public async Task <IActionResult> CreateToken([FromBody] CradentialsDto dto)
{
try
{
var user = await _userMgr.FindByNameAsync(dto.UserName);
if (user != null)
{
if (_hasher.VerifyHashedPassword(user, user.PasswordHash, dto.Password) == PasswordVerificationResult.Success)
{
var userClaims = await _userMgr.GetClaimsAsync(user);
var claims = new[]
{
new Claim(JwtRegisteredClaimNames.Sub, user.UserName),
new Claim(JwtRegisteredClaimNames.Jti, Guid.NewGuid().ToString()),
new Claim(JwtRegisteredClaimNames.GivenName, user.FirstName),
new Claim(JwtRegisteredClaimNames.FamilyName, user.LastName),
new Claim(JwtRegisteredClaimNames.Email, user.Email)
}.Union(userClaims);
var key = new SymmetricSecurityKey(Encoding.UTF8.GetBytes(_config["Tokens:Key"]));
var creds = new SigningCredentials(key, SecurityAlgorithms.HmacSha256);
var token = new JwtSecurityToken(
issuer: _config["Tokens:Issuer"],
audience: _config["Tokens:Audience"],
claims: claims,
expires: DateTime.UtcNow.AddMinutes(15),
signingCredentials: creds
);
return(Ok(new
{
token = new JwtSecurityTokenHandler().WriteToken(token),
expiration = token.ValidTo
}));
}
}
}
catch (Exception ex)
{
_logger.LogError($"Exception thrown while creating JWT: {ex}");
}
return(BadRequest("Failed to generate token"));
}
public async Task <IActionResult> Login([FromBody] CradentialsDto dto)
{
try
{
var result = await _signInMgr.PasswordSignInAsync(dto.UserName, dto.Password, false, false);
if (result.Succeeded)
{
return(Ok());
}
}
catch (Exception ex)
{
_logger.LogError($"Exception thrown while logging in: {ex}");
}
return(BadRequest("Failed to login"));
}
