users add/get/delete/login/logout/me

Luticate2.Auth/Business/LuBusinessExtensions.cs

@@ -1,6 +1,57 @@
-namespace Luticate2.Auth.Business
+using System;
+using System.Collections.Generic;
+using System.Linq;
+using Luticate2.Auth.Dbo.Tokens;
+using Luticate2.Auth.Dbo.Users;
+using Luticate2.Utils.Dbo.Basic;
+using Luticate2.Utils.Dbo.Result;
+using Luticate2.Utils.Utils;
+
+namespace Luticate2.Auth.Business
 {
     public static class LuBusinessExtensions
     {
+        public static IEnumerable<LuUsersDbo> ToLite(this IEnumerable<LuUsersFullDbo> userRes)
+        {
+            return userRes.Select(fullDbo => fullDbo.ToLite());
+        }
+
+        public static LuResult<LuUsersDbo> ToLite(this LuResult<LuUsersFullDbo> userRes)
+        {
+            return userRes.To(dbo => dbo.ToLite());
+        }
+
+        public static LuResult<LuPaginatedDbo<LuUsersDbo>> ToLite(this LuResult<LuPaginatedDbo<LuUsersFullDbo>> userRes)
+        {
+            return userRes.To(dbo => dbo.To(dbos => dbos.ToLite().ToList()));
+        }
+
+        public static LuUsersDbo ToLite(this LuUsersFullDbo dbo)
+        {
+            if (dbo == null)
+            {
+                return null;
+            }
+            return new LuUsersDbo
+            {
+                Id = dbo.Id,
+                Username = dbo.Username
+            };//TODO
+        }
+
+        public static LuUsersToken ToUserToken(this LuTokensDbo dbo)
+        {
+            if (dbo == null)
+            {
+                return null;
+            }
+            return new LuUsersToken
+            {
+                Data = dbo.Data,
+                NotAfter = dbo.NotAfter,
+                NotBefore = dbo.NotBefore,
+                UserId = dbo.UserId
+            };
+        }
     }
 }

Luticate2.Auth/Business/LuTokensBusiness.cs

@@ -0,0 +1,88 @@
+using System;
+using System.Security.Cryptography;
+using Luticate2.Auth.DataAccess;
+using Luticate2.Auth.Dbo.Tokens;
+using Luticate2.Auth.Dbo.Users;
+using Luticate2.Auth.Interfaces.Tokens;
+using Luticate2.Utils.Business;
+using Luticate2.Utils.Dbo.Result;
+using Luticate2.Utils.Interfaces;
+using Luticate2.Utils.Utils;
+
+namespace Luticate2.Auth.Business
+{
+    public class LuTokensBusiness : LuCrudBusiness<LuTokensDataAccess, LuTokensAddDbo, LuTokensDbo, LuTokensEditDbo, string>, ILuTokensBusiness
+    {
+        private readonly IDateTime _dateTime;
+
+        public LuTokensBusiness(LuTokensDataAccess dataAccess, ILuNotificationsBusiness notificationsBusiness, IDateTime dateTime) : base(dataAccess, notificationsBusiness)
+        {
+            _dateTime = dateTime;
+        }
+
+        public LuResult<LuUsersToken> GetToken(string token)
+        {
+            return GetSingleById(token).To(dbo => dbo.ToUserToken());
+        }
+
+        public string GenerateId()
+        {
+            var token = new byte[50];
+            using (var rng = RandomNumberGenerator.Create())
+            {
+                rng.GetBytes(token);
+            }
+            return Convert.ToBase64String(token).Trim('=');
+        }
+
+        public LuResult<string> RegisterToken(LuUsersToken token)
+        {
+            string id;
+            LuResult<LuTokensDbo> tokenRes;
+            do
+            {
+                id = GenerateId();
+                tokenRes = GetSingleById(id);
+            } while (tokenRes);
+
+            if (tokenRes.Status != LuStatus.NotFound)
+            {
+                return tokenRes.To<string>();
+            }
+
+            return this.AddId(new LuTokensAddDbo
+            {
+                Data = token.Data,
+                Id = id,
+                NotAfter = token.NotAfter,
+                NotBefore = token.NotBefore,
+                UserId = token.UserId
+            });
+        }
+
+        public LuResult<LuUsersToken> UnRegisterToken(string token)
+        {
+            return this.DeleteSingleByIdDbo(token).To(dbo => dbo.ToUserToken());
+        }
+
+        public bool IsTokenValid(LuUsersToken token)
+        {
+            var now = _dateTime.Now;
+            return (token.NotBefore == null || now >= token.NotBefore) &&
+                   (token.NotAfter == null || now <= token.NotAfter);
+        }
+
+        public LuResult<string> GenerateToken(LuUsersDbo user)
+        {
+            var token = new LuUsersToken
+            {
+                Data = null,//TODO
+                NotAfter = null,
+                NotBefore = null,
+                UserId = user.Id
+            };
+
+            return RegisterToken(token);
+        }
+    }
+}

Luticate2.Auth/Business/LuUsersBusiness.cs

@@ -1,54 +1,152 @@
 using System;
+using System.Collections.Generic;
+using System.Security.Cryptography;
+using System.Text;
+using Luticate2.Auth.DataAccess;
 using Luticate2.Auth.Dbo.Users;
+using Luticate2.Auth.Interfaces.Tokens;
 using Luticate2.Auth.Interfaces.Users;
+using Luticate2.Utils.Business;
 using Luticate2.Utils.Dbo.Result;
+using Luticate2.Utils.Interfaces;
 using Luticate2.Utils.Utils;
+using Microsoft.AspNetCore.Cryptography.KeyDerivation;
 
 namespace Luticate2.Auth.Business
 {
-    public class LuUsersBusiness : ILuUsersBusiness
+    public class LuUsersBusiness : LuCrudBusiness<LuUsersDataAccess, LuUsersAddFullDbo, LuUsersFullDbo, LuUsersEditFullDbo, string>, ILuUsersBusiness
     {
-        public LuResult<UsersToken> GetToken(string token)
+        private readonly ILuTokensBusiness _luTokensBusiness;
+        private readonly ILuLoggedUserAccessor _luLoggedUserAccessor;
+
+        public LuUsersBusiness(LuUsersDataAccess dataAccess, ILuNotificationsBusiness notificationsBusiness,
+            ILuTokensBusiness luTokensBusiness, ILuLoggedUserAccessor luLoggedUserAccessor) : base(dataAccess, notificationsBusiness)
+        {
+            _luTokensBusiness = luTokensBusiness;
+            _luLoggedUserAccessor = luLoggedUserAccessor;
+        }
+
+        public string GenerateSalt()
         {
-            var id = Guid.NewGuid().ToDbo();
-            return LuResult<UsersToken>.Ok(new UsersToken
+            var salt = new byte[128 / 8];
+            using (var rng = RandomNumberGenerator.Create())
             {
-                UserId = id
-            });//TODO
+                rng.GetBytes(salt);
+            }
+            return Convert.ToBase64String(salt);
         }
 
-        public LuResult<string> RegisterToken(UsersToken token)
+        public string HashPassword(string password, string salt)
         {
-            return LuResult<string>.Ok("token");//TODO
+            var hashed = Convert.ToBase64String(KeyDerivation.Pbkdf2(password, Encoding.ASCII.GetBytes(salt),
+                KeyDerivationPrf.HMACSHA1, 10000, 256 / 8));
+            return hashed;
         }
 
-        public LuResult<UsersToken> UnRegisterToken(string token)
+        public bool VerifyPasswordHash(string password, string hash, string salt)
         {
-            return LuResult<UsersToken>.Ok(new UsersToken());//TODO
+            var newHash = HashPassword(password, salt);
+            return newHash == hash;
         }
 
-        public bool IsTokenValid(UsersToken token)
+        public LuResult<LuUsersFullDbo> FindByUsername(string username)
         {
-            return true;
+            return DataAccess.FindByUsername(username);
         }
 
-        public LuResult<UsersDbo> GetSingleById(string id)
+        public LuResult<LuUsersFullDbo> Register(LuUsersAddDbo user)
         {
-            return LuResult<UsersDbo>.Ok(new UsersDbo
+            var userRes = FindByUsername(user.Username);
+            if (userRes)
+            {
+                return LuResult<LuUsersFullDbo>.Error(LuStatus.InputError,
+                    $"username: {user.Username}", "Username already exists");
+            }
+            if (userRes.Status != LuStatus.NotFound)
+            {
+                return userRes;
+            }
+            var salt = GenerateSalt();
+            var password = HashPassword(user.Password, salt);
+            return this.AddDbo(new LuUsersAddFullDbo
             {
-                Id = id,
-                Username = "user-" + id.Split('-')[0]
-            });//TODO
+                AuthenticationSourceId = Guid.Empty.ToDbo(),
+                Data = null,
+                Password = password,
+                Salt = salt,
+                Username = user.Username
+            });
         }
 
-        public string HashPassword(string password, string salt)
+        public LuResult<LuUsersFullDbo> Edit(string id, LuUsersEditDbo user)
         {
-            return "";//TODO
+            throw new NotImplementedException();
         }
 
-        public bool VerifyPasswordHash(string password, string hash, string salt)
+        public LuResult<LuUsersLoginResultDbo> Login(string username, string password)
+        {
+            var userRes = FindByUsername(username);
+            if (userRes.Status == LuStatus.NotFound)
+            {
+                return LuResult<LuUsersLoginResultDbo>.Error(LuStatus.LoginError,
+                    $"unknown username; username: {username}", "Invalid username or password");
+            }
+            if (!userRes)
+            {
+                return userRes.To<LuUsersLoginResultDbo>();
+            }
+            if (userRes.Data.Password == null)
+            {
+                return LuResult<LuUsersLoginResultDbo>.Error(LuStatus.LoginError,
+                    $"null password; username: {username}", "Invalid username or password");
+            }
+            if (!VerifyPasswordHash(password, userRes.Data.Password, userRes.Data.Salt))
+            {
+                return LuResult<LuUsersLoginResultDbo>.Error(LuStatus.LoginError,
+                    $"invalid password; username: {username}", "Invalid username or password");
+            }
+
+            var tokenRes = _luTokensBusiness.GenerateToken(userRes.Data.ToLite());
+            if (!tokenRes)
+            {
+                return tokenRes.To<LuUsersLoginResultDbo>();
+            }
+
+            return LuResult<LuUsersLoginResultDbo>.Ok(new LuUsersLoginResultDbo
+            {
+                Token = tokenRes.Data,
+                User = userRes.Data.ToLite()
+            });
+        }
+
+        public LuResult<bool> Logout(string token)
         {
-            return true;//TODO
+            if (token == null)
+            {
+                return LuResult<bool>.Ok(true);
+            }
+            return _luTokensBusiness.UnRegisterToken(token).To(usersToken => true);
+        }
+
+        public LuResult<LuUsersFullDbo> Me()
+        {
+            return LuResult<LuUsersFullDbo>.Ok(_luLoggedUserAccessor.GetLoggedUser());
+        }
+
+        LuResult<T> ILuCrudInterface<LuUsersAddFullDbo, LuUsersFullDbo, LuUsersEditFullDbo, string>.DeleteSingleById<T>(string id, Func<LuUsersFullDbo, T> returnFunc)
+        {
+            var loggedUser = _luLoggedUserAccessor.GetLoggedUser();
+            if (id == Guid.Empty.ToDbo())
+            {
+                return LuResult<T>.Error(LuStatus.InputError,
+                    $"loggedUser: {loggedUser.Username}", "Can not remove anonymous user");
+            }
+            if (id == loggedUser.Id)
+            {
+                return LuResult<T>.Error(LuStatus.InputError,
+                    $"loggedUser: {loggedUser.Username}", "Can not remove yourself");
+            }
+            return base.DeleteSingleById(id, returnFunc);
         }
     }
 }

Luticate2.Auth/Controllers/LuAuthExtensions.cs

@@ -5,6 +5,7 @@ using Luticate2.Auth.DataAccess;
 using Luticate2.Auth.Dbo.Users;
 using Luticate2.Auth.Interfaces.Groups;
 using Luticate2.Auth.Interfaces.Permissions;
+using Luticate2.Auth.Interfaces.Tokens;
 using Luticate2.Auth.Interfaces.Users;
 using Luticate2.Auth.Middlewares;
 using Luticate2.Utils.Controllers;
@@ -14,6 +15,7 @@ using Microsoft.AspNetCore.Http;
 using Microsoft.AspNetCore.Mvc;
 using Microsoft.EntityFrameworkCore;
 using Microsoft.Extensions.DependencyInjection;
+using Microsoft.Extensions.DependencyInjection.Extensions;
 
 namespace Luticate2.Auth.Controllers
 {
@@ -23,25 +25,31 @@ namespace Luticate2.Auth.Controllers
 
         public const string LuticateItemsLoggedUser = "loggedUser";
 
+        public const string TokenCookieName = "luticate2-token";
+
         public static IServiceCollection AddLuticateAuth(this IServiceCollection services,
             Action<LuUtilsOptionsDbo> optionsDelegate, Action<DbContextOptionsBuilder> optionsAction)
         {
             services.AddLuticateUtils(optionsDelegate);
 
-            services.AddSingleton<IHttpContextAccessor, HttpContextAccessor>();
+            services.TryAddSingleton<IHttpContextAccessor, HttpContextAccessor>();
+
+            services.TryAddScoped<ILuLoggedUserAccessor, LuLoggedUserAccessor>();
+            services.TryAddScoped<LuAttrLoggedUserAccessor>();
+            services.TryAddScoped<LuAttrArgumentAccessor>();
 
-            services.AddScoped<ILuLoggedUserAccessor, LuLoggedUserAccessor>();
-            services.AddScoped<LuAttrLoggedUserAccessor>();
-            services.AddScoped<LuAttrArgumentAccessor>();
+            services.TryAddTransient<LuGroupsController>();
+            services.TryAddTransient<ILuGroupsBusiness, LuGroupsBusiness>();
+            services.TryAddTransient<LuGroupsDataAccess>();
 
-            services.AddTransient<LuGroupsController>();
-            services.AddTransient<ILuGroupsBusiness, LuGroupsBusiness>();
-            services.AddTransient<LuGroupsDataAccess>();
+            services.TryAddTransient<LuUsersController>();
+            services.TryAddTransient<ILuUsersBusiness, LuUsersBusiness>();
+            services.TryAddTransient<LuUsersDataAccess>();
 
-            services.AddTransient<LuUsersController>();
-            services.AddTransient<ILuUsersBusiness, LuUsersBusiness>();
+            services.TryAddTransient<ILuTokensBusiness, LuTokensBusiness>();
+            services.TryAddTransient<LuTokensDataAccess>();
 
-            services.AddTransient<ILuPermissionsBusiness, LuPermissionsBusiness>();
+            services.TryAddTransient<ILuPermissionsBusiness, LuPermissionsBusiness>();
 
             services.AddDbContext<LuAuthDatabaseContext>(options =>
             {
@@ -73,14 +81,20 @@ namespace Luticate2.Auth.Controllers
             return app;
         }
 
-        public static UsersDbo GetLuLoggedUser(this HttpContext context)
+        public static LuUsersFullDbo GetLuLoggedUser(this HttpContext context)
         {
-            return context.GetLuItems()[LuticateItemsLoggedUser] as UsersDbo;
+            return context.GetLuItems()[LuticateItemsLoggedUser] as LuUsersFullDbo;
         }
 
-        public static void SetLuLoggedUser(this HttpContext context, UsersDbo user)
+        public static void SetLuLoggedUser(this HttpContext context, LuUsersFullDbo user)
         {
             context.GetLuItems()[LuticateItemsLoggedUser] = user;
         }
+
+        public static string GetLuUserToken(this HttpContext context)
+        {
+            var token = context.Request.Cookies[TokenCookieName];
+            return string.IsNullOrWhiteSpace(token) ? null : token;
+        }
     }
 }

Luticate2.Auth/Controllers/LuLoggedUserAccessor.cs

@@ -13,7 +13,7 @@ namespace Luticate2.Auth.Controllers
             _httpContextAccessor = httpContextAccessor;
         }
 
-        public UsersDbo GetLoggedUser()
+        public LuUsersFullDbo GetLoggedUser()
         {
             return _httpContextAccessor.HttpContext.GetLuLoggedUser();
         }

Luticate2.Auth/Controllers/LuUsersController.cs

@@ -1,15 +1,102 @@
-using Luticate2.Utils.Controllers;
+using System.ComponentModel.DataAnnotations;
+using Luticate2.Auth.Attributes;
+using Luticate2.Auth.Business;
+using Luticate2.Auth.Dbo.Permissions;
+using Luticate2.Auth.Dbo.Users;
+using Luticate2.Auth.Interfaces.Users;
+using Luticate2.Utils.Controllers;
 using Luticate2.Utils.Dbo.Basic;
+using Luticate2.Utils.Dbo.PaginatedRequest;
+using Luticate2.Utils.Dbo.Result;
+using Luticate2.Utils.Utils;
+using Microsoft.AspNetCore.Http;
 using Microsoft.AspNetCore.Mvc;
 using Microsoft.Extensions.Options;
 
 namespace Luticate2.Auth.Controllers
 {
-    [Route(LuAuthExtensions.RoutePrefix)]
+    [Route(LuAuthExtensions.RoutePrefix + "/[controller]")]
     public class LuUsersController : LuController
     {
-        public LuUsersController(IOptions<LuUtilsOptionsDbo> luUtilsOptionsDbo) : base(luUtilsOptionsDbo)
+        private const string EntityType = LuEntityTypes.LuUsers;
+
+        private const string ReadPermission = LuPermissions.LuGroupsRead;
+
+        private const string WritePermission = LuPermissions.LuGroupsWrite;
+
+        private readonly ILuUsersBusiness _busines;
+
+        public LuUsersController(ILuUsersBusiness busines, IOptions<LuUtilsOptionsDbo> luUtilsOptionsDbo) : base(luUtilsOptionsDbo)
+        {
+            _busines = busines;
+        }
+
+        [HttpGet("{id}")]
+        [LuPermission(ReadPermission, EntityType)]
+        public LuApiWrapperDbo<LuUsersDbo> GetSingleById([LuPermissionArg][Required]string id)
+        {
+            return Handle(_busines.GetSingleById(id).ToLite());
+        }
+
+        [HttpGet]
+        [LuPermission(ReadPermission, EntityType)]
+        public LuApiWrapperDbo<LuPaginatedDbo<LuUsersDbo>> GetMultiple([Required]LuPaginatedRequestDbo request)
+        {
+            return Handle(_busines.GetMultiple(request).ToLite());
+        }
+
+        [HttpPost]
+        [LuPermission(WritePermission, EntityType)]
+        public LuApiWrapperDbo<LuUsersDbo> Register([Required]LuUsersAddDbo data)
+        {
+            return Handle(_busines.Register(data).ToLite());
+        }
+
+        [HttpPost("{id}")]
+        [LuPermission(WritePermission, EntityType)]
+        public LuApiWrapperDbo<LuUsersDbo> Edit([LuPermissionArg][Required]string id, [Required]LuUsersEditDbo data)
+        {
+            return Handle(_busines.Edit(id, data).ToLite());
+        }
+
+        [HttpDelete("{id}")]
+        [LuPermission(WritePermission, EntityType)]
+        public LuApiWrapperDbo<LuUsersDbo> Delete([LuPermissionArg][Required]string id)
+        {
+            return Handle(_busines.DeleteSingleByIdDbo(id).ToLite());
+        }
+
+        [HttpPost("login")]
+        public LuApiWrapperDbo<LuUsersLoginResultDbo> Login([Required]string username, [Required]string password)
+        {
+            var loginRes = _busines.Login(username, password);
+            if (loginRes)
+            {
+                Response.Cookies.Append(LuAuthExtensions.TokenCookieName, loginRes.Data.Token, new CookieOptions
+                {
+                    HttpOnly = true,
+                    Secure = true
+                });
+            }
+            return Handle(loginRes);
+        }
+
+        [HttpPost("logout")]
+        public LuApiWrapperDbo<bool> Logout()
+        {
+            var token = HttpContext.GetLuUserToken();
+            if (token != null)
+            {
+                Response.Cookies.Delete(LuAuthExtensions.TokenCookieName);
+                return Handle(_busines.Logout(token));
+            }
+            return Handle(LuResult<bool>.Ok(true));
+        }
+
+        [HttpGet("me")]
+        public LuApiWrapperDbo<LuUsersDbo> Me()
         {
+            return Handle(_busines.Me().ToLite());
         }
     }
 }

Luticate2.Auth/DataAccess/LuAuthDatabaseContext.cs

@@ -48,6 +48,17 @@ namespace Luticate2.Auth.DataAccess
             
             
             
+            modelBuilder.Entity<lu_tokens>()
+                .HasKey(c => new { c.id });
+            
+            
+            modelBuilder.Entity<lu_tokens>()
+                .HasOne(e => e.fk_lu_users)
+                .WithMany(e => e.lu_tokens_fk)
+                .HasForeignKey("user_id")
+                .HasConstraintName("lu_tokens_user_id_fkey");
+            
+            
             modelBuilder.Entity<lu_users>()
                 .HasKey(c => new { c.id });
             
@@ -86,6 +97,8 @@ namespace Luticate2.Auth.DataAccess
         
         public virtual DbSet<lu_groups> lu_groups { get; set; }
         
+        public virtual DbSet<lu_tokens> lu_tokens { get; set; }
+        
         public virtual DbSet<lu_users> lu_users { get; set; }
         
         public virtual DbSet<lu_verb_users_groups> lu_verb_users_groups { get; set; }

Luticate2.Auth/DataAccess/LuTokensDataAccess.cs

@@ -0,0 +1,57 @@
+using System;
+using System.Linq.Expressions;
+using Luticate2.Auth.DataAccess.Models;
+using Luticate2.Auth.Dbo.Tokens;
+using Luticate2.Utils.DataAccess;
+using Luticate2.Utils.Dbo.Filter;
+using Luticate2.Utils.Utils;
+using Microsoft.EntityFrameworkCore;
+using Newtonsoft.Json;
+
+namespace Luticate2.Auth.DataAccess
+{
+    public class LuTokensDataAccess : LuEfCrudDataAccess<lu_tokens, LuTokensAddDbo, LuTokensDbo, LuTokensEditDbo, LuAuthDatabaseContext, string>
+    {
+        public LuTokensDataAccess(IServiceProvider serviceProvider) : base(serviceProvider)
+        {
+        }
+
+        protected override object GetId(string id)
+        {
+            return id;
+        }
+
+        protected override DbSet<lu_tokens> GetTable(LuAuthDatabaseContext db)
+        {
+            return db.lu_tokens;
+        }
+
+        protected override Expression<Func<lu_tokens, bool>> GetFilterExpression(LuFilterDbo filter)
+        {
+            var userId = filter.GetFilterString("userId", null);
+            return tokens => (userId == null || tokens.user_id.ToString() == userId);
+        }
+
+        protected override lu_tokens GetModelFromTCreate(LuTokensAddDbo obj)
+        {
+            return new lu_tokens
+            {
+                data = JsonConvert.SerializeObject(obj.Data),
+                id = obj.Id,
+                notAfter = obj.NotAfter,
+                notBefore = obj.NotBefore,
+                user_id = obj.UserId.ToGuid()
+            };
+        }
+
+        protected override void EditModelFromTUpdate(LuTokensEditDbo obj, lu_tokens model)
+        {
+            throw new NotImplementedException();
+        }
+
+        protected override LuTokensDbo GetDboFromModel(lu_tokens model)
+        {
+            return model.ToDbo();
+        }
+    }
+}

Luticate2.Auth/DataAccess/LuUsersDataAccess.cs

@@ -0,0 +1,73 @@
+using System;
+using System.Linq;
+using Luticate2.Auth.DataAccess.Models;
+using Luticate2.Auth.Dbo.Users;
+using Luticate2.Utils.DataAccess;
+using Luticate2.Utils.Dbo.Result;
+using Luticate2.Utils.Utils;
+using Microsoft.EntityFrameworkCore;
+using Newtonsoft.Json;
+using Npgsql;
+
+namespace Luticate2.Auth.DataAccess
+{
+    public class LuUsersDataAccess : LuEfCrudDataAccess<lu_users, LuUsersAddFullDbo, LuUsersFullDbo, LuUsersEditFullDbo, LuAuthDatabaseContext, string>
+    {
+        public LuUsersDataAccess(IServiceProvider serviceProvider) : base(serviceProvider)
+        {
+        }
+
+        protected override DbSet<lu_users> GetTable(LuAuthDatabaseContext db)
+        {
+            return db.lu_users;
+        }
+
+        protected override lu_users GetModelFromTCreate(LuUsersAddFullDbo obj)
+        {
+            return new lu_users
+            {
+                authentication_source_id = obj.AuthenticationSourceId.ToGuid(),
+                data = JsonConvert.SerializeObject(obj.Data),
+                password = obj.Password,
+                salt = obj.Salt,
+                username = obj.Username
+            };
+        }
+
+        protected override LuResult<T> HandleError<T>(Exception e)
+        {
+            if (e is DbUpdateException && e.InnerException is PostgresException)
+            {
+                var pge = (PostgresException) e.InnerException;
+                if (pge.ConstraintName == "lu_users_authentication_source_id_username_key")
+                {
+                    return LuResult<T>.Error(LuStatus.InputError, e, "Username already exists");
+                }
+            }
+            return null;
+        }
+
+        protected override void EditModelFromTUpdate(LuUsersEditFullDbo obj, lu_users model)
+        {
+            throw new NotImplementedException();//TODO
+        }
+
+        protected override LuUsersFullDbo GetDboFromModel(lu_users model)
+        {
+            return model.ToDbo();
+        }
+
+        public LuResult<LuUsersFullDbo> FindByUsername(string username)
+        {
+            return Execute((context, set) =>
+            {
+                var user = set.FirstOrDefault(users => users.username.ToLower() == username.ToLower())?.ToDbo();
+                if (user != null)
+                {
+                    return LuResult<LuUsersFullDbo>.Ok(user);
+                }
+                return LuResult<LuUsersFullDbo>.Error(LuStatus.NotFound, $"username: {username}", "Username not found");
+            });
+        }
+    }
+}

Luticate2.Auth/DataAccess/Models/ModelsToDbo.cs

@@ -1,21 +0,0 @@
-using Luticate2.Auth.Dbo.Groups;
-using Luticate2.Utils.Utils;
-
-namespace Luticate2.Auth.DataAccess.Models
-{
-    public static class ModelsToDbo
-    {
-        public static LuGroupsDbo ToDbo(this lu_groups model)
-        {
-            if (model == null)
-            {
-                return null;
-            }
-            return new LuGroupsDbo
-            {
-                Id = model.id.ToDbo(),
-                Name = model.name
-            };
-        }
-    }
-}

Luticate2.Auth/DataAccess/Models/lu_authentication_sources.cs

@@ -16,6 +16,8 @@ namespace Luticate2.Auth.DataAccess.Models
         
         public string data { get; set; }
         
+        public string realm { get; set; }
+        
         
         
         public virtual IList<lu_users> lu_users_fk { get; set; }

Luticate2.Auth/DataAccess/Models/lu_tokens.cs

@@ -0,0 +1,26 @@
+using System;
+using System.Collections.Generic;
+using System.ComponentModel.DataAnnotations;
+using System.ComponentModel.DataAnnotations.Schema;
+
+namespace Luticate2.Auth.DataAccess.Models
+{
+    public partial class lu_tokens
+    {
+        
+        public string id { get; set; }
+        
+        public DateTime? notBefore { get; set; }
+        
+        public DateTime? notAfter { get; set; }
+        
+        public Guid user_id { get; set; }
+        
+        public string data { get; set; }
+        
+        
+        public virtual lu_users fk_lu_users { get; set; }
+        
+        
+    }
+}

Luticate2.Auth/DataAccess/Models/lu_users.cs

@@ -24,6 +24,8 @@ namespace Luticate2.Auth.DataAccess.Models
         public virtual lu_authentication_sources fk_lu_authentication_sources { get; set; }
         
         
+        public virtual IList<lu_tokens> lu_tokens_fk { get; set; }
+        
         public virtual IList<lu_verb_users_groups> lu_verb_users_groups_fk { get; set; }
         
     }

Luticate2.Auth/DataAccess/ModelsToDbo.cs

@@ -0,0 +1,59 @@
+using System.Collections.Generic;
+using Luticate2.Auth.DataAccess.Models;
+using Luticate2.Auth.Dbo.Groups;
+using Luticate2.Auth.Dbo.Tokens;
+using Luticate2.Auth.Dbo.Users;
+using Luticate2.Utils.Utils;
+using Newtonsoft.Json;
+
+namespace Luticate2.Auth.DataAccess
+{
+    public static class ModelsToDbo
+    {
+        public static LuGroupsDbo ToDbo(this lu_groups model)
+        {
+            if (model == null)
+            {
+                return null;
+            }
+            return new LuGroupsDbo
+            {
+                Id = model.id.ToDbo(),
+                Name = model.name
+            };
+        }
+
+        public static LuUsersFullDbo ToDbo(this lu_users model)
+        {
+            if (model == null)
+            {
+                return null;
+            }
+            return new LuUsersFullDbo
+            {
+                AuthenticationSourceId = model.authentication_source_id.ToDbo(),
+                Data = JsonConvert.DeserializeObject<IDictionary<string, object>>(model.data),
+                Id = model.id.ToDbo(),
+                Password = model.password,
+                Salt = model.salt,
+                Username = model.username
+            };
+        }
+
+        public static LuTokensDbo ToDbo(this lu_tokens model)
+        {
+            if (model == null)
+            {
+                return null;
+            }
+            return new LuTokensDbo
+            {
+                Data = JsonConvert.DeserializeObject<IDictionary<string, object>>(model.data),
+                Id = model.id,
+                NotAfter = model.notAfter,
+                NotBefore = model.notBefore,
+                UserId = model.user_id.ToDbo()
+            };
+        }
+    }
+}

Luticate2.Auth/DataAccess/code-from-ds/code-from-ds.json

@@ -21,6 +21,10 @@
                     {
                         "column": "data",
                         "selected": true
+                    },
+                    {
+                        "column": "realm",
+                        "selected": true
                     }
                 ],
                 "table": "lu_authentication_sources"
@@ -38,6 +42,31 @@
                 ],
                 "table": "lu_groups"
             },
+            {
+                "columns": [
+                    {
+                        "column": "id",
+                        "selected": true
+                    },
+                    {
+                        "column": "notBefore",
+                        "selected": true
+                    },
+                    {
+                        "column": "notAfter",
+                        "selected": true
+                    },
+                    {
+                        "column": "user_id",
+                        "selected": true
+                    },
+                    {
+                        "column": "data",
+                        "selected": true
+                    }
+                ],
+                "table": "lu_tokens"
+            },
             {
                 "columns": [
                     {

Luticate2.Auth/Dbo/Permissions/LuPermissions.cs

@@ -5,5 +5,9 @@
         public const string LuGroupsRead = "LU_GROUPS_READ";
 
         public const string LuGroupsWrite = "LU_GROUPS_WRITE";
+
+        public const string LuUsersRead = "LU_USERS_READ";
+
+        public const string LuUsersWrite = "LU_USERS_WRITE";
     }
 }

Luticate2.Auth/Dbo/Tokens/LuTokensAddDbo.cs

@@ -0,0 +1,18 @@
+using System;
+using System.Collections.Generic;
+
+namespace Luticate2.Auth.Dbo.Tokens
+{
+    public class LuTokensAddDbo : LuTokensEditDbo
+    {
+        public string Id { get; set; }
+
+        public DateTime? NotBefore { get; set; }
+
+        public DateTime? NotAfter { get; set; }
+
+        public IDictionary<string, object> Data { get; set; }
+
+        public string UserId { get; set; }
+    }
+}

Luticate2.Auth/Dbo/Tokens/LuTokensDbo.cs

@@ -0,0 +1,6 @@
+namespace Luticate2.Auth.Dbo.Tokens
+{
+    public class LuTokensDbo : LuTokensAddDbo
+    {
+    }
+}

Luticate2.Auth/Dbo/Tokens/LuTokensEditDbo.cs

@@ -0,0 +1,7 @@
+namespace Luticate2.Auth.Dbo.Tokens
+{
+    public class LuTokensEditDbo
+    {
+
+    }
+}

Luticate2.Auth/Dbo/Users/LuUsersAddDbo.cs

@@ -0,0 +1,9 @@
+namespace Luticate2.Auth.Dbo.Users
+{
+    public class LuUsersAddDbo
+    {
+        public string Username { get; set; }
+
+        public string Password { get; set; }
+    }
+}

Luticate2.Auth/Dbo/Users/LuUsersAddFullDbo.cs

@@ -0,0 +1,7 @@
+namespace Luticate2.Auth.Dbo.Users
+{
+    public class LuUsersAddFullDbo : LuUsersEditFullDbo
+    {
+        public string AuthenticationSourceId { get; set; }
+    }
+}

Luticate2.Auth/Dbo/Users/UsersDbo.cs → Luticate2.Auth/Dbo/Users/LuUsersDbo.cs

@@ -1,6 +1,6 @@
 namespace Luticate2.Auth.Dbo.Users
 {
-    public class UsersDbo
+    public class LuUsersDbo
     {
         public string Id { get; set; }
 

Luticate2.Auth/Dbo/Users/LuUsersEditDbo.cs

@@ -0,0 +1,7 @@
+namespace Luticate2.Auth.Dbo.Users
+{
+    public class LuUsersEditDbo
+    {
+
+    }
+}

Luticate2.Auth/Dbo/Users/LuUsersEditFullDbo.cs

@@ -0,0 +1,15 @@
+using System.Collections.Generic;
+
+namespace Luticate2.Auth.Dbo.Users
+{
+    public class LuUsersEditFullDbo
+    {
+        public string Username { get; set; }
+
+        public string Password { get; set; }
+
+        public string Salt { get; set; }
+
+        public IDictionary<string, object> Data { get; set; }
+    }
+}

Luticate2.Auth/Dbo/Users/LuUsersFullDbo.cs

@@ -0,0 +1,7 @@
+namespace Luticate2.Auth.Dbo.Users
+{
+    public class LuUsersFullDbo : LuUsersAddFullDbo
+    {
+        public string Id { get; set; }
+    }
+}

Luticate2.Auth/Dbo/Users/LuUsersLoginResultDbo.cs

@@ -0,0 +1,9 @@
+namespace Luticate2.Auth.Dbo.Users
+{
+    public class LuUsersLoginResultDbo
+    {
+        public LuUsersDbo User { get; set; }
+
+        public string Token { get; set; }
+    }
+}

Luticate2.Auth/Dbo/Users/UsersToken.cs → Luticate2.Auth/Dbo/Users/LuUsersToken.cs

@@ -1,8 +1,9 @@
 using System;
+using System.Collections.Generic;
 
 namespace Luticate2.Auth.Dbo.Users
 {
-    public class UsersToken
+    public class LuUsersToken
     {
         public string UserId { get; set; }
 
@@ -10,6 +11,6 @@ namespace Luticate2.Auth.Dbo.Users
 
         public DateTime? NotAfter { get; set; }
 
-        public object Data { get; set; }
+        public IDictionary<string, object> Data { get; set; }
     }
 }

Luticate2.Auth/Interfaces/Tokens/ILuTokensBusiness.cs

@@ -0,0 +1,18 @@
+using Luticate2.Auth.Dbo.Users;
+using Luticate2.Utils.Dbo.Result;
+
+namespace Luticate2.Auth.Interfaces.Tokens
+{
+    public interface ILuTokensBusiness
+    {
+        LuResult<LuUsersToken> GetToken(string token);
+
+        LuResult<string> RegisterToken(LuUsersToken token);
+
+        LuResult<LuUsersToken> UnRegisterToken(string token);
+
+        bool IsTokenValid(LuUsersToken token);
+
+        LuResult<string> GenerateToken(LuUsersDbo user);
+    }
+}

Luticate2.Auth/Interfaces/Users/ILuLoggedUserAccessor.cs

@@ -4,6 +4,6 @@ namespace Luticate2.Auth.Interfaces.Users
 {
     public interface ILuLoggedUserAccessor
     {
-        UsersDbo GetLoggedUser();
+        LuUsersFullDbo GetLoggedUser();
     }
 }

Luticate2.Auth/Interfaces/Users/ILuUsersBusiness.cs

@@ -1,22 +1,27 @@
 using Luticate2.Auth.Dbo.Users;
 using Luticate2.Utils.Dbo.Result;
+using Luticate2.Utils.Interfaces;
 
 namespace Luticate2.Auth.Interfaces.Users
 {
-    public interface ILuUsersBusiness
+    public interface ILuUsersBusiness : ILuCrudInterface<LuUsersAddFullDbo, LuUsersFullDbo, LuUsersEditFullDbo, string>
     {
-        LuResult<UsersToken> GetToken(string token);
+        string GenerateSalt();
 
-        LuResult<string> RegisterToken(UsersToken token);
+        string HashPassword(string password, string salt);
 
-        LuResult<UsersToken> UnRegisterToken(string token);
+        bool VerifyPasswordHash(string password, string hash, string salt);
 
-        bool IsTokenValid(UsersToken token);
+        LuResult<LuUsersLoginResultDbo> Login(string username, string password);
 
-        LuResult<UsersDbo> GetSingleById(string id);
+        LuResult<bool> Logout(string token);
 
-        string HashPassword(string password, string salt);
+        LuResult<LuUsersFullDbo> FindByUsername(string username);
 
-        bool VerifyPasswordHash(string password, string hash, string salt);
+        LuResult<LuUsersFullDbo> Register(LuUsersAddDbo user);
+
+        LuResult<LuUsersFullDbo> Edit(string id, LuUsersEditDbo user);
+
+        LuResult<LuUsersFullDbo> Me();
     }
 }

Luticate2.Auth/Middlewares/LuLoggedUserMiddleware.cs

@@ -1,8 +1,8 @@
 using System;
+using Luticate2.Auth.Business;
 using Luticate2.Auth.Controllers;
-using Luticate2.Auth.Dbo.Users;
+using Luticate2.Auth.Interfaces.Tokens;
 using Luticate2.Auth.Interfaces.Users;
-using Luticate2.Utils.Controllers;
 using Luticate2.Utils.Dbo.Result;
 using Luticate2.Utils.Utils;
 using Microsoft.AspNetCore.Mvc.Filters;
@@ -11,31 +11,32 @@ namespace Luticate2.Auth.Middlewares
 {
     public class LuLoggedUserMiddleware : IActionFilter
     {
-        public const string TokenCookieName = "luticate2-token";
 
         private readonly ILuUsersBusiness _luUsersBusiness;
+        private readonly ILuTokensBusiness _luTokensBusiness;
 
-        public LuLoggedUserMiddleware(ILuUsersBusiness luUsersBusiness)
+        public LuLoggedUserMiddleware(ILuUsersBusiness luUsersBusiness, ILuTokensBusiness luTokensBusiness)
         {
             _luUsersBusiness = luUsersBusiness;
+            _luTokensBusiness = luTokensBusiness;
         }
 
         public void OnActionExecuting(ActionExecutingContext context)
         {
-            var token = context.HttpContext.Request.Cookies[TokenCookieName];
+            var token = context.HttpContext.GetLuUserToken();
             var userId = Guid.Empty.ToDbo();
-            if (!string.IsNullOrWhiteSpace(token))
+            if (token != null)
             {
-                var tokenRes = _luUsersBusiness.GetToken(token);
+                var tokenRes = _luTokensBusiness.GetToken(token);
                 if (tokenRes.Status == LuStatus.NotFound)
                 {
-                    LuResult<object>.Error(LuStatus.LoginError, $"token: {token}", "Invalid session").Throw();
+                    LuResult<object>.Error(LuStatus.LoginError, $"unknown token: {token}", "Invalid session").Throw();
                 }
                 tokenRes.ThrowIfNotSuccess();
-                var tokenValid = _luUsersBusiness.IsTokenValid(tokenRes.Data);
+                var tokenValid = _luTokensBusiness.IsTokenValid(tokenRes.Data);
                 if (!tokenValid)
                 {
-                    LuResult<object>.Error(LuStatus.LoginError, $"token: {token}", "Invalid session").Throw();
+                    LuResult<object>.Error(LuStatus.LoginError, $"invalid token: {token}", "Invalid session").Throw();
                 }
                 userId = tokenRes.Data.UserId;
             }

Luticate2.Auth/project.json

@@ -1,17 +1,18 @@
 {
-    "version": "0.5.0",
-    "buildOptions": {
-        "debugType": "portable"
-    },
-    "dependencies": {
-        "Luticate2.Utils": "0.5.*"
-    },
-    "frameworks": {
-        "netcoreapp1.0": {
-            "imports": [
-                "dotnet5.6",
-                "portable-net45+win8"
-            ]
-        }
+  "version": "0.5.0",
+  "buildOptions": {
+    "debugType": "portable"
+  },
+  "dependencies": {
+    "Luticate2.Utils": "0.5.*",
+    "Microsoft.AspNetCore.Cryptography.KeyDerivation": "1.1.1"
+  },
+  "frameworks": {
+    "netcoreapp1.0": {
+      "imports": [
+        "dotnet5.6",
+        "portable-net45+win8"
+      ]
     }
+  }
 }

Luticate2.Utils/Controllers/LuUtilsExtensions.cs

@@ -11,6 +11,7 @@ using Luticate2.Utils.Dbo.Result;
 using Luticate2.Utils.Hubs;
 using Luticate2.Utils.Interfaces;
 using Luticate2.Utils.Middlewares;
+using Luticate2.Utils.Utils;
 using Microsoft.AspNetCore.Builder;
 using Microsoft.AspNetCore.Http;
 using Microsoft.AspNetCore.Mvc;
@@ -38,9 +39,11 @@ namespace Luticate2.Utils.Controllers
                 options.Hubs.EnableDetailedErrors = true;
             });
 
-            services.AddScoped<LuEfTransactionScope>();
-            services.AddSingleton<LuHubConnectionTracker>();
-            services.AddSingleton<ILuNotificationsBusiness, LuNotificationsBusiness>();
+            services.TryAddSingleton<IDateTime, SystemDateTime>();
+
+            services.TryAddScoped<LuEfTransactionScope>();
+            services.TryAddSingleton<LuHubConnectionTracker>();
+            services.TryAddSingleton<ILuNotificationsBusiness, LuNotificationsBusiness>();
             services.Configure(optionsDelegate);
             return services;
         }

Luticate2.Utils/Interfaces/IDateTime.cs

@@ -0,0 +1,9 @@
+using System;
+
+namespace Luticate2.Utils.Interfaces
+{
+    public interface IDateTime
+    {
+        DateTime Now { get; }
+    }
+}

Luticate2.Utils/Utils/SystemDateTime.cs

@@ -0,0 +1,10 @@
+using System;
+using Luticate2.Utils.Interfaces;
+
+namespace Luticate2.Utils.Utils
+{
+    public class SystemDateTime : IDateTime
+    {
+        public DateTime Now => DateTime.Now;
+    }
+}

TestAuth/Business/LuUsersBusinessTest.cs

@@ -0,0 +1,22 @@
+using Luticate2.Auth.Interfaces.Users;
+using Xunit;
+
+namespace TestAuth.Business
+{
+    public class LuUsersBusinessTest
+    {
+        [Fact]
+        public void TestPassword()
+        {
+            Tests.TestRealDb<ILuUsersBusiness>(business =>
+            {
+                var password = "test42";
+                var salt = business.GenerateSalt();
+                var hashed = business.HashPassword(password, salt);
+                Assert.True(business.VerifyPasswordHash(password, hashed, salt));
+                Assert.False(business.VerifyPasswordHash(password + "0", hashed, salt));
+                Assert.False(business.VerifyPasswordHash("0" + password, hashed, salt));
+            });
+        }
+    }
+}

TestAuth/Tests.cs

@@ -2,11 +2,31 @@
 using Luticate2.Auth.Controllers;
 using Luticate2.Auth.DataAccess;
 using Luticate2.Utils.DataAccess;
+using Luticate2.Utils.Interfaces;
 using Microsoft.EntityFrameworkCore;
 using Microsoft.Extensions.DependencyInjection;
 
 namespace TestAuth
 {
+    public class DummyNotificationsBusiness : ILuNotificationsBusiness
+    {
+        public void Notify(string eventName, string entityType, object oldEntity, object newEntity, Func<string, bool> filter = null)
+        {
+        }
+
+        public void NotifyCreate(string entityType, object newEntity, Func<string, bool> filter = null)
+        {
+        }
+
+        public void NotifyUpdate(string entityType, object oldEntity, object newEntity, Func<string, bool> filter = null)
+        {
+        }
+
+        public void NotifyDelete(string entityType, object oldEntity, Func<string, bool> filter = null)
+        {
+        }
+    }
+
     public class Tests
     {
         public const string RealDbConnectionString =
@@ -15,6 +35,7 @@ namespace TestAuth
         public static IServiceProvider BuildRealDbServiceProvider()
         {
             IServiceCollection serviceCollection = new ServiceCollection();
+            serviceCollection.AddSingleton<ILuNotificationsBusiness, DummyNotificationsBusiness>();
             serviceCollection.AddLuticateAuth(dbo =>
             {
                 dbo.Version = "tests";

TestAuth/project.json

@@ -6,6 +6,7 @@
     "dependencies": {
         "dotnet-test-xunit": "1.0.0-rc2-*",
         "Luticate2.Auth": "0.5.*",
+        "Microsoft.DotNet.InternalAbstractions": "1.0.500-preview2-1-003177",
         "Moq": "4.6.38-alpha",
         "System.Runtime.Serialization.Primitives": "4.1.1",
         "xunit": "2.1.0"

TestUtils/project.json

@@ -1,28 +1,29 @@
-{
-    "version": "0.1.0",
-    "buildOptions": {
-        "debugType": "portable"
-    },
-    "dependencies": {
-        "dotnet-test-xunit": "1.0.0-rc2-*",
-        "Luticate2.Utils": "0.5.*",
-        "Moq": "4.6.38-alpha",
-        "System.Runtime.Serialization.Primitives": "4.1.1",
-        "xunit": "2.1.0"
-    },
-    "testRunner": "xunit",
-    "frameworks": {
-        "netcoreapp1.0": {
-            "dependencies": {
-                "Microsoft.NETCore.App": {
-                    "type": "platform",
-                    "version": "1.0.1"
-                }
-            },
-            "imports": [
-                "dotnet5.4",
-                "portable-net451+win8"
-            ]
+{
+  "version": "0.1.0",
+  "buildOptions": {
+    "debugType": "portable"
+  },
+  "dependencies": {
+    "dotnet-test-xunit": "1.0.0-rc2-*",
+    "Luticate2.Utils": "0.5.*",
+    "Microsoft.DotNet.InternalAbstractions": "1.0.500-preview2-1-003177",
+    "Moq": "4.6.38-alpha",
+    "System.Runtime.Serialization.Primitives": "4.1.1",
+    "xunit": "2.1.0"
+  },
+  "testRunner": "xunit",
+  "frameworks": {
+    "netcoreapp1.0": {
+      "dependencies": {
+        "Microsoft.NETCore.App": {
+          "type": "platform",
+          "version": "1.0.1"
         }
+      },
+      "imports": [
+        "dotnet5.4",
+        "portable-net451+win8"
+      ]
     }
+  }
 }