Creating and managing users

DigitalReach · June 28, 2018, 5:05pm

I can’t see in documentation if there is class/helper method for users. Is there anything in SS like UserManager?

Or do I have to directly create everything with OrmLite statement in the database including the password hash? Is there any simple .net core code example creating a user from a service and not via an API request?

I see in docs it says to use /registerand I downloaded sample project that shows making ajax request to this to create user but I am looking for how to do this inside the startup/service classes.

Thanks

mythz · June 28, 2018, 5:13pm

The IAuthRepository provides the API to create / update users in any of the Auth Repositories:

Within a Service it’s available from:

var authRepo = base.AuthRepository;

Otherwise you can get it from anywhere else in ServiceStack with:

var authRepo = HostContext.AppHost.GetAuthRepository(Request);

This is the same API the /regsiter Service uses to create or update users:

github.com

ServiceStack/ServiceStack/blob/master/src/ServiceStack/Auth/RegisterService.cs#L118


var existingUser = session.IsAuthenticated ? AuthRepository.GetUserAuth(session, null) : null;
var registerNewUser = existingUser == null;


if (!registerNewUser && !AllowUpdates)
    throw new NotSupportedException(ErrorMessages.RegisterUpdatesDisabled.Localize(Request));


if (!HostContext.AppHost.GlobalRequestFiltersAsync.Contains(ValidationFilters.RequestFilterAsync)) //Already gets run
    RegistrationValidator?.ValidateAndThrow(request, registerNewUser ? ApplyTo.Post : ApplyTo.Put);


var user = registerNewUser
    ? AuthRepository.CreateUserAuth(newUserAuth, request.Password)
    : AuthRepository.UpdateUserAuth(existingUser, newUserAuth, request.Password);


if (registerNewUser)
{
    session.PopulateSession(user);
    session.OnRegistered(Request, session, this);
    AuthEvents?.OnRegistered(this.Request, session, this);
}


if (request.AutoLogin.GetValueOrDefault())

If you’re using OrmLiteAuthRepository then the Users are stored in UserAuth and UserAuthDetails tables where you will also be able to use any OrmLite API with the tables directly, in addition to what’s provided by OrmLiteAuthRepository.

DigitalReach · June 30, 2018, 1:59pm

Thanks Mythz, that was really helpful.

I added a user to database like this in seed method:

using (var db = dbFactory.Open())
{
	var existing = db.Select<UserAuth>(x => x.Email == "test@example.com").Any();
	if(!existing)
	{
		var authRepo = HostContext.TryResolve<IAuthRepository>();
		authRepo.CreateUserAuth(new UserAuth { Email = "test@example.com" }, "123456");
	}
}

I verified that there is an entry in the database.

Then I register JWT plugin:

Plugins.Add(new AuthFeature(() => new AuthUserSession(),
  new IAuthProvider[] {
		new JwtAuthProvider(AppSettings) { AuthKey = AesUtils.CreateKey(), RequireSecureConnection=false },
		new CredentialsAuthProvider(AppSettings),
  }));

And I try to get the token from typescript like this:

var authClient = new JsonServiceClient(environment.apiUrl);

var authResponse = await authClient.post(new Authenticate(), {
	provider : "credentials",
	UserName : username,
	Password : password,
	RememberMe : remember,
});

But it return 401 unauthorised. What did I do wrong?

Here is the requests headers:

Request URL: http://localhost:5000/json/reply/Authenticate?provider=credentials&UserName=test%40example.com&Password=123456&RememberMe=false
Request Method: POST
Status Code: 401 Unauthorized
Remote Address: [::1]:5000
Referrer Policy: no-referrer-when-downgrade
Content-Length: 0
Date: Sat, 30 Jun 2018 13:40:13 GMT
Server: Kestrel
Vary: Accept
WWW-Authenticate: jwt realm="/auth/jwt"
X-Powered-By: ServiceStack/5.10 NETStandard/.NET
X-Powered-By: ASP.NET
X-SourceFiles: =?UTF-8?B?RTpcQ2xpZW50c1xUdXJtYVxDbG91ZEp1aWNlXENsb3VkSnVpY2VBcGlTcGFcQ2xvdWRKdWljZUFwaVNwYVxqc29uXHJlcGx5XEF1dGhlbnRpY2F0ZQ==?=
Accept: */*
Accept-Encoding: gzip, deflate, br
Accept-Language: en,en-GB;q=0.9
Cache-Control: no-cache
Connection: keep-alive
Content-Length: 2
content-type: application/json
Cookie: tracker_device=4248f8f5-1b4d-4061-82a7-dd94e01880d0; _ga=GA1.1.905646369.1529249981; GSIDdVE19l7XE69A=00a40c41-9bf3-473b-8ade-2cf2b57cdc72; STSID391124=739b9101-b2c7-44f0-8d21-607f89f1c693; ltkmodal-suppression-899714a9-f75d-4d17-889a-d59c179b0536=Sat%20Jun%2017%202028%2016%3A42%3A48%20GMT%2B0100%20(British%20Summer%20Time); XDEBUG_SESSION=PHPSTORM; 66ab3c759c14110qi1=0%3A1%3AmcAWiQaClcxalcGBkuYYEw%3D%3D; ss-id=2KT1D5I6EITTSGctIpLU; ss-pid=uB7kA01Ck7SUnumsNveQ
Host: localhost:5000
Origin: http://localhost:5000
Pragma: no-cache
Referer: http://localhost:5000/pages/auth/login
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.99 Safari/537.36
provider: credentials
UserName: test@example.com
Password: 123456
RememberMe: false
{}
No properties
Authenticate?provider=credentials&UserName=test%40example.com&Password=123456&RememberMe=false

DigitalReach · June 30, 2018, 2:48pm

My typescript was wrong, I was adding params to query. This code worked:

    let authClient = new JsonServiceClient(environment.apiUrl);

    let request = new Authenticate();
    request.provider = "credentials";
    request.userName = username;
    request.password = password;
    request.rememberMe = remember;

    let authResponse = await authClient.post(request);

I have token now.