public async Task <IActionResult> Login(LoginRequest loginRequest) { var authHandler = new BearerAuthHandler(_dbService); if (await authHandler.HandleAuthenticateAsync(loginRequest) != Accepted()) { return(BadRequest("Bledne dane logowania")); } var claims = new[] { new Claim(ClaimTypes.NameIdentifier, loginRequest.IndexNumber), new Claim(ClaimTypes.Name, "PJATK"), }; var key = new SymmetricSecurityKey(Encoding.UTF8.GetBytes(Configuration["SecretKey"])); var creds = new SigningCredentials(key, SecurityAlgorithms.HmacSha256); var token = new JwtSecurityToken ( issuer: "Me", audience: "Students", claims: claims, expires: DateTime.Now.AddMinutes(10), signingCredentials: creds ); return(Ok(new { token = new JwtSecurityTokenHandler().WriteToken(token), refreshToken = Guid.NewGuid() })); }
public async Task <IActionResult> Login(LoginRequest request) { var authHandler = new BearerAuthHandler(_dbService); if (await authHandler.HandleAuthenticateAsync(request) != Accepted()) { return(BadRequest("Błędne dane logowania!")); } var claims = new[] { new Claim(ClaimTypes.NameIdentifier, request.IndexNumber), new Claim(ClaimTypes.Name, "Pjatk"), new Claim(ClaimTypes.Role, "admin"), new Claim(ClaimTypes.Role, "student"), }; var key = new SymmetricSecurityKey(Encoding.UTF8.GetBytes(Configuration["SecretKey"])); var creds = new SigningCredentials(key, SecurityAlgorithms.HmacSha256); var token = new JwtSecurityToken( issuer: "Gakko", audience: "Students", claims: claims, expires: DateTime.Now.AddMinutes(10), signingCredentials: creds ); return(Ok(new { token = new JwtSecurityTokenHandler().WriteToken(token), //żyje 5-10 minut refreshToken = Guid.NewGuid() //losowy, dlugi ciąg znaków zapisywany w bazie danych, uzywany do wygenerowania nowego Tokena bez koniecznosci ponownego logowania się })); }