public async Task <IActionResult> Authenticate(string login, string password) { if (String.IsNullOrEmpty(login) || String.IsNullOrEmpty(password)) { return(BadRequest()); } try { var identity = await GetIdentity(login, password); if (identity == null) { return(BadRequest(new { errorText = "Invalid username or password." })); } var response = JWT.Create(identity); return(Ok(response)); } catch (Exception err) { return(BadRequest(err.Message)); } }
public IActionResult Login() { var user = Database.GetUser(Guid.Parse(User.Claims.FirstOrDefault(c => c.Type == "uid").Value)); return(Ok(new { user = user, token = JWT.Create(user).Serialize(), })); }
[MTest] public void Create() { var newData = new SampleTokenData("1234567890", "John Doe", true); var key = "secret"; var newToken = JWT.Create(newData, key); Assert(newToken == VALID_TOKEN_STR, "signature not match."); }
public UserModule(IUnitOfWork unitOfWork, IOptions <Secrets> secrets) { _unitOfWork = unitOfWork; _secrets = secrets.Value; Get("/public/users", _ => { return(_unitOfWork.UserRepository.GetAllUsers().Select(x => new DTO.User() { Email = x.Email, UserId = x.Id })); }); Post("/public/users", args => { DTO.LoginCredentials user = this.Bind(); if (_unitOfWork.UserRepository.GetUser(user.Email) == null) { User userToAdd = new User(); //Do hashing here string password = user.Password; Tuple <string, string> result = PasswordHash.hash(password); userToAdd.PasswordHash = result.Item1; userToAdd.Salt = result.Item2; userToAdd.Email = user.Email; _unitOfWork.UserRepository.Create(userToAdd); _unitOfWork.Save(); return(HttpStatusCode.OK); } else { return(HttpStatusCode.Unauthorized); } }); Post("/public/users/login", args => { DTO.LoginCredentials user = this.Bind <DTO.LoginCredentials>(); User fromDb = _unitOfWork.UserRepository.GetUser(user.Email); if (fromDb != null && PasswordHash.verify(user.Password, fromDb.PasswordHash, fromDb.Salt)) { Dictionary <string, object> claims = new Dictionary <string, object>(); claims.Add("email", fromDb.Email); claims.Add("userId", fromDb.Id); return(JWT.Create(_secrets, claims)); } else { return(HttpStatusCode.Unauthorized); } }); }
public IActionResult Login([FromBody] LoginToken login) { User user; try { user = Database.GetUser(login); } catch (Exception e) { return(BadRequest(e.Message)); } return(Ok(new { user = user, token = JWT.Create(user).Serialize() })); }
public void TestVerifyWorks() { Secrets settings = new Secrets() { SecretKey = "Hello, World" }; Dictionary <string, object> claims = new Dictionary <string, object>(); claims.Add("email", "*****@*****.**"); string token = JWT.Create(settings, claims); Assert.True(JWT.Verify(settings, token)); string badToken = "P" + token; Assert.False(JWT.Verify(settings, badToken)); }