public async Task <IHttpActionResult> Post([FromBody] UserLoginModel model) { IUserRepository userRepository = _uow.GetRepository <IUserRepository>(); string hash = Md5Tool.CreateUtf8Hash(model.Password); dynamic user = await userRepository.GetQueryable().AsNoTracking().Include(x => x.UserRoles.Select(y => y.Role)).Where(x => x.UserName == model.UserName && x.Password == hash).Select(x => new { x.UserName, Roles = x.UserRoles.Select(y => y.Role.Name) }).FirstOrDefaultAsync(); if (user != null) { string secretKey = ConfigurationManager.AppSettings["SecretKey"]; double tokenExpiration = double.Parse(ConfigurationManager.AppSettings["TokenExpirationMinutes"]); string token = new CustomJwtAuthorizationProvider().GenerateToken(secretKey, user.UserName, user.Roles, tokenExpiration); return(Ok(new { access_token = token, token_type = "bearer", expires_in = TimeSpan.FromMinutes(tokenExpiration).TotalSeconds })); } return(Unauthorized()); }
public override void OnAuthorization(HttpActionContext actionContext) { AuthenticationHeaderValue authRequest = actionContext.Request.Headers.Authorization; if (authRequest != null && authRequest.Scheme.Equals("basic", StringComparison.OrdinalIgnoreCase)) { string token = authRequest.Parameter; if (!string.IsNullOrEmpty(token)) { string decodedToken = Encoding.UTF8.GetString(Convert.FromBase64String(token)); string username = decodedToken.Substring(0, decodedToken.IndexOf(":", StringComparison.Ordinal)); string password = decodedToken.Substring(decodedToken.IndexOf(":", StringComparison.Ordinal) + 1); if (!string.IsNullOrEmpty(username) && !string.IsNullOrEmpty(password)) { IUserRepository userRepository = _uow.GetRepository <IUserRepository>(); string hash = Md5Tool.CreateUtf8Hash(password); dynamic user = userRepository.GetQueryable().AsNoTracking().Include(x => x.UserRoles.Select(y => y.Role)).Where(x => x.UserName == username && x.Password == hash).Select(x => new { x.UserName, Roles = x.UserRoles.Select(y => y.Role.Name) }).FirstOrDefault(); if (user != null) { IList <Claim> claims = new List <Claim> { new Claim(ClaimTypes.Name, user.UserName), new Claim(ClaimTypes.NameIdentifier, user.UserName) }; AuthorizeAttribute authorizeAttribute = actionContext.ActionDescriptor .GetCustomAttributes <AuthorizeAttribute>(true) .FirstOrDefault(); if (authorizeAttribute != null) { string[] roles = authorizeAttribute.Roles.Split(','); foreach (string role in roles) { if (user.Roles.Contains(role)) { claims.Add(new Claim(ClaimTypes.Role, role)); } } } actionContext.RequestContext.Principal = new ClaimsPrincipal(new ClaimsIdentity(claims, "Basic")); } } } } //actionContext.Response = new HttpResponseMessage(HttpStatusCode.Unauthorized); base.OnAuthorization(actionContext); }
public async Task <IHttpActionResult> Register([FromBody] UserRegisterModel model) { IUserRepository userRepository = _uow.GetRepository <IUserRepository>(); User user = new User { UserName = model.UserName, Email = model.Email, Password = Md5Tool.CreateUtf8Hash(model.Password) }; userRepository.Add(user); await _uow.CommitAsync(); return(Ok()); }
public override async Task GrantResourceOwnerCredentials(OAuthGrantResourceOwnerCredentialsContext context) { context.OwinContext.Response.Headers.Add("Access-Control-Allow-Origin", new[] { "*" }); IUserRepository userRepository = _uow.GetRepository <IUserRepository>(); string hash = Md5Tool.CreateUtf8Hash(context.Password); dynamic user = await userRepository.GetQueryable().AsNoTracking().Include(x => x.UserRoles.Select(y => y.Role)).Where(x => x.UserName == context.UserName && x.Password == hash).Select(x => new { x.UserName, Roles = x.UserRoles.Select(y => y.Role.Name) }).FirstOrDefaultAsync(); if (user != null) { ClaimsIdentity identity = new ClaimsIdentity(context.Options.AuthenticationType); //identity.AddClaim(new Claim("sub", user.UserName)); identity.AddClaim(new Claim(ClaimTypes.Name, user.UserName)); identity.AddClaim(new Claim(ClaimTypes.NameIdentifier, user.UserName)); foreach (string role in user.Roles) { identity.AddClaim(new Claim(ClaimTypes.Role, role)); } AuthenticationTicket ticket = new AuthenticationTicket(identity, new AuthenticationProperties { AllowRefresh = true, IsPersistent = true, IssuedUtc = DateTimeOffset.Now, ExpiresUtc = DateTimeOffset.Now.AddMinutes(double.Parse(ConfigurationManager.AppSettings["TokenExpirationMinutes"])) }); context.Validated(ticket); } else { context.Rejected(); //context.SetError("invalid_grant", "The user name or password is incorrect."); } }