dmolinari/GestionIntegralWeb
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
da7b544372d72fd6e4a82a3d95626e9cd273f4a4
GestionIntegralWeb/Backend/GestionIntegral.Api/Services/AuthService.cs

109 lines
4.5 KiB
C#
Raw Normal View History

Fase 2: Creatción de la UI (React + Vite). Implementación de Log In reemplazando texto plano. Y creación de tool para migrar contraseñas.
2025-05-05 15:49:01 -03:00
using GestionIntegral.Api.Data;
using GestionIntegral.Api.Dtos;
using GestionIntegral.Api.Models;
using Microsoft.Extensions.Configuration;
using Microsoft.IdentityModel.Tokens;
using System.IdentityModel.Tokens.Jwt;
using System.Security.Claims;
using System.Text;
namespace GestionIntegral.Api.Services
{
public class AuthService : IAuthService
{
private readonly IAuthRepository _authRepository;
private readonly PasswordHasherService _passwordHasher;
private readonly IConfiguration _configuration;
private readonly ILogger<AuthService> _logger; // Añadir logger
public AuthService(
IAuthRepository authRepository,
PasswordHasherService passwordHasher,
IConfiguration configuration,
ILogger<AuthService> logger) // Inyectar logger
{
_authRepository = authRepository;
_passwordHasher = passwordHasher;
_configuration = configuration;
_logger = logger; // Asignar logger
}
public async Task<LoginResponseDto?> LoginAsync(LoginRequestDto loginRequest)
{
var user = await _authRepository.GetUserByUsernameAsync(loginRequest.Username);
if (user == null)
{
_logger.LogWarning("Login attempt failed: User {Username} not found.", loginRequest.Username);
return null;
}
if (!user.Habilitada)
{
_logger.LogWarning("Login attempt failed: User {Username} is disabled.", loginRequest.Username);
return null;
}
// Verificar contraseña usando el hash y salt de la BD
bool isPasswordValid = _passwordHasher.VerifyPassword(loginRequest.Password, user.ClaveHash, user.ClaveSalt);
if (!isPasswordValid)
{
_logger.LogWarning("Login attempt failed: Invalid password for user {Username}.", loginRequest.Username);
return null;
}
// Generar Token JWT
var token = GenerateJwtToken(user);
// Determinar si debe cambiar clave (leyendo de la BD via el repo/modelo)
bool debeCambiar = user.DebeCambiarClave;
_logger.LogInformation("User {Username} logged in successfully.", loginRequest.Username);
// Crear y devolver la respuesta
return new LoginResponseDto
{
Token = token,
UserId = user.Id,
Username = user.User,
NombreCompleto = $"{user.Nombre} {user.Apellido}",
EsSuperAdmin = user.SupAdmin,
DebeCambiarClave = debeCambiar
};
}
// --- GenerateJwtToken sin cambios ---
private string GenerateJwtToken(Usuario user)
{
var jwtSettings = _configuration.GetSection("Jwt");
var key = Encoding.ASCII.GetBytes(jwtSettings["Key"]
?? throw new ArgumentNullException("Jwt:Key", "JWT Key not configured"));
var tokenHandler = new JwtSecurityTokenHandler();
var tokenDescriptor = new SecurityTokenDescriptor
{
Subject = new ClaimsIdentity(new[]
{
new Claim(JwtRegisteredClaimNames.Sub, user.Id.ToString()),
new Claim(JwtRegisteredClaimNames.Name, user.User),
new Claim(JwtRegisteredClaimNames.GivenName, user.Nombre),
new Claim(JwtRegisteredClaimNames.FamilyName, user.Apellido),
new Claim(ClaimTypes.Role, user.SupAdmin ? "SuperAdmin" : $"Perfil_{user.IdPerfil}"),
new Claim("idPerfil", user.IdPerfil.ToString()), // Añadir IdPerfil como claim explícito
new Claim("debeCambiarClave", user.DebeCambiarClave.ToString()), // Añadir flag como claim
new Claim(JwtRegisteredClaimNames.Jti, Guid.NewGuid().ToString())
}),
Expires = DateTime.UtcNow.AddHours(Convert.ToInt32(jwtSettings["DurationInHours"] ?? "1")),
Issuer = jwtSettings["Issuer"],
Audience = jwtSettings["Audience"],
SigningCredentials = new SigningCredentials(new SymmetricSecurityKey(key), SecurityAlgorithms.HmacSha256Signature)
};
var token = tokenHandler.CreateToken(tokenDescriptor);
return tokenHandler.WriteToken(token);
}
// TODO: Implementar ChangePasswordAsync
}
}
Reference in New Issue Copy Permalink