public void ConfigureServices(IServiceCollection services)
{
var configuracaoLogin = new ConfiguracaoLogin();
services.AddSingleton(configuracaoLogin);
var configuracoesToken = new ConfiguracoesToken();
new ConfigureFromConfigurationOptions <ConfiguracoesToken>(
_configuration.GetSection("TokenConfigurations"))
.Configure(configuracoesToken);
services.AddSingleton(configuracoesToken);
services.AddAuthentication(authOptions =>
{
authOptions.DefaultAuthenticateScheme = JwtBearerDefaults.AuthenticationScheme;
authOptions.DefaultChallengeScheme = JwtBearerDefaults.AuthenticationScheme;
}).AddJwtBearer(bearerOptions =>
{
var paramsValidation = bearerOptions.TokenValidationParameters;
paramsValidation.IssuerSigningKey = configuracaoLogin.Key;
paramsValidation.ValidAudience = configuracoesToken.Audience;
paramsValidation.ValidIssuer = configuracoesToken.Issuer;
paramsValidation.ValidateIssuerSigningKey = true;
paramsValidation.ValidateLifetime = true;
paramsValidation.ClockSkew = TimeSpan.Zero;
});
services.AddAuthorization(auth =>
{
auth.AddPolicy("Bearer", new AuthorizationPolicyBuilder()
.AddAuthenticationSchemes(JwtBearerDefaults.AuthenticationScheme)
.RequireAuthenticatedUser().Build());
});
var sqlConnection = _configuration.GetConnectionString("WebAppDB");
services.AddDbContext <AppContext>(options => options.UseSqlServer(sqlConnection, b => b.MigrationsAssembly("WebApi")));
services.AddCors(o => o.AddPolicy("MyPolicy", builder =>
{
builder.AllowAnyOrigin()
.AllowAnyMethod()
.AllowAnyHeader();
}));
services.AddMvc();
services.AddScoped <IEventoRepository, EventoRepository>();
services.AddScoped <ICartaoRepository, CartaoRepository>();
services.AddScoped <IPedidoRepository, PedidoRepository>();
services.AddScoped <IUsuarioRepository, UsuarioRepository>();
}
public object Login(
[FromBody] Usuario usuario,
[FromServices] IUsuarioRepository iUsuarioRepository,
[FromServices] ConfiguracaoLogin configuracaoLogin,
[FromServices] ConfiguracoesToken configuracoesToken)
{
bool credenciaisValidas = false;
Usuario usuarioLogado = new Usuario();
if (usuario != null && !String.IsNullOrWhiteSpace(usuario.Login))
{
var usuarioBase = iUsuarioRepository.Login(usuario.Login);
credenciaisValidas = (usuarioBase != null &&
usuario.Login == usuarioBase.Login &&
usuario.Senha == usuarioBase.Senha);
usuarioLogado.Id = usuarioBase.Id;
usuarioLogado.Nome = usuarioBase.Nome;
}
if (credenciaisValidas)
{
ClaimsIdentity identity = new ClaimsIdentity(
new GenericIdentity(usuario.Login, "Login"),
new[] {
new Claim(JwtRegisteredClaimNames.Jti, Guid.NewGuid().ToString("N")),
new Claim(JwtRegisteredClaimNames.UniqueName, usuario.Login)
}
);
DateTime dataCriacao = DateTime.Now;
DateTime dataExpiracao = dataCriacao +
TimeSpan.FromSeconds(configuracoesToken.Seconds);
var handler = new JwtSecurityTokenHandler();
var securityToken = handler.CreateToken(new SecurityTokenDescriptor
{
Issuer = configuracoesToken.Issuer,
Audience = configuracoesToken.Audience,
SigningCredentials = configuracaoLogin.SigningCredentials,
Subject = identity,
NotBefore = dataCriacao,
Expires = dataExpiracao
});
var token = handler.WriteToken(securityToken);
return(new
{
authenticated = true,
created = dataCriacao.ToString("yyyy-MM-dd HH:mm:ss"),
expiration = dataExpiracao.ToString("yyyy-MM-dd HH:mm:ss"),
accessToken = token,
message = "OK",
usuarioLogado
});
}
else
{
return(new
{
authenticated = false,
message = "Falha ao autenticar"
});
}
}
