public async Task <IActionResult> Authenticate([FromBody] Users model) { var user = await _user.Authenticate(model.Email, model.Password); if (user == null) { return(BadRequest(new { message = "Username or password is incorrect" })); } return(Ok(user)); }
protected override async Task <AuthenticateResult> HandleAuthenticateAsync() { // skip authentication if endpoint has [AllowAnonymous] attribute var endpoint = Context.GetEndpoint(); if (endpoint?.Metadata?.GetMetadata <IAllowAnonymous>() != null) { return(AuthenticateResult.NoResult()); } if (!Request.Headers.ContainsKey("Authorization")) { return(AuthenticateResult.Fail("Missing Authorization Header")); } Users user = null; try { var authHeader = AuthenticationHeaderValue.Parse(Request.Headers["Authorization"]); var credentialBytes = Convert.FromBase64String(authHeader.Parameter); var credentials = Encoding.UTF8.GetString(credentialBytes).Split(new[] { ':' }, 2); var username = credentials[0]; var password = credentials[1]; user = await _userService.Authenticate(username, password); } catch { return(AuthenticateResult.Fail("Invalid Authorization Header")); } if (user == null) { return(AuthenticateResult.Fail("Invalid Username or Password")); } /*var claims = new[] { * new Claim(ClaimTypes.NameIdentifier, user.Id.ToString()), * new Claim(ClaimTypes.Name, user.Email), * };*/ var identity = new ClaimsIdentity(/*claims,*/ Scheme.Name); var principal = new ClaimsPrincipal(identity); var ticket = new AuthenticationTicket(principal, Scheme.Name); return(AuthenticateResult.Success(ticket)); }