public void ConfigureServices(IServiceCollection services) { var configuracaoLogin = new ConfiguracaoLogin(); services.AddSingleton(configuracaoLogin); var configuracoesToken = new ConfiguracoesToken(); new ConfigureFromConfigurationOptions <ConfiguracoesToken>( _configuration.GetSection("TokenConfigurations")) .Configure(configuracoesToken); services.AddSingleton(configuracoesToken); services.AddAuthentication(authOptions => { authOptions.DefaultAuthenticateScheme = JwtBearerDefaults.AuthenticationScheme; authOptions.DefaultChallengeScheme = JwtBearerDefaults.AuthenticationScheme; }).AddJwtBearer(bearerOptions => { var paramsValidation = bearerOptions.TokenValidationParameters; paramsValidation.IssuerSigningKey = configuracaoLogin.Key; paramsValidation.ValidAudience = configuracoesToken.Audience; paramsValidation.ValidIssuer = configuracoesToken.Issuer; paramsValidation.ValidateIssuerSigningKey = true; paramsValidation.ValidateLifetime = true; paramsValidation.ClockSkew = TimeSpan.Zero; }); services.AddAuthorization(auth => { auth.AddPolicy("Bearer", new AuthorizationPolicyBuilder() .AddAuthenticationSchemes(JwtBearerDefaults.AuthenticationScheme) .RequireAuthenticatedUser().Build()); }); var sqlConnection = _configuration.GetConnectionString("WebAppDB"); services.AddDbContext <AppContext>(options => options.UseSqlServer(sqlConnection, b => b.MigrationsAssembly("WebApi"))); services.AddCors(o => o.AddPolicy("MyPolicy", builder => { builder.AllowAnyOrigin() .AllowAnyMethod() .AllowAnyHeader(); })); services.AddMvc(); services.AddScoped <IEventoRepository, EventoRepository>(); services.AddScoped <ICartaoRepository, CartaoRepository>(); services.AddScoped <IPedidoRepository, PedidoRepository>(); services.AddScoped <IUsuarioRepository, UsuarioRepository>(); }
public object Login( [FromBody] Usuario usuario, [FromServices] IUsuarioRepository iUsuarioRepository, [FromServices] ConfiguracaoLogin configuracaoLogin, [FromServices] ConfiguracoesToken configuracoesToken) { bool credenciaisValidas = false; Usuario usuarioLogado = new Usuario(); if (usuario != null && !String.IsNullOrWhiteSpace(usuario.Login)) { var usuarioBase = iUsuarioRepository.Login(usuario.Login); credenciaisValidas = (usuarioBase != null && usuario.Login == usuarioBase.Login && usuario.Senha == usuarioBase.Senha); usuarioLogado.Id = usuarioBase.Id; usuarioLogado.Nome = usuarioBase.Nome; } if (credenciaisValidas) { ClaimsIdentity identity = new ClaimsIdentity( new GenericIdentity(usuario.Login, "Login"), new[] { new Claim(JwtRegisteredClaimNames.Jti, Guid.NewGuid().ToString("N")), new Claim(JwtRegisteredClaimNames.UniqueName, usuario.Login) } ); DateTime dataCriacao = DateTime.Now; DateTime dataExpiracao = dataCriacao + TimeSpan.FromSeconds(configuracoesToken.Seconds); var handler = new JwtSecurityTokenHandler(); var securityToken = handler.CreateToken(new SecurityTokenDescriptor { Issuer = configuracoesToken.Issuer, Audience = configuracoesToken.Audience, SigningCredentials = configuracaoLogin.SigningCredentials, Subject = identity, NotBefore = dataCriacao, Expires = dataExpiracao }); var token = handler.WriteToken(securityToken); return(new { authenticated = true, created = dataCriacao.ToString("yyyy-MM-dd HH:mm:ss"), expiration = dataExpiracao.ToString("yyyy-MM-dd HH:mm:ss"), accessToken = token, message = "OK", usuarioLogado }); } else { return(new { authenticated = false, message = "Falha ao autenticar" }); } }