public async Task <ActionResult <TokenResponse> > Login([FromBody] LoginPasswordParameters loginPassword)
{
var appUser = await db.Users.FirstOrDefaultAsync(u => u.UserName == loginPassword.Login && !u.IsDeleted);
if (appUser == null)
{
return(Forbid());
}
var result = await userManager.CheckPasswordAsync(appUser, loginPassword.Password);
if (!result)
{
return(Forbid());
}
var key = JwtBearerHelpers.CreateSymmetricSecurityKey(configuration.Web.Authentication.Jwt.IssuerSigningKey);
var signingCredentials = new SigningCredentials(key, SecurityAlgorithms.HmacSha256);
var expires = DateTime.Now.AddHours(configuration.Web.Authentication.Jwt.LifeTimeHours);
var token = new JwtSecurityToken(
configuration.Web.Authentication.Jwt.Issuer,
configuration.Web.Authentication.Jwt.Audience,
new[] { new Claim("http://schemas.xmlsoap.org/ws/2005/05/identity/claims/nameidentifier", appUser.Id), },
expires: expires,
signingCredentials: signingCredentials
);
var tokenString = new JwtSecurityTokenHandler().WriteToken(token);
return(new TokenResponse
{
Token = tokenString,
});
}
public async Task <TokenResponseDto> GetJwtToken(LoginPasswordParameters parameters)
{
var url = $"{config.ApiUrl}/account/login";
var json = JsonSerializer.Serialize(parameters);
var data = new StringContent(json, Encoding.UTF8, "application/json");
using var client = new HttpClient();
var response = await client.PostAsync(url, data);
try
{
ThrowExceptionIfBadCode(response);
}
catch (UnauthorizedException)
{
return(null);
}
catch (ForbiddenException)
{
return(null);
}
var result = response.Content.ReadAsStringAsync().Result;
return(JsonSerializer.Deserialize <TokenResponseDto>(result));
}
public async Task <string> Login(string login, string password)
{
var loginPasswordParameters = new LoginPasswordParameters
{
Login = login,
Password = password
};
var accountTokenResponseDto = await httpMethods.GetJwtToken(loginPasswordParameters);
return(accountTokenResponseDto?.Token);
}
