public User Authenticate(UserForLogin userForLogin)
{
if (userForLogin == null)
{
return(null);
}
if (userForLogin.Password == null || userAPI == null)
{
return(null);
}
var sha256 = new SHA256CryptoServiceProvider();
var hashedPassword = ConvertByteArrayToString(
sha256.ComputeHash(ConvertStringToByteArray(userForLogin.Password)));
sha256.Dispose();
var user = userAPI.GetUserFromDatabase(userForLogin.Name);
if (user == null)
{
return(null);
}
if (user.Password != hashedPassword)
{
return(null);
}
var tokenHandler = new JwtSecurityTokenHandler();
var key = Encoding.ASCII.GetBytes(appSettings.Secret);
var tokenDescriptor = new SecurityTokenDescriptor
{
Subject = new ClaimsIdentity(new Claim[]
{
new Claim(ClaimTypes.Name, user.Id.ToString())
}),
Expires = DateTime.UtcNow.AddDays(7),
SigningCredentials =
new SigningCredentials(new SymmetricSecurityKey(key), SecurityAlgorithms.HmacSha256Signature)
};
var token = tokenHandler.CreateToken(tokenDescriptor);
user.Token = tokenHandler.WriteToken(token);
user.Password = null;
return(user);
}
public async Task <IActionResult> Login(UserForLogin loginDTO)
{
//validate the user name
loginDTO.Username = loginDTO.Username.ToLower();
//get user from database
User user = await _auth.Login(loginDTO.Username, loginDTO.Password);
//check if user exist
if (user == null)
{
return(Unauthorized("username or passowrd doesn't match"));
}
//create JWT Token
//claim is put the data into token and hash it
var claims = new[]
{
new Claim(ClaimTypes.NameIdentifier, user.Id.ToString()),
new Claim(ClaimTypes.Name, user.Username)
};
//hash the claim to be token
var key = new SymmetricSecurityKey(Encoding.UTF8.GetBytes(_config["Token"]));
//using key for encrytion of the credential
//the credential is to check if the token is a valid token for us
// client can send different credential.
var cred = new SigningCredentials(key, SecurityAlgorithms.HmacSha512Signature);
//put all the data into descriptor
var tokenDescriptor = new SecurityTokenDescriptor()
{
Subject = new ClaimsIdentity(claims),
Expires = DateTime.Now.AddDays(1),
SigningCredentials = cred,
};
var tokenHandler = new JwtSecurityTokenHandler();
var token = tokenHandler.CreateToken(tokenDescriptor);
return(Ok(new
{
token = tokenHandler.WriteToken(token)
}));
}
public IActionResult Login(UserForLogin userForLogin)
{
if (!ModelState.IsValid)
{
return(BadRequest(ModelState));
}
var result = _authService.Login(userForLogin.Email, userForLogin.Password);
if (result == null)
{
return(Unauthorized(new { error = "Password doesn't match." }));
}
_logger.LogInformation("New user has logged in");
return(Ok(result));
}
public async Task <IActionResult> Login(UserForLogin userForLogin)
{
var user = await _userManager.FindByNameAsync(userForLogin.userName);
var result = await _signInManager.CheckPasswordSignInAsync(user, userForLogin.password, false);
if (result.Succeeded)
{
var userForReturn = _mapper.Map <UserForList>(user);
return(Ok(new
{
token = GenerateJwtToken(user).Result,
user = userForReturn
}));
}
return(Unauthorized());
}
public async Task <ActionResult <dynamic> > Login([FromBody] UserForLogin model)
{
AuthRepository repository = new AuthRepository(_context);
var user = await repository.Login(model.Username, model.Password);
if (user == null)
{
return("Erro");
}
var token = TokenService.GenerateToken(user, _configuration, _context);
return(new
{
user = user,
token = token
});
}
public async Task <IActionResult> Login(UserForLogin userForLogin)
{
var user = await repo.Login(userForLogin);
if (user == null)
{
return(Unauthorized());
}
var token = repo.GetToken(user);
return(Ok(new
{
token = token,
image = user.Image
}));
}
public async Task <IActionResult> Login(UserForLogin userForLogin)
{
// getting the user from the db through repo
var userFromRepo = await _repo.Login(userForLogin.Username, userForLogin.Password);
if (userFromRepo == null)
{
return(Unauthorized());
}
// creating token claims: passing the payload information
var claims = new[]
{
new Claim(ClaimTypes.NameIdentifier, userFromRepo.Id.ToString()),
new Claim(ClaimTypes.Name, userFromRepo.Username)
};
//creating token key: getting token from appsettings
var key = new SymmetricSecurityKey(Encoding.UTF8
.GetBytes(_config.GetSection("AppSettings:Token").Value));
//hashing token key
var creds = new SigningCredentials(key, SecurityAlgorithms.HmacSha256Signature);
// passing token header, payload and secret to Tokendiscriptor
var tokenDescriptor = new SecurityTokenDescriptor
{
Subject = new ClaimsIdentity(claims),
Expires = DateTime.Now.AddDays(1),
SigningCredentials = creds
};
// creating token
var tokenHandler = new JwtSecurityTokenHandler();
var token = tokenHandler.CreateToken(tokenDescriptor);
var user = _mapper.Map <UserForLists>(userFromRepo);
return(Ok(new
{
token = tokenHandler.WriteToken(token),
user
}));
}
public async Task <IActionResult> Login(UserForLogin loginDTO)
{
//validate the username
loginDTO.Username = loginDTO.Username.ToLower();
//get user from database
User user = await _auth.Login(loginDTO.Username, loginDTO.Password);
//check if user exist
if (user == null)
{
return(Unauthorized("username or password doesn't match"));
}
//create JWT Token
var claim = new[]
{
new Claim(ClaimTypes.NameIdentifier, user.Id.ToString()),
new Claim(ClaimTypes.Name, user.Username)
};
//create security key for credential
var key = new SymmetricSecurityKey(Encoding.UTF8.GetBytes(_config["Token"]));
//create credential
var cred = new SigningCredentials(key, SecurityAlgorithms.HmacSha512Signature);
//create descriptor
var tokenDescriptor = new SecurityTokenDescriptor()
{
Subject = new ClaimsIdentity(claim),
Expires = DateTime.Now.AddDays(1),
SigningCredentials = cred
};
var tokenHandler = new JwtSecurityTokenHandler();
var token = tokenHandler.CreateToken(tokenDescriptor);
return(Ok(new
{
token = tokenHandler.WriteToken(token)
}));
}
public async Task <IActionResult> Login(UserForLogin loginDto)
{
// We need to compare the user in the database and compare the password which is Hashed
// Once the validation is done, we need to return the Jwt back to the client
loginDto.UserName = loginDto.UserName.ToLower();
User loginuser = await _authRepo.Login(loginDto.UserName, loginDto.Password);
if (loginuser == null)
{
return(Unauthorized());
}
//Jwt Token generation
var claims = new[]
{
new Claim(ClaimTypes.NameIdentifier, loginuser.Id.ToString()),
new Claim(ClaimTypes.Name, loginuser.UserName)
};
var key = new SymmetricSecurityKey(Encoding.UTF8.GetBytes
(_config.GetSection("AppSettings:Token").Value));
var signCredentials = new SigningCredentials(key, SecurityAlgorithms.HmacSha512Signature);
var tokenDescriptor = new SecurityTokenDescriptor
{
Subject = new ClaimsIdentity(claims),
Expires = DateTime.Now.AddDays(1),
SigningCredentials = signCredentials
};
var tokenHandler = new JwtSecurityTokenHandler();
var token = tokenHandler.CreateToken(tokenDescriptor);
var user = _mapper.Map <UsersForList>(loginuser);
return(Ok(new
{
token = tokenHandler.WriteToken(token),
user
}));
}
public async Task <IActionResult> Login(UserForLogin userToLogin)
{
var user = await _unitOfWork.AuthRepo.LoginUser(userToLogin.Email.ToLower(), userToLogin.Password);
if (user == null)
{
return(Unauthorized());
}
var token = _unitOfWork.AuthRepo.CreateJwtToken(user);
var userToReturn = _mapper.Map <UserForDetail>(user);
return(Ok(new
{
user = userToReturn,
token
}));
}
public async Task <IActionResult> Login(UserForLogin userforLogin)
{
var userForRepo = await _repo.Login(userforLogin.Username.ToLower(), userforLogin.Password);
if (userForRepo == null)
{
return(Unauthorized());
}
//Create a JWT token
var claims = new[]
{
new Claim(ClaimTypes.NameIdentifier, userForRepo.Id.ToString()),
new Claim(ClaimTypes.Name, userForRepo.Username)
};
//hashed key for the token
//key is stored in appsetting.json which is the secret for this app
var key = new SymmetricSecurityKey(Encoding.UTF8.GetBytes(
_config.GetSection("AppSettings:Token").Value));
//create the signing credential using the key
var creds = new SigningCredentials(key, SecurityAlgorithms.HmacSha512Signature);
//create the token sescriptor which contains the token header and everything
var tokenDescriptor = new SecurityTokenDescriptor
{
Subject = new ClaimsIdentity(claims),
Expires = System.DateTime.Now.AddDays(1),
SigningCredentials = creds
};
// use the token handler to create the token
var tokenHandler = new JwtSecurityTokenHandler();
var token = tokenHandler.CreateToken(tokenDescriptor);
var user = _mapper.Map <UserForListDto>(userForRepo);
return(Ok(new
{
token = tokenHandler.WriteToken(token), user
}));
}
public async Task <IActionResult> Login([FromBody] UserForLogin user)
{
try
{
var isOk = await _service.Login(user);
if (isOk != null)
{
return(Ok(isOk));
}
return(BadRequest("Username or password incorect"));
}
catch (Exception ex)
{
return(StatusCode(500, ex));
}
}
public async Task <String> Login([FromBody] UserForLogin userForLogin)
{
var userFromRepo = await this.userManager.FindByNameAsync(userForLogin.Username);
var result = await this.signInManager.CheckPasswordSignInAsync(userFromRepo, userForLogin.Password, false);
if (!result.Succeeded)
{
ErrorCustomized e = new ErrorCustomized("403", "unauthorized");
return(JsonConvert.SerializeObject(e));
}
string res = GenerateJwtToken(userFromRepo).Result;
Token tokenTosend = new Token(res, userFromRepo.Id);
var user = this.mapper.Map <UserForList>(userFromRepo);
return(JsonConvert.SerializeObject(new { tokenTosend, user }));
}
public async Task <IActionResult> CreateToken([FromBody] UserForLogin model)
{
if (ModelState.IsValid)
{
var user = await _userManager.FindByNameAsync(model.UserName);
if (user != null)
{
var result = await _signInManager.CheckPasswordSignInAsync(user, model.Password, false);
if (result.Succeeded)
{
var claims = new[]
{
new Claim(JwtRegisteredClaimNames.Sub, user.CompanyID),
new Claim(JwtRegisteredClaimNames.Jti, user.Id.ToString()),
new Claim(JwtRegisteredClaimNames.UniqueName, user.UserName)
};
var key = new SymmetricSecurityKey(Encoding.UTF8.GetBytes(_config["Tokens:Key"]));
var creds = new SigningCredentials(key, SecurityAlgorithms.HmacSha256);
var token = new JwtSecurityToken(
_config["Tokens:Issuer"],
_config["Tokens:Audience"],
claims,
expires: DateTime.UtcNow.AddMinutes(30),
signingCredentials: creds
);
var results = new
{
token = new JwtSecurityTokenHandler().WriteToken(token),
expiration = token.ValidTo
};
return(Created("", results));
}
}
}
return(BadRequest());
}
public async Task LoginOkStatus()
{
//Arrange
var userForLogin = new UserForLogin {
Username = "******", Password = "******"
};
var user = new User {
UserName = "******", Nickname = "test", Id = 1
};
var userManager = MockIdentity.GetMockUserManager();
var signInManager = MockIdentity.GetMockSignInManager();
var configurationSection = new Mock <IConfigurationSection>();
AuthController controller = new AuthController(userManager.Object,
signInManager.Object, configMock.Object, mapperMock.Object,
wrapperMock.Object);
userManager.Setup(um => um.FindByNameAsync(user.UserName))
.Returns(Task.FromResult(user));
signInManager.Setup(sm => sm.CheckPasswordSignInAsync(user, userForLogin.Password, false))
.Returns(Task.FromResult(Microsoft.AspNetCore.Identity.SignInResult.Success));
mapperMock.Setup(m => m.Map <UserForReturnNickname>(user))
.Returns(new UserForReturnNickname {
Nickname = "test"
});
configurationSection.Setup(a => a.Value).Returns("VeryLongKeyForTest");
configMock.Setup(a => a.GetSection("AppSettings:Token")).Returns(configurationSection.Object);
//Act
var action = await controller.Login(userForLogin) as OkObjectResult;
var item = action as Object;
//Assert
Assert.Equal(200, action.StatusCode);
Assert.NotNull(item);
}
public async Task <IActionResult> Login(UserForLogin userForLoginDto)
{
var userToLogin = await this.userManager.FindByEmailAsync(userForLoginDto.Email);
if (userToLogin != null)
{
var result = await this.signInManager.CheckPasswordSignInAsync(userToLogin, userForLoginDto.Password, false);
if (result.Succeeded)
{
var appUser = await this.userManager.Users
.FirstOrDefaultAsync(u => u.NormalizedEmail == userForLoginDto.Email.ToUpper());
var user = this.mapper.Map <UserForDetail>(appUser);
return(Ok(new { tokenString = GenerateJwtToken(appUser).Result, user }));
}
}
return(BadRequest("Username or password is not correct"));
}
public async Task <IActionResult> Login([FromBody] UserForLogin user)
{
//validate
if (!await authRepository.UserExists(user.UserName))
{
return(BadRequest("The password or username is incorrect"));
}
var userDb = await authRepository.Login(user.UserName, user.Password);
if (user == null)
{
return(Unauthorized());
}
var claims = new[]
{
new Claim(ClaimTypes.NameIdentifier, userDb.Id.ToString()),
new Claim(ClaimTypes.Name, userDb.UserName)
};
var key = new SymmetricSecurityKey(Encoding.UTF8
.GetBytes(configuration.GetSection("AppSettings:Token").Value));
var creds = new SigningCredentials(key, SecurityAlgorithms.HmacSha512Signature);
var tokenDescriptor = new SecurityTokenDescriptor
{
Subject = new ClaimsIdentity(claims),
Expires = DateTime.Now.AddDays(1),
SigningCredentials = creds
};
var tokenHandler = new JwtSecurityTokenHandler();
var token = tokenHandler.CreateToken(tokenDescriptor);
return(Ok(new
{
token = tokenHandler.WriteToken(token)
}));
}
public async Task <ActionResult> PostLogin([FromBody] UserForLogin userForLogin)
{
var result = await _authenticationRepo.LoginUser(userForLogin, _configuration.GetValue <string>("AppSettings:Secret"));
if (result.StatusCode == Helpers.Success)
{
result.StatusMessage = "Login Success!!!";
var userDetails = (UserDetails)result.ObjectValue;
var userInfoToReturn = _mapper.Map <UserLoginResponse>(userDetails);
if (userDetails.User.UserType == Helpers.SiwesAdmin)
{
//SUPERADMIN
userInfoToReturn.UserProfileInformation = _mapper.Map <SiwesAdminResponse>((SiwesAdmin)userDetails.userProfile);
}
else if (userDetails.User.UserType == Helpers.SiwesCoordinator)
{
//ADMIN
userInfoToReturn.UserProfileInformation = _mapper.Map <SiwesCoordinatorResponse>((SiwesCoordinator)userDetails.userProfile);
}
else if (userDetails.User.UserType == Helpers.IndustrialSupervisor)
{
//ADMIN
userInfoToReturn.UserProfileInformation = _mapper.Map <IndustrialSupervisorResponse>((IndustrialSupervisor)userDetails.userProfile);
}
else if (userDetails.User.UserType == Helpers.Lecturer)
{
//STAFF
userInfoToReturn.UserProfileInformation = _mapper.Map <LecturerResponse>((Lecturer)userDetails.userProfile);
}
else
{
//STUDENT
userInfoToReturn.UserProfileInformation = (StudentResponse)userDetails.userProfile;
}
result.ObjectValue = userInfoToReturn;
return(StatusCode(StatusCodes.Status200OK, result));
}
else
{
return(StatusCode(StatusCodes.Status400BadRequest, result));
}
}
/// <summary>
/// Validates user submitted details for login
/// </summary>
/// <param name="userForLogin"></param>
/// <returns></returns>
public async Task <string> LoginAsync(UserForLogin userForLogin)
{
if (userForLogin == null)
{
throw new ArgumentNullException(nameof(userForLogin));
}
var user = await _store.FindUserAsync(userForLogin.Email);
if (!_helpers.VerifyPasswordHash(userForLogin.Password, user.PasswordHash, user.PasswordSalt))
{
throw new ArgumentException("Incorrect login details");
}
user.LastLogin = DateTime.Now;
var userForReturn = await _store.UpdateUserAsync(user);
return(_helpers.GenerateJwtToken(userForReturn, _config.Value.Token));
}
public async Task <User> Login(UserForLogin userForLogin)
{
var user = await context.Users
.FirstOrDefaultAsync(x => x.Email == userForLogin.Email);
if (user == null)
{
return(null);
}
var result = await signInManager
.CheckPasswordSignInAsync(user, userForLogin.Password, false);
if (result.Succeeded)
{
return(user);
}
return(null);
}
public async Task <IActionResult> Login(UserForLogin userForLogin)
{
var userFromRepo = await this._authApplication.Login(
userForLogin.Email.ToLower(), userForLogin.Password);
if (userFromRepo == null)
{
return(Unauthorized());
}
var token = this._tokenApplication.CreateFor(userFromRepo);
var userForDetailed = _mapper.Map <UserForDetailed>(userFromRepo);
return(Ok(
new {
token = token,
user = userForDetailed
}
));
}
public async Task <IActionResult> Login(UserForLogin userForLogin)
{
var user = await userManager.FindByNameAsync(userForLogin.Username);
if (user == null)
{
return(Unauthorized());
}
var result = await signInManager.CheckPasswordSignInAsync(user, userForLogin.Password, false);
if (result.Succeeded)
{
var roles = await userManager.GetRolesAsync(user);
return(Ok(new { token = jwtTokenService.GenerateJwtToken(user, roles) }));
}
return(Unauthorized());
}
public IActionResult Authenticate(UserForLogin userParam)
{
if (!ModelState.IsValid)
{
return(BadRequest(new { message = "Username or password is incorrect" }));
}
if (userParam == null)
{
return(BadRequest());
}
var user = userService.Authenticate(userParam);
if (user == null)
{
return(BadRequest(new { message = "Username or password is incorrect" }));
}
return(Ok(user));
}
public async Task <IActionResult> Login([FromBody] UserForLogin userForLogin)
{
var userFromDb = await _authService.Login(userForLogin.Username.ToLower(), userForLogin.Password);
if (userFromDb == null)
{
return(Unauthorized());
}
var tokenHandler = new JwtSecurityTokenHandler();
var key = Encoding.ASCII.GetBytes(_config.GetSection("AppSettings:Token").Value);
var tokenDescriptor = new SecurityTokenDescriptor
{
Subject = new ClaimsIdentity(new Claim[]
{
new Claim(ClaimTypes.NameIdentifier, userFromDb.Id.ToString()),
new Claim(ClaimTypes.Name, userFromDb.Username)
}),
Expires = DateTime.Now.AddDays(1),
SigningCredentials = new SigningCredentials(new SymmetricSecurityKey(key),
SecurityAlgorithms.HmacSha512Signature)
};
var token = tokenHandler.CreateToken(tokenDescriptor);
var tokenString = tokenHandler.WriteToken(token);
var user = new UserForList
{
Id = userFromDb.Id,
Username = userFromDb.Username,
Specialty = userFromDb.Specialty,
Age = userFromDb.DateOfBirth.CalculateAge(),
KnownAs = userFromDb.KnownAs,
Created = userFromDb.Created,
LastActive = userFromDb.LastActive,
City = userFromDb.City,
State = userFromDb.State,
PhotoUrl = userFromDb.Photos.FirstOrDefault(p => p.IsMain).Url,
};
return(Ok(new { tokenString, user }));
}
public async Task <IActionResult> login(UserForLogin userForLoginDto)
{
var userFromRepo = await _repository.Login(userForLoginDto.UserName.ToLower(), userForLoginDto.Password);
if (userFromRepo == null)
{
return(Unauthorized());
}
// Vamos criar as afirmações
var claims = new[] {
new Claim(ClaimTypes.NameIdentifier, userFromRepo.Id.ToString()),
new Claim(ClaimTypes.Name, userFromRepo.UserName),
};
// A chave segura baseado em um texto de validação na configuração
var key = new SymmetricSecurityKey(Encoding.UTF8
.GetBytes(_authConfiguration.TokenValidateSecurityKey));
// A credencial baseado na chave segura e no algoritmo de 512 bits
var creds = new SigningCredentials(key, SecurityAlgorithms.HmacSha512Signature);
// Criamos a 'meta' token
var tokenDescriptor = new SecurityTokenDescriptor()
{
Subject = new ClaimsIdentity(claims),
Expires = DateTime.Now.AddDays(1),
SigningCredentials = creds
};
// Criamos o objeto que vai manipular a criação e serialização da token
var tokenHandler = new JwtSecurityTokenHandler();
// Criamos a token efetivamente
var token = tokenHandler.CreateToken(tokenDescriptor);
return(Ok(new
{
token = tokenHandler.WriteToken(token)
}));
}
public async Task <IActionResult> Login([FromBody] UserForLogin userForLogin)
{
var userFromRepo = await _repo.Login(userForLogin.username.ToLower(), userForLogin.password);
if (userFromRepo == null)
{
//return Unauthorized();
return(BadRequest("Nie znaleziono użytkownika"));
}
// var userToUpdate = await _userDataRepository.GetUser(userFromRepo.Id);
// userToUpdate.LastActivate = DateTime.Now;
// await _userDataRepository.SaveAll();
var tokenHandler = new JwtSecurityTokenHandler();
var key = Encoding.ASCII.GetBytes("Super tajny Key Key Key");
var tokenDescriptor = new SecurityTokenDescriptor
{
Subject = new ClaimsIdentity(new Claim[]
{
new Claim(ClaimTypes.NameIdentifier, userFromRepo.Id.ToString()),
new Claim(ClaimTypes.Name, userFromRepo.UserName)
}),
Expires = DateTime.Now.AddDays(1),
SigningCredentials = new SigningCredentials(new SymmetricSecurityKey(key),
SecurityAlgorithms.HmacSha512Signature)
};
var token = tokenHandler.CreateToken(tokenDescriptor);
var tokenString = tokenHandler.WriteToken(token);
var userToRetturn = _mapper.Map <UserForListDto>(userFromRepo);
return(Ok(new { tokenString, userToRetturn }));
}
public async Task <IActionResult> Login(UserForLogin userForLoginDto)
{
var user = await _repo.Login(userForLoginDto.Username, userForLoginDto.Password);
if (user == null)
{
return(Unauthorized());
}
//Claims
var claims = new[]
{
new Claim(ClaimTypes.NameIdentifier, user.Id.ToString()),
new Claim(ClaimTypes.Name, user.Username)
};
//Key
var key = new SymmetricSecurityKey(Encoding.UTF8.GetBytes
(_config.GetSection("AppSettings:Token").Value));
var creds = new SigningCredentials(key, SecurityAlgorithms.HmacSha512Signature);
var tokenDescriptor = new SecurityTokenDescriptor
{
Subject = new ClaimsIdentity(claims),
Expires = DateTime.Now.AddDays(1),
SigningCredentials = creds
};
var tokenHandler = new JwtSecurityTokenHandler();
var token = tokenHandler.CreateToken(tokenDescriptor);
var userToReturn = _mapper.Map <UserForListDto>(user);
return(Ok(new
{
Token = tokenHandler.WriteToken(token),
user = userToReturn
}));
}
public async Task LoginFindUserUnauthorizedStatus()
{
//Arrange
var userForLogin = new UserForLogin {
Username = "******"
};
var userManager = MockIdentity.GetMockUserManager();
AuthController controller = new AuthController(userManager.Object,
MockIdentity.GetMockSignInManager().Object, configMock.Object, mapperMock.Object,
wrapperMock.Object);
userManager.Setup(um => um.FindByNameAsync("test"))
.Returns(Task.FromResult((User)null));
//Act
var action = await controller.Login(userForLogin) as UnauthorizedResult;
//Assert
Assert.Equal(401, action.StatusCode);
}
public async Task <IActionResult> UserLogin(UserForLogin user, string ReturnUrl)
{
var loginUser = await _userRepository.LogInUser(user.Username, user.Password);
if (loginUser == null)
{
return(Unauthorized());
}
var claims = new List <Claim>()
{
new Claim(ClaimTypes.NameIdentifier, loginUser.User_Id),
new Claim(ClaimTypes.Name, user.Username)
};
if (loginUser.IsDeveloper)
{
claims.Add(new Claim(ClaimTypes.Role, "Developer"));
}
var claimsIdentity = new ClaimsIdentity(claims, CookieAuthenticationDefaults.AuthenticationScheme);
var authProperties = new AuthenticationProperties()
{
};
await HttpContext.SignInAsync(CookieAuthenticationDefaults.AuthenticationScheme,
new ClaimsPrincipal(claimsIdentity), authProperties);
if (string.IsNullOrEmpty(Request.Form["ReturnUrl"]))
{
ReturnUrl = "/";
}
else
{
ReturnUrl = Request.Form["ReturnUrl"];
}
return(Redirect(ReturnUrl));
}
public async Task <IActionResult> Login(UserForLogin userForLoginDto)
{
var userFromRepo = await _repo.Login(userForLoginDto.Username
.ToLower(), userForLoginDto.Password);
if (userFromRepo == null)
{
return(Unauthorized());
}
var claims = new[] //Объекты Claim позволяют нам сохранять дополнительную информацию, связанную с текущим пользователем.
{
new Claim(ClaimTypes.NameIdentifier, userFromRepo.Id.ToString()),
new Claim(ClaimTypes.Name, userFromRepo.Username)
};
var key = new SymmetricSecurityKey(Encoding.UTF8.GetBytes(_config.GetSection("AppSettings:Token").Value)); //appsetings
var creds = new SigningCredentials(key, SecurityAlgorithms.HmacSha512Signature); //криптографический ключ и алгоритмы безопасности
var tokenDescriptor = new SecurityTokenDescriptor
{
Subject = new ClaimsIdentity(claims),
Expires = DateTime.Now.AddDays(1),
SigningCredentials = creds
};
var tokenHandler = new JwtSecurityTokenHandler();
var token = tokenHandler.CreateToken(tokenDescriptor);
var user = _mapper.Map <UserForList>(userFromRepo);
return(Ok(new
{
token = tokenHandler.WriteToken(token),
user
}));
}
