public async Task <IActionResult> Login(LoginRequest loginRequest)
{
var authHandler = new BearerAuthHandler(_dbService);
if (await authHandler.HandleAuthenticateAsync(loginRequest) != Accepted())
{
return(BadRequest("Bledne dane logowania"));
}
var claims = new[]
{
new Claim(ClaimTypes.NameIdentifier, loginRequest.IndexNumber),
new Claim(ClaimTypes.Name, "PJATK"),
};
var key = new SymmetricSecurityKey(Encoding.UTF8.GetBytes(Configuration["SecretKey"]));
var creds = new SigningCredentials(key, SecurityAlgorithms.HmacSha256);
var token = new JwtSecurityToken
(
issuer: "Me",
audience: "Students",
claims: claims,
expires: DateTime.Now.AddMinutes(10),
signingCredentials: creds
);
return(Ok(new
{
token = new JwtSecurityTokenHandler().WriteToken(token),
refreshToken = Guid.NewGuid()
}));
}
public async Task <IActionResult> Login(LoginRequest request)
{
var authHandler = new BearerAuthHandler(_dbService);
if (await authHandler.HandleAuthenticateAsync(request) != Accepted())
{
return(BadRequest("Błędne dane logowania!"));
}
var claims = new[]
{
new Claim(ClaimTypes.NameIdentifier, request.IndexNumber),
new Claim(ClaimTypes.Name, "Pjatk"),
new Claim(ClaimTypes.Role, "admin"),
new Claim(ClaimTypes.Role, "student"),
};
var key = new SymmetricSecurityKey(Encoding.UTF8.GetBytes(Configuration["SecretKey"]));
var creds = new SigningCredentials(key, SecurityAlgorithms.HmacSha256);
var token = new JwtSecurityToken(
issuer: "Gakko",
audience: "Students",
claims: claims,
expires: DateTime.Now.AddMinutes(10),
signingCredentials: creds
);
return(Ok(new
{
token = new JwtSecurityTokenHandler().WriteToken(token), //żyje 5-10 minut
refreshToken = Guid.NewGuid() //losowy, dlugi ciąg znaków zapisywany w bazie danych, uzywany do wygenerowania nowego Tokena bez koniecznosci ponownego logowania się
}));
}
