public async Task <IActionResult> login([FromBody] Login login)
{
var user = await userManager.FindByNameAsync(login.phone);
if (user != null && await userManager.CheckPasswordAsync(user, login.password))
{
var userRole = await userManager.GetRolesAsync(user);
var authclaims = new List <Claim>
{
new Claim(JwtRegisteredClaimNames.Sub, user.UserName),
new Claim(JwtRegisteredClaimNames.Jti, Guid.NewGuid().ToString()),
};
foreach (var userrole in userRole)
{
authclaims.Add(new Claim("role", userrole));
}
var authSigningKey = new SymmetricSecurityKey(Encoding.UTF8.GetBytes(_configuration["JWT:Secret"]));
var token = new JwtSecurityToken(
issuer: _configuration["JWT:ValidIssuer"],
audience: _configuration["JWT:ValidAudience"],
expires: DateTime.Now.AddHours(500),
claims: authclaims,
signingCredentials: new SigningCredentials(authSigningKey, SecurityAlgorithms.HmacSha256)
);
var refreshObject = new Refreshtoken
{
userName = login.phone,
refreshToken = Guid.NewGuid().ToString()
};
await _ecommerContext.refreshtokens.AddAsync(refreshObject);
await _ecommerContext.SaveChangesAsync();
var token1 = new JwtSecurityTokenHandler().WriteToken(token);
var expire = token.ValidTo;
var userrole1 = await userManager.IsInRoleAsync(user, "customer");
return(Ok(new
{
token = new JwtSecurityTokenHandler().WriteToken(token),
expiration = token.ValidTo,
refreshToken = refreshObject.refreshToken
}));
}
return(Unauthorized(new Response {
status = "Lỗi", message = "Tài khoản không hợp lệ"
}));
}
public Refreshtoken GenerateRefreshToken(string token)
{
var principal = GetClaimsFromExpiredToken(token);
var jti = principal.Claims.SingleOrDefault(x => x.Type == JwtRegisteredClaimNames.Jti).Value;
var userId = principal.Claims.SingleOrDefault(x => x.Type == nameof(ApplicationUser.Id)).Value;
var refreshToken = new Refreshtoken()
{
JwtId = jti,
UserId = userId,
CreateDate = DateTime.UtcNow,
ExpiryDate = DateTime.UtcNow.AddMonths(jwtConfig.RefreshTokenExpiryInMonths),
Token = GenerateRandomString() + Guid.NewGuid()
};
return(refreshToken);
}
