public async Task <object> Login([FromBody] Messages.Authenticator.LoginCommand cmd)
{
var result = await authenticator.Login(cmd.Username, cmd.Password);
if (result is Messages.Authenticator.LoginSuccess)
{
Response.StatusCode = 200;
return(result);
}
if (result is Messages.Authenticator.FormInvalidData)
{
Response.StatusCode = 400;
return(result);
}
if (result is Messages.Authenticator.LoginFailedPassword)
{
Response.StatusCode = 400;
return(result);
}
Response.StatusCode = 500;
return(new object());
}
private void Login(Messages.Authenticator.LoginCommand cmd)
{
Console.WriteLine("Login command");
using (MyContext context = MyContext.Connect(GetPath()))
{
var result = context.Users.Where(p => p.Username == cmd.Username).ToList();
if (result.Count > 0)
{
var userDb = result[0];
if (userDb.Password == cmd.Password)
{
var claims = new[]
{
new Claim(ClaimTypes.Name, userDb.Username),
new Claim("Name", userDb.Name),
new Claim("Id", userDb.Id.ToString())
};
var key = new SymmetricSecurityKey(Encoding.UTF8.GetBytes(Configuration["SecurityKey"]));
var creds = new SigningCredentials(key, SecurityAlgorithms.HmacSha256);
var token = new JwtSecurityToken(
issuer: "yourdomain.com",
audience: "yourdomain.com", // TODO: use Configuration file for this
claims: claims,
expires: DateTime.Now.AddDays(30),
signingCredentials: creds);
Sender.Tell(new Messages.Authenticator.LoginSuccess(new JwtSecurityTokenHandler().WriteToken(token)));
}
else
{
Sender.Tell(new Messages.Authenticator.LoginFailedPassword());
}
}
}
}
