore/Infrastructure/Persistence/Authentication/HttpUserContext.cs
@@ -0,0 +1,35 @@
+using System.Security.Claims;
+using AipsCore.Application.Abstract.UserContext;
+using AipsCore.Domain.Models.User.ValueObjects;
+using Microsoft.AspNetCore.Http;
+
+namespace AipsCore.Infrastructure.Persistence.Authentication;
+
+public class HttpUserContext : IUserContext
+{
+    private readonly IHttpContextAccessor _httpContextAccessor;
+    
+    public HttpUserContext(IHttpContextAccessor httpContextAccessor)
+    {
+        _httpContextAccessor = httpContextAccessor;
+    }
+    
+    public UserId GetCurrentUserId()
+    {
+        var user = _httpContextAccessor.HttpContext?.User;
+        
+        if (user is null || !user.Identity!.IsAuthenticated)
+        {
+            throw new UnauthorizedAccessException("User is not authenticated");
+        }
+        
+        var userIdClaim = user.FindFirst(ClaimTypes.NameIdentifier);
+
+        if (userIdClaim is null)
+        {
+            throw new UnauthorizedAccessException("User id claim not found");
+        }
+        
+        return new UserId(userIdClaim.Value);
+    }
+}
--- a/dotnet/AipsCore/Infrastructure/Persistence/Authentication/JwtSettings.cs
+++ b/dotnet/AipsCore/Infrastructure/Persistence/Authentication/JwtSettings.cs
@@ -0,0 +1,9 @@
+namespace AipsCore.Infrastructure.Persistence.Authentication;
+
+public sealed class JwtSettings
+{
+    public string Issuer { get; init; } = null!;
+    public string Audience { get; init; } = null!;
+    public string Key { get; init; } = null!;
+    public int ExpirationMinutes { get; init; } 
+}
--- a/dotnet/AipsCore/Infrastructure/Persistence/Authentication/JwtTokenProvider.cs
+++ b/dotnet/AipsCore/Infrastructure/Persistence/Authentication/JwtTokenProvider.cs
@@ -0,0 +1,44 @@
+using System.IdentityModel.Tokens.Jwt;
+using System.Security.Claims;
+using System.Text;
+using AipsCore.Application.Abstract.UserContext;
+using Microsoft.IdentityModel.Tokens;
+
+namespace AipsCore.Infrastructure.Persistence.Authentication;
+
+public class JwtTokenProvider : ITokenProvider
+{
+    private readonly JwtSettings _jwtSettings;
+    
+    public JwtTokenProvider(JwtSettings jwtSettings)
+    {
+        _jwtSettings = jwtSettings;
+    }
+    
+    public string Generate(Domain.Models.User.User user, IList<string> roles)
+    {
+        var claims = new List<Claim>
+        {
+            new Claim(ClaimTypes.NameIdentifier, user.Id.IdValue),
+            new Claim(ClaimTypes.Email, user.Email.EmailValue)
+        };
+        
+        foreach (var role in roles)
+        {
+            claims.Add(new Claim(ClaimTypes.Role, role));
+        }
+
+        var key = new SymmetricSecurityKey(Encoding.UTF8.GetBytes(_jwtSettings.Key));
+
+        var credentials = new SigningCredentials(key, SecurityAlgorithms.HmacSha256);
+
+        var token = new JwtSecurityToken(
+            issuer: _jwtSettings.Issuer,
+            audience: _jwtSettings.Audience,
+            claims: claims,
+            expires: DateTime.UtcNow.AddMinutes(_jwtSettings.ExpirationMinutes),
+            signingCredentials: credentials);
+        
+        return new JwtSecurityTokenHandler().WriteToken(token);
+    }
+}