public async Task <ActionResult <AuthResponse> > Login([FromBody] CredentialsModel credentialsVM) { if (!ModelState.IsValid) { return(BadRequest(new AuthResponse { success = true, token = "", message = ModelState.ToString() })); } AuthenticateServiceResult result = await _accountService.AuthenticateAsync(credentialsVM.Email, credentialsVM.Password, _jwtOptions.Value.ExpiresInMinutes, _jwtOptions.Value.ValidIssuer, _jwtOptions.Value.ValidAudience, _jwtOptions.Value.SymmetricSecurityKey); //if (result == null) // return BadRequest(new AuthResponse { success = false, token = "", message = "Username or password is incorrect" }); if (result == null) { return(Unauthorized()); } return(new AuthResponse { success = true, token = result.Token, expiresInMinutes = _jwtOptions.Value.ExpiresInMinutes, message = "Success!", email = credentialsVM.Email, role = result.Role }); }
public async Task <AuthenticateServiceResult> AuthenticateAsync(string username, string password, int expiresInMinutes, string validIssuer, string validAudience, SecurityKey symmetricSecurityKey) { ApplicationUser user = await _userManager.Users .Where(u => u.UserName == username).FirstOrDefaultAsync(); // return null if user not found, email not confirmed or password incorrect if (user == null || !user.EmailConfirmed || !user.Approved || !await _userManager.CheckPasswordAsync(user, password)) { return(null); } string role = await GetUserRoleAsync(username); // authentication successful so generate jwt token var tokenHandler = new JwtSecurityTokenHandler(); var tokenDescriptor = new SecurityTokenDescriptor { Subject = new ClaimsIdentity(new Claim[] { new Claim(ClaimTypes.Name, user.Id.ToString()), new Claim(ClaimTypes.Role, role) }), Expires = DateTime.UtcNow.AddMinutes(expiresInMinutes), Issuer = validIssuer, Audience = validAudience, SigningCredentials = new SigningCredentials(symmetricSecurityKey, SecurityAlgorithms.HmacSha256Signature) }; var token = tokenHandler.CreateToken(tokenDescriptor); AuthenticateServiceResult result = new AuthenticateServiceResult { Role = role, Token = tokenHandler.WriteToken(token) }; return(result); }