// This method gets called by the runtime. Use this method to add services to the container.
public IServiceProvider ConfigureServices(IServiceCollection services)
{
var tokenAuthOption = TokenAuthOptionBuilder.BuildFromConfig();
services.AddAuthentication(authOptions =>
{
authOptions.DefaultAuthenticateScheme = JwtBearerDefaults.AuthenticationScheme;
authOptions.DefaultChallengeScheme = JwtBearerDefaults.AuthenticationScheme;
})
.AddJwtBearer(options => {
options.RequireHttpsMetadata = false;
options.SaveToken = true;
options.TokenValidationParameters =
new TokenValidationParameters
{
//ValidateIssuer = true,
//ValidateAudience = true,
//ValidateLifetime = true,
//ValidateIssuerSigningKey = true,
ValidIssuer = tokenAuthOption.Issuer,
ValidAudience = tokenAuthOption.Audience,
IssuerSigningKey = tokenAuthOption.SecurityKey
};
options.Events = new JwtBearerEvents()
{
OnAuthenticationFailed = c =>
{
c.NoResult();
c.Response.StatusCode = 401;
c.Response.ContentType = "text/plain";
return(c.Response.WriteAsync(c.Exception.ToString()));
}
};
}
);
// Enable the use of an [Authorize("Bearer")] attribute on methods and classes to protect.
services.AddAuthorization(auth =>
{
auth.AddPolicy("Bearer", new AuthorizationPolicyBuilder()
.AddAuthenticationSchemes(JwtBearerDefaults.AuthenticationScheme)
.RequireAuthenticatedUser().Build());
});
services.AddCors();
services.AddScoped <UserInfoService>();
services.AddCustomIntegrations(Configuration);
services.AddEventBus(Configuration);
services.AddMvc().SetCompatibilityVersion(CompatibilityVersion.Version_2_1);
var container = new ContainerBuilder();
container.Populate(services);
return(new AutofacServiceProvider(container.Build()));
}
public string GetAuthToken([FromBody] UserInfo user)
{
if (!string.IsNullOrWhiteSpace(user.Username))
{
user.Username = user.Username.Trim();
}
if (!string.IsNullOrWhiteSpace(user.Password))
{
user.Password = user.Password.Trim();
}
var existUser = _repository.GetByLoginAndPassword(user.Username, user.Password);
if (existUser != null)
{
var tokenAuthOption = TokenAuthOptionBuilder.BuildFromConfig();
var claims = new[]
{
new Claim(JwtRegisteredClaimNames.Sub, existUser.Username),
new Claim(JwtRegisteredClaimNames.Jti, existUser.Id.ToString()),
};
var creds = new SigningCredentials(tokenAuthOption.SecurityKey, SecurityAlgorithms.HmacSha256);
var token = new JwtSecurityToken(tokenAuthOption.Issuer, tokenAuthOption.Audience,
claims, expires: tokenAuthOption.ExpiresIn, signingCredentials: creds);
string tokenStr = "";
tokenStr = new JwtSecurityTokenHandler().WriteToken(token);
var eventMessage = new UserLoggedinEvent(existUser.Id.ToString(), existUser.Username, tokenStr);
// Once basket is checkout, sends an integration event to
// ordering.api to convert basket to order and proceeds with
// order creation process
_eventBus.Publish(eventMessage);
return(JsonConvert.SerializeObject(new RequestResult
{
State = RequestState.Success,
Data = new
{
requertAt = DateTime.Now,
username = user.Username,
//expiresIn = TokenAuthOption.ExpiresSpan.TotalSeconds,
//tokeyType = TokenAuthOption.TokenType,
accessToken = tokenStr,
idUserIdentity = existUser.Id
}
}));
}
else
{
return(JsonConvert.SerializeObject(new RequestResult
{
State = RequestState.Failed,
Msg = "Username or password is invalid"
}));
}
}
