public async Task <IActionResult> Login(UserForLogingDto userForLogginDto) { var userFromRepo = await _repo.Login(userForLogginDto.Username.ToLower(), userForLogginDto.Password); if (userFromRepo == null) { return(Unauthorized()); } var claims = new[] { new Claim(ClaimTypes.NameIdentifier, userFromRepo.Id.ToString()), new Claim(ClaimTypes.Name, userFromRepo.Username) }; var key = new SymmetricSecurityKey(Encoding.UTF8 .GetBytes(_config.GetSection("AppSettings:Token").Value)); var creds = new SigningCredentials(key, SecurityAlgorithms.HmacSha512Signature); var tokenDescriptor = new SecurityTokenDescriptor { Subject = new ClaimsIdentity(claims), Expires = DateTime.Now.AddDays(1), SigningCredentials = creds }; var tokenHnadler = new JwtSecurityTokenHandler(); var token = tokenHnadler.CreateToken(tokenDescriptor); return(Ok(new { token = tokenHnadler.WriteToken(token) })); }
public async Task<ActionResult> Login([FromBody]UserForLogingDto userForLoginDto){ var userFromRepo = repo.Login(userForLoginDto.Username,userForLoginDto.Password); if(userFromRepo == null) return Unauthorized(); var tokenHandler = new JwtSecurityTokenHandler(); var key = Encoding.ASCII.GetBytes("super secret key"); var tokenDescriptor = new SecurityTokenDescriptor{ Subject = new ClaimsIdentity(new Claim[]{ new Claim(ClaimTypes.NameIdentifier, userFromRepo.Id.ToString()), new Claim(ClaimTypes.Name, userFromRepo.Username)) }),
public async Task <IActionResult> Login(UserForLogingDto userForLoginDto) { if (userForLoginDto is null) { throw new System.ArgumentNullException(nameof(userForLoginDto)); } //verify if user has been created var userFromRepo = await _repo.Login(userForLoginDto.Username.ToLower(), userForLoginDto.Password); if (userFromRepo == null) { return(Unauthorized()); } var claims = new[] { new Claim(ClaimTypes.NameIdentifier, userFromRepo.Id.ToString()), new Claim(ClaimTypes.Name, userFromRepo.Username) }; //create a more obscure appsettings token for improved security befor production var key = new SymmetricSecurityKey(Encoding.UTF8.GetBytes(_config.GetSection("AppSettings:Token").Value)); var creds = new SigningCredentials(key, SecurityAlgorithms.HmacSha512Signature); var tokenDescriptor = new SecurityTokenDescriptor { Subject = new ClaimsIdentity(claims), Expires = DateTime.Now.AddDays(1), SigningCredentials = creds }; var tokenHandler = new JwtSecurityTokenHandler(); var token = tokenHandler.CreateToken(tokenDescriptor); return(Ok(new { token = tokenHandler.WriteToken(token) })); }
public async Task <ActionResult> Login(UserForLogingDto userForLogingDto) { //check if user exists var user = await _userManager.FindByNameAsync(userForLogingDto.Username); var result = await _signInManager.CheckPasswordSignInAsync(user, userForLogingDto.Password, false); if (result.Succeeded) { // returning the user data for displaying the photo on nav bar var appUser = _mapper.Map <UserForListDto>(user); //returing anonymous object containing Token and a User Object return(Ok(new { // returning the result property in response token = GenerateJwtToken(user).Result, user = appUser })); } return(Unauthorized()); }