Example #1
0
        public async Task <IActionResult> login(UserFromLoginDto userFromLoginDto)
        {
            //Check if Login credentials match against the DB
            //
            var userFromRepo = await _repo.Login(userFromLoginDto.Username, userFromLoginDto.Password);

            //If Login credentials do not match...the user is unauthorized
            //
            if (userFromRepo == null)
            {
                return(Unauthorized());
            }

            //Start building Claims for UserName and password.  Claim = Build Identity of user
            //We already verified that this usrNm/pass exists
            //
            var claims = new[]
            {
                new Claim(ClaimTypes.NameIdentifier, userFromRepo.Id.ToString()),
                new Claim(ClaimTypes.Name, userFromRepo.UserName)
            };

            //We define this key in our appSettings.json but, a key must be in bytes[]
            //The key is required for the Server to sign the Token
            //
            var key = new SymmetricSecurityKey(Encoding.UTF8
                                               .GetBytes(_config.GetSection("AppSettings:Token").Value));

            //In order for Server to sign the token.  Our key must be hashed using a security algorithm.
            //The Server Validates the Token by signing using the key... Microsoft.IdentityModel.Tokens
            //
            var creds = new SigningCredentials(key, SecurityAlgorithms.HmacSha512Signature);

            //Bundle (Claims we made about the user + Validation = Server Signed Token "creds")
            //
            var tokenDescriptor = new SecurityTokenDescriptor
            {
                Subject            = new ClaimsIdentity(claims),
                Expires            = DateTime.Now.AddDays(1),
                SigningCredentials = creds
            };

            //The token needs a handler to deal with the token in a secure way
            //
            var tokenHandler = new JwtSecurityTokenHandler();

            //Create a JWT token and pass the bundles properties of the token
            //Contains the JWT token that we want to return to our client
            //
            var token = tokenHandler.CreateToken(tokenDescriptor);

            //Return the JWT Token as an (obj) Token to the Client
            //Serialize/Write token (obj) as a response back to the client
            //
            return(Ok(
                       new { token = tokenHandler.WriteToken(token) }
                       ));
        }
Example #2
0
        public async Task <IActionResult> Login(UserFromLoginDto userFromLoginDto)
        {
            System.Threading.Thread.Sleep(3000);

            var user = await _userManagar.FindByNameAsync(userFromLoginDto.Username);

            var result = await _signInManager.CheckPasswordSignInAsync(user, userFromLoginDto.Password, false);

            if (result.Succeeded)
            {
                var appUser = await _userManagar.Users.Include(p => p.Photos)
                              .FirstOrDefaultAsync(u => u.NormalizedUserName == userFromLoginDto.Username.ToUpper());

                var userToReturn = _mapper.Map <UserForListDto>(appUser);

                return(Ok(new
                {
                    token = GenerateJwtToken(appUser),
                    user = userToReturn
                }));
            }

            return(Unauthorized());
        }