public ActionResult <string> PostUsers([FromBody] User user)
{
if (authenticationRepository.AuthenticateUser(user))
{
var claims = new[]
{
new Claim(JwtRegisteredClaimNames.Sub, user.userName)
};
var signingKey = new SymmetricSecurityKey(
Encoding.UTF8.GetBytes("MyKeyForAuthentication"));
var token = new JwtSecurityToken(
issuer: "iiht.com",
audience: "trainees",
expires: DateTime.Now.AddHours(1),
claims: claims,
signingCredentials:
new SigningCredentials(signingKey,
SecurityAlgorithms.HmacSha256)
);
return(Ok(new TokenResponse
{
Token = new JwtSecurityTokenHandler().WriteToken(token),
Expiration = token.ValidTo
}));
}
return(Unauthorized());
}
public async Task <IActionResult> SignInUser(User user)
{
var userFromRepo = _repo.AuthenticateUser(user);
if (userFromRepo == null)
{
ViewBag.ErrorMessage = "Your email or password is incorrect.";
return(View("Login"));
}
var claims = new List <Claim>
{
new Claim(ClaimTypes.Name, userFromRepo.Email),
new Claim("FirstName", userFromRepo.FirstName),
new Claim("LastName", userFromRepo.LastName),
new Claim(ClaimTypes.Role, "User")
};
var claimsIdentity = new ClaimsIdentity(claims, CookieAuthenticationDefaults.AuthenticationScheme);
var authProperties = new AuthenticationProperties
{
AllowRefresh = true,
ExpiresUtc = DateTimeOffset.UtcNow.AddMinutes(30),
IsPersistent = true,
RedirectUri = "/Home/Index"
};
await HttpContext.SignInAsync(CookieAuthenticationDefaults.AuthenticationScheme, new ClaimsPrincipal(claimsIdentity), authProperties);
return(RedirectToAction("Index", "Home"));
}
public IActionResult UserLoginAsync([FromBody] User user)
{
if (user == null)
{
logger.LogInformation(400, "Bad Request");
return(BadRequest());
}
if (!ModelState.IsValid)
{
logger.LogInformation(422, "Validation error");
return(new UnprocessableEntityObjectResult(ModelState));
}
if (string.IsNullOrWhiteSpace(user.UserName) ||
string.IsNullOrWhiteSpace(user.Password))
{
logger.LogInformation(400, "Username or Password not provided`");
return(new UnprocessableEntityObjectResult(ModelState));
}
AuthenticationResponse response = new AuthenticationResponse();
try
{
if (repository.AuthenticateUser(user))
{
var claims = new[]
{
new Claim(JwtRegisteredClaimNames.Sub, user.UserName)
};
var signingKey = new SymmetricSecurityKey(
Encoding.UTF8.GetBytes(
configuration
.GetSection("AuthenticationDetails")
.GetSection("SecretKey").Value));
var token = new JwtSecurityToken(
issuer: configuration
.GetSection("AuthenticationDetails")
.GetSection("ValidIssuer").Value,
audience: configuration
.GetSection("AuthenticationDetails")
.GetSection("ValidAudience").Value,
expires: DateTime.Now.AddHours(1),
claims: claims,
signingCredentials:
new SigningCredentials(signingKey,
SecurityAlgorithms.HmacSha256)
);
response.TokenList = new List <TokenResponse>()
{
new TokenResponse
{
Token = new JwtSecurityTokenHandler().WriteToken(
token),
Expiration = token.ValidTo
}
};
logger.LogInformation(200, "SuccessIndicator = true");
response.SuccessIndicator = true;
return(Ok(response));
}
logger.LogInformation(200,
"SuccessIndicator = false. User not authorized");
return(Unauthorized());
}
catch (Exception ex)
{
var faultObj = new Fault()
{
FaultMessage = ex.Message,
FaultSource = ex.Source
};
if (ex.InnerException != null &&
!string.IsNullOrWhiteSpace(ex.InnerException.Message))
{
faultObj.InnerMessage = ex.InnerException.Message;
}
response.Fault = faultObj;
response.SuccessIndicator = false;
logger.LogError(500, faultObj.FaultMessage);
logger.LogInformation(500, "sucessIndicator = false");
}
return(new InternalServerErrorObjectResult(response));
}
