Ejemplo n.º 1
0
        public User Authenticate(string username, string password)
        {
            var user = _usersRepo.GetUserMatching(username, password);

            // return null if user not found
            if (user == null)
            {
                return(null);
            }

            // authentication successful so generate jwt token
            var tokenHandler = new JwtSecurityTokenHandler();
            // TODO get secret from environment variable
            var key             = Encoding.ASCII.GetBytes(_jwtSecret);
            var tokenDescriptor = new SecurityTokenDescriptor
            {
                Subject = new ClaimsIdentity(new[]
                {
                    new Claim(ClaimTypes.Name, user.Id.ToString())
                }),
                Expires            = DateTime.UtcNow.AddDays(7),
                SigningCredentials = new SigningCredentials(new SymmetricSecurityKey(key), SecurityAlgorithms.HmacSha256Signature)
            };
            var token = tokenHandler.CreateToken(tokenDescriptor);

            user.Token = tokenHandler.WriteToken(token);

            // remove password before returning
            user.Password = null;

            return(user);
        }
Ejemplo n.º 2
0
        public User Authenticate(string username, string password)
        {
            var user = _usersRepo.GetUserMatching(username, password);

            // return null if user not found
            if (user == null)
            {
                return(null);
            }

            var payload = new Dictionary <string, object>()
            {
                { "claim1", 0 },
                { "claim2", "claim2-value" }
            };

            user.Token = JwtCore.JsonWebToken
                         .Encode(payload, _jwtSecret, JwtCore.JwtHashAlgorithm.HS256);

            // remove password before returning
            user.Password = null;

            return(user);
        }