public async Task <IActionResult> Login([FromBody] UserAuthenticationInfo info)
{
logger.LogInformation("User {user} logging in", info.UserName);
var user = await userManager.FindByNameAsync(info.UserName);
if (user == null)
{
logger.LogWarning("User {user} not found, login failed", info.UserName);
return(Unauthorized()); // no such user
}
var isPasswordValid = await userManager.CheckPasswordAsync(user, info.Password);
if (!isPasswordValid)
{
logger.LogWarning("User {user} supplied wrong password, login failed", info.UserName);
return(Unauthorized());
}
// load blog too
await context.Entry(user).Reference(u => u.Blog).LoadAsync();
var token = tokenService.GenerateToken(user);
logger.LogInformation("User {user} login succeeded", info.UserName);
return(Ok(token));
}
public IActionResult Auth([FromBody] UserAuthenticationInfo authenticationInfo)
{
if (!this.ModelState.IsValid)
{
var error = ServiceErrorResponses.BodyIsMissing(nameof(UserAuthenticationInfo));
return(this.BadRequest());
}
SessionState sessionState;
try
{
sessionState = this.authenticator.AuthenticateAsync(authenticationInfo.Login,
authenticationInfo.Password, new CancellationToken()).Result;
}
catch (AuthenticationException)
{
return(this.Unauthorized());
}
this.HttpContext.Response.Cookies.Append("user_id", sessionState.UserId.ToString());
this.HttpContext.Response.Cookies.Append("pass_hash", sessionState.PasswordHash);
this.HttpContext.Response.Cookies.Append("session_id", sessionState.SessionId);
return(this.Ok());
}
