Example #1
0
        public async Task <IActionResult> Authenticate([FromBody] User user)
        {
            var us = await _userService.Authenticate(user.UserName, user.Password);

            if (us == null)
            {
                return(BadRequest(new { message = "Username or password is incorrect" }));
            }

            var tokenHandler    = new JwtSecurityTokenHandler();
            var key             = Encoding.ASCII.GetBytes(Startup.SecretCode);
            var tokenDescriptor = new SecurityTokenDescriptor
            {
                Subject = new ClaimsIdentity(new Claim[]
                {
                    new Claim(ClaimTypes.Name, us.UserId.ToString())
                }),
                Expires            = DateTime.UtcNow.AddDays(7),
                SigningCredentials = new SigningCredentials(new SymmetricSecurityKey(key), SecurityAlgorithms.HmacSha256Signature)
            };
            var token       = tokenHandler.CreateToken(tokenDescriptor);
            var tokenString = tokenHandler.WriteToken(token);

            // return basic user info (without password) and token to store client side
            return(Ok(new
            {
                Name = us.Name,
                UserId = us.UserId,
                PositionId = us.PositionId,
                UserName = us.UserName,
                PositionName = us.PositionName,
                UnitCode = us.UnitCode,
                UnitName = us.UnitName,
                Grade = us.Grade,
                Token = tokenString
            }));
        }