public override async Task GrantResourceOwnerCredentials(OAuthGrantResourceOwnerCredentialsContext context)
{
context.OwinContext.Response.Headers.Add("Access-Control-Allow-Origin", new[] {"*"});
using (var repo = new AuthRepository())
{
IdentityUser user = await repo.FindUser(context.UserName, context.Password);
if (user == null)
{
context.SetError("invalid_grant", "The user name or password is incorrect.");
return;
}
}
var identity = new ClaimsIdentity(context.Options.AuthenticationType);
identity.AddClaim(new Claim("sub", context.UserName));
identity.AddClaim(new Claim(ClaimTypes.Name, context.UserName));
identity.AddClaim(new Claim("role", "user"));
context.Validated(identity);
}
public AccountController()
{
_repository = new AuthRepository();
}
private async Task<IEnumerable<Claim>> ValidateBasicUser(string username, string password)
{
var claims = new List<Claim>();
using (var repo = new AuthRepository())
{
IdentityUser user = await repo.FindUser(username, password);
if (user != null)
{
claims.Add(new Claim(ClaimTypes.NameIdentifier, user.Id));
claims.Add(new Claim(ClaimTypes.Name, user.UserName));
var role = "user";
if (user.Roles.Any())
{
role = user.Roles.First().RoleId;
}
claims.Add(new Claim(ClaimTypes.Role, role));
return claims;
}
}
return null;
}