public async Task <IActionResult> Authenticate([FromBody] AuthenticateModel model)
{
AuthenticatedResult authenticatedResult = new AuthenticatedResult();
// This doesn't count login failures towards account lockout
// To enable password failures to trigger account lockout, set lockoutOnFailure: true
var result = await _signInManager.PasswordSignInAsync(model.Email, model.Password, false, lockoutOnFailure : false);
if (result.Succeeded)
{
//current user
var user = await _userManager.FindByNameAsync(model.Email).ConfigureAwait(true);
// Get the roles for the user
var roles = await _userManager.GetRolesAsync(user).ConfigureAwait(true);
var RoleDetails = _context.Roles.Where(o => o.Name == roles[0]).FirstOrDefault();
authenticatedResult.Authenticated = true;
authenticatedResult.Email = user.Email;
authenticatedResult.OrgID = 1;
authenticatedResult.Role = RoleDetails.DisplayName;
authenticatedResult.RoleID = RoleDetails.Id;
authenticatedResult.UserID = user.Id;
authenticatedResult.UserName = user.UserName;
authenticatedResult.Phone = user.PhoneNumber;
authenticatedResult.StatusCode = StatusCodes.Status200OK;
authenticatedResult = _authenticationServices.GenerateJWT(authenticatedResult);
return(Ok(authenticatedResult));
}
else if (result.RequiresTwoFactor)
{
authenticatedResult.Authenticated = false;
authenticatedResult.StatusCode = StatusCodes.Status203NonAuthoritative;
authenticatedResult.ErrorMessages = new List <string> {
"two factor authentication is allowed. "
};
return(Ok(authenticatedResult));
}
else if (result.IsLockedOut)
{
authenticatedResult.Authenticated = false;
authenticatedResult.StatusCode = StatusCodes.Status401Unauthorized;
authenticatedResult.ErrorMessages = new List <string> {
"Your account is locked. please contact your system administrator."
};
return(Ok(authenticatedResult));
}
else
{
authenticatedResult.Authenticated = false;
authenticatedResult.StatusCode = StatusCodes.Status401Unauthorized;
authenticatedResult.ErrorMessages = new List <string> {
"Incorrect email or password."
};
return(Ok(authenticatedResult));
}
}
public AuthenticatedResult GenerateJWT(AuthenticatedResult authenticatedResult)
{
var tokenHandler = new JwtSecurityTokenHandler();
var key = Encoding.ASCII.GetBytes(_appSettings.Secret);
var tokenDescriptor = new SecurityTokenDescriptor
{
Subject = new ClaimsIdentity(new Claim[]
{
new Claim(ClaimTypes.Name, authenticatedResult.UserID.ToString()),
new Claim(ClaimTypes.Role, authenticatedResult.RoleID.ToString())
}),
Expires = DateTime.UtcNow.AddDays(1),
SigningCredentials = new SigningCredentials(new SymmetricSecurityKey(key), SecurityAlgorithms.HmacSha256Signature)
};
var token = tokenHandler.CreateToken(tokenDescriptor);
authenticatedResult.Token = tokenHandler.WriteToken(token);
return(authenticatedResult);
}
