public async Task <UserPrepareTokenModel> Authenticate(string login, string password) { var hashedPassword = password.HashSha256(); var pass = await _context.Pracownik.Where(p => p.Login == login).Select(p => p.Password).SingleOrDefaultAsync(); if (pass == null) { throw new BadLoginOrPasswordException(); } if (pass != hashedPassword) { throw new BadLoginOrPasswordException(); } // nie trzeba sprawdzac null, bo juz byl UserPrepareTokenModel userModel = await _context.Pracownik.Where(p => p.Login == login).Select(prac => new UserPrepareTokenModel { Id = prac.Id, Login = prac.Login, Email = prac.Email, IsAdministrator = prac.IsAdministrator, Name = prac.Name }).FirstOrDefaultAsync(); return(userModel); }
public string BuildToken(UserPrepareTokenModel user) { var claims = new List <Claim> { new Claim(JwtRegisteredClaimNames.Sub, user.Name), new Claim(JwtRegisteredClaimNames.Email, user.Email ?? ""), new Claim(JwtRegisteredClaimNames.Sid, user.Id.ToString()), new Claim(JwtRegisteredClaimNames.Jti, Guid.NewGuid().ToString()), new Claim(ClaimTypes.NameIdentifier, user.Id.ToString()), new Claim(ClaimTypes.Name, user.Name) }; if (user.IsAdministrator) { claims.Add(new Claim("role", "Administrator")); } string jwtKey = ConfigHelper.AppSetting("Jwt", "Key"); var key = new SymmetricSecurityKey(Encoding.UTF8.GetBytes(jwtKey)); var creds = new SigningCredentials(key, SecurityAlgorithms.HmacSha256); var token = new JwtSecurityToken( null, null, claims, expires: DateTime.Now.AddMinutes(250), signingCredentials: creds); return(new JwtSecurityTokenHandler().WriteToken(token)); }