public async Task <IActionResult> CreateToken([FromBody] LoginViewModel model)
{
try
{
var user = await _userManager.FindByNameAsync(model.UserName);
if (user == null)
{
return(Unauthorized());
}
if (_passwordHasher.VerifyHashedPassword(user, user.PasswordHash, model.Password) != PasswordVerificationResult.Success)
{
return(Unauthorized());
}
var userClaims = await _userManager.GetClaimsAsync(user);
var claims = new[]
{
new Claim(JwtRegisteredClaimNames.UniqueName, user.UserName),
new Claim(JwtRegisteredClaimNames.Sub, user.Id),
// Token ID. We need this to maintain a blacklist for Logout purpose.
new Claim(JwtRegisteredClaimNames.Jti, Guid.NewGuid().ToString()),
}.Union(userClaims);
var symmetricSecurityKey = new SymmetricSecurityKey(Encoding.UTF8.GetBytes(_jwtOptions.SigningKey));
var signingCredentials = new SigningCredentials(symmetricSecurityKey, _jwtOptions.SigningAlgorithm);
var rememberUser = model.RememberMe == true;
var validTo = rememberUser ? DateTime.Now.AddDays(_jwtOptions.RememberMeExpireInDays) : DateTime.Now.AddMinutes(_jwtOptions.ExpireInMinutes);
var jwtSecurityToken = new JwtSecurityToken(
issuer: _jwtOptions.Issuer,
audience: _jwtOptions.Audience,
claims: claims,
expires: validTo,
signingCredentials: signingCredentials
);
var jwt = _jwtValidator.WriteToken(jwtSecurityToken);
if (_jwtOptions.UseCookie)
{
SetTokenInCookie(jwt);
}
// Returns token as JSON.
return(Ok(new
{
token = jwt,
expiration = validTo
}));
}
catch (Exception ex)
{
Logger.Error($"error while creating token: {ex}");
return(StatusCode((int)HttpStatusCode.InternalServerError, "error while creating token"));
}
}
public async Task <IActionResult> CreateToken([FromBody] LoginViewModel model)
{
try
{
//var result = await _signInManager.PasswordSignInAsync(model.UserName, model.Password, false, false);
var user = await _userManager.FindByNameAsync(model.UserName);
/*if (user != null)
* {
* var result = await _signInManager.CheckPasswordSignInAsync(user, model.Password, false);
* if (result.Succeeded)
* {
*
* var claims = new[]
* {
* new Claim(JwtRegisteredClaimNames.Sub, user.Email),
* new Claim(JwtRegisteredClaimNames.Jti, Guid.NewGuid().ToString()),
* };
*
* var key = new SymmetricSecurityKey(Encoding.UTF8.GetBytes(_config["Tokens:Key"]));
* var creds = new SigningCredentials(key, SecurityAlgorithms.HmacSha256);
*
* var token = new JwtSecurityToken(_config["Tokens:Issuer"],
* _config["Tokens:Issuer"],
* claims,
* expires: DateTime.Now.AddDays(30),
* signingCredentials: creds);
*
* return Ok(new { token = new JwtSecurityTokenHandler().WriteToken(token) });
* }
* }*/
if (user == null)
{
await _userManager.AccessFailedAsync(user);
return(Unauthorized());
}
if (_passwordHasher.VerifyHashedPassword(user, user.PasswordHash, model.Password) != PasswordVerificationResult.Success)
{
await _userManager.AccessFailedAsync(user);
return(Unauthorized());
}
var userClaims = await _userManager.GetClaimsAsync(user);
var validTo = model.RememberMe == true
? new DateTimeOffset(DateTime.Now.AddDays(_jwtOptions.RememberMeExpireInDays)).ToUnixTimeSeconds().ToString()
: new DateTimeOffset(DateTime.Now.AddMinutes(_jwtOptions.ExpireInMinutes)).ToUnixTimeSeconds().ToString();
var claims = new[]
{
new Claim(JwtRegisteredClaimNames.Iss, _jwtOptions.Issuer),
new Claim(JwtRegisteredClaimNames.Aud, _jwtOptions.Audience),
new Claim(JwtRegisteredClaimNames.Email, user.UserName),
new Claim(ClaimTypes.Name, user.UserName),
new Claim(JwtRegisteredClaimNames.Sub, user.Email),
new Claim(JwtRegisteredClaimNames.Nbf, new DateTimeOffset(DateTime.Now).ToUnixTimeSeconds().ToString()),
new Claim(JwtRegisteredClaimNames.Iat, new DateTimeOffset(DateTime.Now).ToUnixTimeSeconds().ToString()),
// Token ID. We need this to maintain a blacklist for Logout purpose.
new Claim(JwtRegisteredClaimNames.Jti, Guid.NewGuid().ToString()),
new Claim(JwtRegisteredClaimNames.Exp, validTo),
}.Union(userClaims);
foreach (var c in claims)
{
Console.WriteLine(c.Issuer + "--" + c.Type + "--" + c.Value);
}
/*var key = new SymmetricSecurityKey(Encoding.UTF8.GetBytes(_jwtOptions.SigningKey));
* var creds = new SigningCredentials(key, _jwtOptions.SigningAlgorithm);
* var jwtSecurityToken = new JwtSecurityToken(
* issuer: _jwtOptions.Issuer,
* audience: _jwtOptions.Audience,
* claims: claims,
* expires: model.RememberMe == true
* ? DateTime.Now.AddDays(_jwtOptions.RememberMeExpireInDays)
* : DateTime.Now.AddMinutes(_jwtOptions.ExpireInMinutes),
* signingCredentials: creds
* );*/
var jwt = _jwtValidator.WriteToken(_jwtValidator.CreateToken(claims, _jwtOptions));
if (_jwtOptions.UseCookie)
{
SetTokenInCookie(jwt);
}
// Returns token as JSON.
return(Ok(new
{
token = jwt,
expiration = validTo
}));
}
catch (Exception ex)
{
//Logger.Error($"error while creating token: {ex}");
return(StatusCode((int)HttpStatusCode.InternalServerError, "error while creating token: " + ex.Message));
}
}