using Microsoft.AspNetCore.Identity; using zero.Identity.Models; namespace zero.Identity; public class AuthenticationService : IAuthenticationService { protected IZeroContext Context { get; set; } protected SignInManager SignInManager { get; private set; } protected IZeroStore Store { get; set; } public AuthenticationService(IZeroContext context, SignInManager signInManager, IZeroStore store) { Context = context; SignInManager = signInManager; Store = store; } /// public bool IsLoggedIn() { //ClaimsPrincipal principal = HttpContextAccessor.HttpContext.User; //bool isAuthenticated = principal.Identity.IsAuthenticated; //bool isZeroUser = principal.HasClaim(Constants.Auth.Claims.IsZero, PermissionsValue.True); //bool isSignedIn = SignInManager.IsSignedIn(principal); //return isAuthenticated && isZeroUser && isSignedIn; return SignInManager.IsSignedIn(Context.BackofficeUser); } /// public bool IsSuper() { return Context.BackofficeUser.HasClaim(Constants.Auth.Claims.IsSuper, PermissionsValue.True); } /// public bool IsAdmin() { return Context.BackofficeUser.HasClaim(Constants.Auth.Claims.Role, "administrator"); // TODO use constant (in setup as well) } /// public async Task GetUser() { return await SignInManager.UserManager.GetUserAsync(Context.BackofficeUser); } /// public async Task Login(string email, string password, bool isPersistent) { SignInResult signInResult = await SignInManager.PasswordSignInAsync(email, password, isPersistent, true); if (!signInResult.Succeeded) { if (signInResult.IsLockedOut) { return LoginResult.LockedOut; } else if (signInResult.IsNotAllowed) { return LoginResult.NotAllowed; } else if (signInResult.RequiresTwoFactor) { return LoginResult.RequiresTwoFactor; } return LoginResult.WrongCredentials; } return LoginResult.Success; } /// public async Task Logout() { await SignInManager.SignOutAsync(); } /// public string GetUserId() { return SignInManager.UserManager.GetUserId(Context.BackofficeUser); } } public interface IAuthenticationService { /// /// Get currently logged-in user /// Task GetUser(); /// /// Whether a user is currently logged-in /// bool IsLoggedIn(); /// /// Whether the current user is the super user who created the zero instance /// bool IsSuper(); /// /// Whether the current user belongs to the administrator role (will always return false if this role gets deleted) /// bool IsAdmin(); /// /// Logs a zero-user in and sets cookie /// Task Login(string email, string password, bool isPersistent); /// /// Logs out the current user /// Task Logout(); /// /// Get the ID of the currently logged in user /// string GetUserId(); }