private string CreateJWT(ITCC_User userInfo, Tenant tenant, string tenantId, bool rememberMe) { var privateKey = ((tenant != null) && !string.IsNullOrEmpty(tenant.PrivateKey)) ? tenant.PrivateKey : tenantId; var securityKey = new SymmetricSecurityKey(Encoding.UTF8.GetBytes(privateKey)); var credentials = new SigningCredentials(securityKey, SecurityAlgorithms.HmacSha256); DateTime jwtExpires = DateTime.Now.AddMinutes(30); int jwtDuration = 15; if (rememberMe) { int.TryParse(_configuration["Jwt:Expires"], out jwtDuration); } jwtExpires = DateTime.UtcNow.Add(TimeSpan.FromMinutes(jwtDuration)); var token = new JwtSecurityToken( _configuration["Jwt:Issuer"], tenantId, new[] { new Claim(ClaimTypes.Name, userInfo.UserName) }, expires: jwtExpires, signingCredentials: credentials); token.Header.Add("kid", tenantId); return(new JwtSecurityTokenHandler().WriteToken(token)); }
/// <summary> /// Authenticates a User / Account /// </summary> /// <returns>Return a valid user account or null if authentication is unsuccessful</returns> private ITCC_User Authenticate(Login value) { ITCC_User user = null; // Validate that this user is authentic and is authorized to access your system // TODO: Implement your own authetication logic if (value.UserName == "Kingsley") { user = new ITCC_User { UserName = "******", EmailAddress = "*****@*****.**" }; } return(user); }
public IActionResult Login([FromHeader] String username, [FromHeader] string password, [FromHeader] bool rememberme) { IActionResult response = Unauthorized(); try { var headers = Request.Headers; var authSite = headers["auth_site"]; Login login = new Login() { UserName = username, Password = password, RememberMe = rememberme }; Tenant tenant = null; ITCC_User user = null; string tenantId = null; string token = null; if (authSite.Any() != false) { user = Authenticate(login); if ((user != null) && (this._tenants != null)) { tenantId = authSite.ToString(); tenant = this._tenants.Value.Where(s => s.Key == tenantId).FirstOrDefault(); token = CreateJWT(user, tenant, tenantId, login.RememberMe); response = Ok(new { token = token }); } } } catch (Exception ex) { System.Diagnostics.Trace.WriteLine(ex.ToString()); } return(response); }