public async Task <IActionResult> Login([FromBody] EmailPasswordModel model) { if (!ModelState.IsValid) { return(BadRequest("Invalid user name or password")); } var user = await _userManager.FindByEmailAsync(model.Email); if (user == null) { return(Conflict("Bad user name password combination")); } if (!await _userManager.CheckPasswordAsync(user, model.Password)) { return(Conflict("Bad user name password combination")); } //TODO: implement user account lockout to avoid guess password with brute force var refreshToken = AesCryptor.EncryptStringAes(user.Id, RefreshtokenKey.Value, RefreshtokenKey.IV); var jwtToken = JwtTokenizer.GenerateJwtToken(user.Id, user.Email); //CreateAuthenticatedCookie(jwtToken); return(Ok(new { userId = user.Id, Token = jwtToken, refreshtoken = refreshToken })); }
public async Task <IActionResult> OnGetAsync(string email) { if (email == null) { return(RedirectToPage("/Index")); } var user = await _userManager.FindByEmailAsync(email); if (user == null) { return(NotFound($"Unable to load user with email '{email}'.")); } Email = email; // Once you add a real email sender, you should remove this code that lets you confirm the account DisplayConfirmAccountLink = true; if (DisplayConfirmAccountLink) { var userId = await _userManager.GetUserIdAsync(user); var code = await _userManager.GenerateEmailConfirmationTokenAsync(user); code = WebEncoders.Base64UrlEncode(Encoding.UTF8.GetBytes(code)); EmailConfirmationUrl = Url.Page( "/Account/ConfirmEmail", pageHandler: null, values: new { area = "Identity", userId = userId, code = code }, protocol: Request.Scheme); } return(Page()); }
public async Task <IActionResult> Login([FromBody] LoginViewmodel value) { var user = await _userManager.FindByEmailAsync(value.Email); if (user != null && await _userManager.CheckPasswordAsync(user, value.Password)) { _jwtTokenService.CreateToken(user); } return(Unauthorized()); }
public async Task <IActionResult> Login(LoginModel model) { ApplicationUser user = await userManager.FindByEmailAsync(model.Email); var result = await signInManager.PasswordSignInAsync(user, model.Password, true, false); if (result.Succeeded) { var jwtResponse = jwtAuthenticator.GenerateJwtToken(user); return(Ok(jwtResponse)); } return(BadRequest("Invalid Auth Credentials")); }