public async Task <IActionResult> Login(AccountForLoginDto accountForLogin) { // throw new Exception("COMPUTER SAYS NO!!"); var userFromRepo = await _repo.Login(accountForLogin.Username.ToLower(), accountForLogin.Password); if (userFromRepo == null) { return(Unauthorized()); } var claims = new[] { new Claim(ClaimTypes.NameIdentifier, userFromRepo.Id.ToString()), new Claim(ClaimTypes.Name, userFromRepo.Username) }; var key = new SymmetricSecurityKey(Encoding.UTF8 .GetBytes(_config.GetSection("AppSettings:Token").Value)); var creds = new SigningCredentials(key, SecurityAlgorithms.HmacSha512Signature); var tokenDescriptor = new SecurityTokenDescriptor { Subject = new ClaimsIdentity(claims), Expires = DateTime.Now.AddHours(.5), SigningCredentials = creds }; var tokenHandler = new JwtSecurityTokenHandler(); var token = tokenHandler.CreateToken(tokenDescriptor); return(Ok(new { token = tokenHandler.WriteToken(token) })); }
public async Task <IActionResult> Delete(AccountForLoginDto accountForLoginDto) { var accountFromRepo = await _repo.Login(accountForLoginDto.Username.ToLower(), accountForLoginDto.Password); if (accountFromRepo == null || accountFromRepo.Status == 0) { return(Unauthorized()); } accountFromRepo.Status = 0; if (await _repo.SaveAll()) { return(Ok()); } throw new Exception($"Updating user failed on save"); }
public async Task <IActionResult> Login(AccountForLoginDto accountForLoginDto) { var accountFromRepo = await _repo.Login(accountForLoginDto.Email.ToLower().Trim(), accountForLoginDto.Password); if (accountFromRepo == null) { return(Unauthorized("wrong email or password")); } if (!accountFromRepo.VerifiedEmail) { return(Unauthorized("email not verified")); } var claims = new List <Claim> { new Claim(ClaimTypes.NameIdentifier, accountFromRepo.Id.ToString()), new Claim(ClaimTypes.Email, accountFromRepo.Email) }; if (accountFromRepo.RoleId != null) { claims.Add(new Claim(ClaimTypes.Role, accountFromRepo.Role.InternalName)); } ; var key = new SymmetricSecurityKey(Encoding.UTF8.GetBytes(_config.GetSection("AppSettings:Token").Value)); var creds = new SigningCredentials(key, SecurityAlgorithms.HmacSha512Signature); var tokenDescriptor = new SecurityTokenDescriptor { Subject = new ClaimsIdentity(claims), Expires = DateTime.Now.AddDays(1), SigningCredentials = creds }; var tokenHandler = new JwtSecurityTokenHandler(); var token = tokenHandler.CreateToken(tokenDescriptor); return(Ok(new { token = tokenHandler.WriteToken(token) })); }
public IActionResult Login(AccountForLoginDto accountForLoginDto) { // first we check that we have this user in the database var accountFromRepo = _accountRepository.Login(accountForLoginDto.Email.ToLower(), accountForLoginDto.Password); if (accountFromRepo == null) { return(Unauthorized()); } // The below code will create a token for the client. var claims = new[] { new Claim(ClaimTypes.NameIdentifier, accountFromRepo.AccountId.ToString()), new Claim(ClaimTypes.Name, accountFromRepo.Email) }; //We create a key var key = new SymmetricSecurityKey(Encoding.UTF8 .GetBytes(_config.GetSection("AppSettings:Token").Value)); //We sign then encrypt the key var creds = new SigningCredentials(key, SecurityAlgorithms.HmacSha512Signature); // now we create our token wiht the data var tokenDescriptor = new SecurityTokenDescriptor { Subject = new ClaimsIdentity(claims), Expires = DateTime.Now.AddDays(1), SigningCredentials = creds }; // We create a handler which will allow us to create a token based on the token descriptor provided var tokenHandler = new JwtSecurityTokenHandler(); var token = tokenHandler.CreateToken(tokenDescriptor); //This will contain our jwt that we return to our client var sessionDto = _sessionService.GetSessionDetails(accountFromRepo.AccountId); sessionDto.Token = tokenHandler.WriteToken(token); return(Ok(sessionDto)); }
public async Task <IActionResult> Login(AccountForLoginDto accountForLoginDto) { var accountFromRepo = await _repo.Login(accountForLoginDto.Username.ToLower(), accountForLoginDto.Password); if (accountFromRepo == null || accountFromRepo.Status == 0) { return(Unauthorized()); } var claims = new[] { new Claim(ClaimTypes.NameIdentifier, accountFromRepo.Id.ToString()), new Claim(ClaimTypes.Name, accountFromRepo.Username) }; var key = new SymmetricSecurityKey(Encoding.UTF8 .GetBytes(_config.GetSection("AppSettings:Token").Value)); var creds = new SigningCredentials(key, SecurityAlgorithms.HmacSha512Signature); var tokenDescriptor = new SecurityTokenDescriptor { Subject = new ClaimsIdentity(claims), Expires = DateTime.Now.AddMinutes(15), SigningCredentials = creds }; var tokenHandler = new JwtSecurityTokenHandler(); var token = tokenHandler.CreateToken(tokenDescriptor); var account = _mapper.Map <Account>(accountFromRepo); return(Ok(new { token = tokenHandler.WriteToken(token), account })); }
public ActionResult Login(AccountForLoginDto account) { if (!ModelState.IsValid) { TempData["Message"] = "Hatalı Giriş Tespit Edildi."; return(View("Login")); } var accountInDb = _accountService.Login(account.Email, account.Password); if (accountInDb != null) { FormsAuthentication.SetAuthCookie(accountInDb.Email, false); Request.Cookies[".ASPXAUTH"].Expires = DateTime.Now.AddDays(5); Session["userID"] = accountInDb.AccountID; return(RedirectToAction("Index", "Home")); } else { TempData["Message"] = "Geçersiz Email veya Şifre"; return(View("Login")); } }