public async Task <IActionResult> Login([FromBody] UserViewModel.Login login)
{
if (ModelState.IsValid)
{
var result = await _signInManager.PasswordSignInAsync(
userName : login.Email,
password : login.Password,
isPersistent : false,
lockoutOnFailure : false
);
if (result.Succeeded)
{
//generate token =>
return(await BuildToken(login));
}
else
{
return(BadRequest("Invalid login attempt."));
}
}
else
{
return(BadRequest(ModelState));
}
}
private async Task <IActionResult> BuildToken(UserViewModel.Login login)
{
var claims = new[]
{
new Claim(JwtRegisteredClaimNames.UniqueName, login.Email),
new Claim("myValue", "my custom value"),
new Claim(JwtRegisteredClaimNames.Jti, Guid.NewGuid().ToString())
};
var key = new SymmetricSecurityKey(Encoding.UTF8.GetBytes("B1ED7016BC554BDFBA20AE9E492B8C83"));
var credentials = new SigningCredentials(key, SecurityAlgorithms.HmacSha256);
var expiration = DateTime.UtcNow.AddDays(3);
JwtSecurityToken token = new JwtSecurityToken(
issuer: "localhost",
audience: "localhost",
claims: claims,
expires: expiration,
signingCredentials: credentials
);
var tokenString = new JwtSecurityTokenHandler().WriteToken(token);
var user = await _userManager.FindByEmailAsync(login.Email);
if (user != null)
{
return(Ok(new
{
token = tokenString,
tokenExpiration = expiration,
user = new
{
user.Id,
user.Email,
user.Name,
user.UserName
}
}));
}
return(BadRequest(String.Format(
"User with email ({0}) not found.",
login.Email
)));
}
