public async Task <IActionResult> Login([FromBody] UserViewModel.Login login) { if (ModelState.IsValid) { var result = await _signInManager.PasswordSignInAsync( userName : login.Email, password : login.Password, isPersistent : false, lockoutOnFailure : false ); if (result.Succeeded) { //generate token => return(await BuildToken(login)); } else { return(BadRequest("Invalid login attempt.")); } } else { return(BadRequest(ModelState)); } }
private async Task <IActionResult> BuildToken(UserViewModel.Login login) { var claims = new[] { new Claim(JwtRegisteredClaimNames.UniqueName, login.Email), new Claim("myValue", "my custom value"), new Claim(JwtRegisteredClaimNames.Jti, Guid.NewGuid().ToString()) }; var key = new SymmetricSecurityKey(Encoding.UTF8.GetBytes("B1ED7016BC554BDFBA20AE9E492B8C83")); var credentials = new SigningCredentials(key, SecurityAlgorithms.HmacSha256); var expiration = DateTime.UtcNow.AddDays(3); JwtSecurityToken token = new JwtSecurityToken( issuer: "localhost", audience: "localhost", claims: claims, expires: expiration, signingCredentials: credentials ); var tokenString = new JwtSecurityTokenHandler().WriteToken(token); var user = await _userManager.FindByEmailAsync(login.Email); if (user != null) { return(Ok(new { token = tokenString, tokenExpiration = expiration, user = new { user.Id, user.Email, user.Name, user.UserName } })); } return(BadRequest(String.Format( "User with email ({0}) not found.", login.Email ))); }