massive work on user auth

SurveyBackend/SurveyBackend.Infrastructure/AuthOptions.cs

@@ -0,0 +1,32 @@
+using System.Text;
+using Microsoft.Extensions.Configuration;
+using Microsoft.IdentityModel.Tokens;
+
+namespace SurveyBackend.Infrastructure;
+
+public static class AuthOptions
+{
+    public static string Issuer;
+    public static string Audience;
+    public static TimeSpan TokenLifetime;
+    private static string? SecurityKey { get; set; }
+
+    public static SymmetricSecurityKey SymmetricSecurityKey
+    {
+        get
+        {
+            ArgumentNullException.ThrowIfNull(SecurityKey);
+
+            return new SymmetricSecurityKey(Encoding.UTF8.GetBytes(SecurityKey));
+        }
+    }
+
+    public static void MakeOptions(IConfigurationManager configurationManager, string? securityKey = null)
+    {
+        var jwtSettings = configurationManager.GetSection("JwtSettings");
+        Issuer = jwtSettings["Issuer"] ?? "DefaultIssuer";
+        Audience = jwtSettings["Audience"] ?? "DefaultAudience";
+        TokenLifetime = TimeSpan.FromMinutes(int.Parse(jwtSettings["TokenLifetime"] ?? "60"));
+        SecurityKey = securityKey ?? jwtSettings["SecretKey"];
+    }
+}

SurveyBackend/SurveyBackend.Infrastructure/Data/ApplicationDbContext.cs

@@ -5,12 +5,12 @@ using SurveyBackend.Core.Models;
 
 namespace SurveyBackend.Infrastructure.Data;
 
-public class DataContext : IdentityDbContext<User, IdentityRole<int>, int>
+public class ApplicationDbContext : DbContext
 {
+    public DbSet<User> Users { get; set; }
     public DbSet<Group> Groups { get; set; }
 
-    public DataContext(DbContextOptions<DataContext> options) : base(options)
+    public ApplicationDbContext(DbContextOptions<ApplicationDbContext> options) : base(options)
     {
-        Database.EnsureCreated();
     }
 }

SurveyBackend/SurveyBackend.Infrastructure/Helpers/TokenHelper.cs

@@ -0,0 +1,31 @@
+using System.IdentityModel.Tokens.Jwt;
+using System.Security.Claims;
+using Microsoft.IdentityModel.Tokens;
+using SurveyBackend.Core.Models;
+
+namespace SurveyBackend.Infrastructure.Helpers;
+
+public class TokenHelper
+{
+    public static string GetAuthToken(User user)
+    {
+        var userId = user.Id.ToString();
+
+        var claims = new List<Claim>
+        {
+            new(ClaimTypes.NameIdentifier, userId)
+        };
+
+        var jwt = new JwtSecurityToken(
+            claims: claims,
+            issuer: AuthOptions.Issuer,
+            audience: AuthOptions.Audience,
+            expires: DateTime.UtcNow + AuthOptions.TokenLifetime,
+            signingCredentials: new SigningCredentials(AuthOptions.SymmetricSecurityKey, SecurityAlgorithms.HmacSha256)
+        );
+
+        var token = new JwtSecurityTokenHandler().WriteToken(jwt);
+
+        return token;
+    }
+}

SurveyBackend/SurveyBackend.Infrastructure/Repositories/UserRepository.cs

@@ -7,9 +7,9 @@ namespace SurveyBackend.Infrastructure.Repositories;
 
 public class UserRepository : IUserRepository
 {
-    private readonly DataContext _context;
+    private readonly ApplicationDbContext _context;
 
-    public UserRepository(DataContext context)
+    public UserRepository(ApplicationDbContext context)
     {
         _context = context;
     }

SurveyBackend/SurveyBackend.Infrastructure/Services/IPasswordHasher.cs

@@ -0,0 +1,7 @@
+namespace SurveyBackend.Infrastructure.Services;
+
+public interface IPasswordHasher
+{
+    public string HashPassword(string password);
+    public bool Verify(string password, string hashedPassword);
+}

SurveyBackend/SurveyBackend.Infrastructure/Services/Sha256PasswordHasher.cs

@@ -0,0 +1,61 @@
+using System.Security.Cryptography;
+
+namespace SurveyBackend.Infrastructure.Services;
+
+public class Sha256PasswordHasher : IPasswordHasher
+{
+    private const int RehashCount = 10000;
+
+    private const int HashSizeBytes = 16;
+
+    private const int SaltSizeBytes = 16;
+
+    public string HashPassword(string password)
+    {
+        var saltBytes = RandomNumberGenerator.GetBytes(SaltSizeBytes);
+
+        using var deriveBytes = GetDeriveBytes(password, saltBytes);
+
+        var hashBytes = deriveBytes.GetBytes(HashSizeBytes);
+
+        var fullHashBytes = new byte[SaltSizeBytes + HashSizeBytes];
+
+        Array.Copy(saltBytes, 0, fullHashBytes, 0, SaltSizeBytes);
+        Array.Copy(hashBytes, 0, fullHashBytes, SaltSizeBytes, HashSizeBytes);
+
+        var hashedPassword = Convert.ToBase64String(fullHashBytes);
+
+        return hashedPassword;
+    }
+
+    public bool Verify(string password, string hashedPassword)
+    {
+        var fullHashBytes = Convert.FromBase64String(hashedPassword);
+
+        var saltBytes = new byte[SaltSizeBytes];
+
+        Array.Copy(fullHashBytes, 0, saltBytes, 0, SaltSizeBytes);
+
+        using var deriveBytes = GetDeriveBytes(password, saltBytes);
+
+        var hashBytes = deriveBytes.GetBytes(HashSizeBytes);
+
+        var isMatch = CompareHashes(hashBytes, fullHashBytes);
+
+        return isMatch;
+    }
+
+    private static bool CompareHashes(byte[] hashBytes, byte[] fullHashBytes)
+    {
+        for (var i = 0; i < HashSizeBytes; i++)
+            if (hashBytes[i] != fullHashBytes[i + SaltSizeBytes])
+                return false;
+
+        return true;
+    }
+
+    private static Rfc2898DeriveBytes GetDeriveBytes(string password, byte[] saltBytes)
+    {
+        return new Rfc2898DeriveBytes(password, saltBytes, RehashCount, HashAlgorithmName.SHA256);
+    }
+}

SurveyBackend/SurveyBackend.Infrastructure/SurveyBackend.Infrastructure.csproj

@@ -8,6 +8,7 @@
 
     <ItemGroup>
       <PackageReference Include="Microsoft.EntityFrameworkCore" Version="9.0.3" />
+      <PackageReference Include="System.IdentityModel.Tokens.Jwt" Version="7.1.2" />
     </ItemGroup>
 
     <ItemGroup>