public async Task <IActionResult> Login(UserForLoginDto dto) { var userFromRepo = await _repo.Login(dto.Username.ToLower(), dto.Password); if (userFromRepo == null) { return(Unauthorized("Pas autorisé à se connecter")); } var claims = new[] { new Claim(ClaimTypes.NameIdentifier, userFromRepo.Id.ToString()), new Claim(ClaimTypes.Name, userFromRepo.Username) }; var key = new SymmetricSecurityKey(Encoding.UTF8 .GetBytes(_config.GetSection("AppSettings:Token").Value)); var creds = new SigningCredentials(key, SecurityAlgorithms.HmacSha512Signature); var tokenDescriptor = new SecurityTokenDescriptor { Subject = new ClaimsIdentity(claims), Expires = DateTime.Now.AddDays(1), SigningCredentials = creds }; var tokenHandler = new JwtSecurityTokenHandler(); var token = tokenHandler.CreateToken(tokenDescriptor); LoginReturnDto loginDto = new LoginReturnDto { Token = tokenHandler.WriteToken(token), User = _mapper.Map <UserForLoginReturnDto>(userFromRepo), }; return(Ok(loginDto)); }
/// <summary> /// Login /// </summary> /// <param name="dto">Dto</param> /// <returns></returns> public async Task <HttpResponseMessage> PostLogin(UserForLoginDto dto) { _storage.RemoveItem("token"); _storage.RemoveItem("username"); var requestJson = Json.Serialize(dto); HttpRequestMessage req = new HttpRequestMessage(HttpMethod.Post, $"{Constants.URL_BASE}api/User/login"); req.Content = new StringContent(requestJson, Encoding.Default, "application/json"); var response = await _httpClient.SendAsync(req); if (response.StatusCode == System.Net.HttpStatusCode.OK) { // Set local storage string content = await response.Content.ReadAsStringAsync(); LoginReturnDto _dto = Json.Deserialize <LoginReturnDto>(content); _storage["token"] = _dto.Token; _storage["username"] = _dto.User.Username; } return(response); }