public string Authenticate(string email, string password)
{
var user = _userService.GetForAuthentication(email);
if (user == null || !user.IsActive)
{
return(null);
}
if (!_userPasswordService.ValidateHash(password, user.PasswordHash, user.PasswordSalt))
{
return(null);
}
var tokenHandler = new JwtSecurityTokenHandler();
var key = Encoding.ASCII.GetBytes(_secretsConfiguration.UserPasswordSecret);
var roleClaims = new List <Claim>(user.Roles.Select(r => new Claim(ClaimTypes.Role, r.Role.Name)));
var allClaims = new List <Claim>();
allClaims.Add(new Claim(ClaimTypes.Name, user.Id.ToString()));
allClaims.AddRange(roleClaims);
var tokenDescriptor = new SecurityTokenDescriptor
{
Subject = new ClaimsIdentity(allClaims),
Expires = DateTime.UtcNow.AddMinutes(30),
SigningCredentials = new SigningCredentials(new SymmetricSecurityKey(key), SecurityAlgorithms.HmacSha256Signature)
};
var token = tokenHandler.CreateToken(tokenDescriptor);
return(tokenHandler.WriteToken(token));
}
public string GenerateToken(User entity, string password)
{
if (entity?.IsActive != true)
{
throw new UnauthorizedAccessException();
}
if (!_userPasswordService.ValidateHash(password, entity.PasswordHash, entity.PasswordSalt))
{
throw new UnauthorizedAccessException();
}
var tokenHandler = new JwtSecurityTokenHandler();
var key = Encoding.ASCII.GetBytes(_authenticationConfiguration.TokenSecret);
var allClaims = new List <Claim>();
allClaims.Add(new Claim(ClaimTypes.NameIdentifier, entity.Id.ToString()));
var tokenDescriptor = new SecurityTokenDescriptor
{
Subject = new ClaimsIdentity(allClaims),
Expires = DateTime.UtcNow.AddMinutes(30),
Audience = _authenticationConfiguration.Audience,
Issuer = _authenticationConfiguration.Issuer,
SigningCredentials = new SigningCredentials(new SymmetricSecurityKey(key), SecurityAlgorithms.HmacSha256Signature)
};
var token = tokenHandler.CreateToken(tokenDescriptor);
return(tokenHandler.WriteToken(token));
}
public async Task <UserDto> AuthenticateAsync(string email, string password)
{
if (string.IsNullOrWhiteSpace(email) || string.IsNullOrWhiteSpace(password))
{
return(null);
}
var users = await _userRepository.GetAsync(u => u.Email == email);
var user = users.SingleOrDefault();
if (user == null)
{
return(null);
}
if (!_userPasswordService.ValidateHash(password, user.PasswordHash, user.PasswordSalt))
{
return(null);
}
var result = _mapper.Map <UserDto>(user);
return(result);
}