Exemple #1
0
        private string GenerateJWT(UserLoginReponseModel user)
        {
            var claims = new List <Claim> {
                new Claim(ClaimTypes.GivenName, user.FirstName),
                new Claim(ClaimTypes.Surname, user.LastName),
                new Claim(ClaimTypes.NameIdentifier, user.Id.ToString()),
                new Claim(ClaimTypes.Email, user.Email),
            };
            //create jwt token, hash token

            var identityClaims = new ClaimsIdentity();

            identityClaims.AddClaims(claims);

            // read TokenSetting: PrivateKey from appsetting.json
            var securityKey = new SymmetricSecurityKey(Encoding.UTF8.GetBytes(_configuration["TokenSettings:PrivateKey"]));
            var credentials = new SigningCredentials(securityKey, SecurityAlgorithms.HmacSha256Signature);
            var expires     = DateTime.UtcNow.AddHours(_configuration.GetValue <double>("TokenSettings:ExpirationHours"));

            var tokenHandler    = new JwtSecurityTokenHandler();
            var tokenDescriptor = new SecurityTokenDescriptor
            {
                Subject            = identityClaims,
                Expires            = expires,
                SigningCredentials = credentials,
                Issuer             = _configuration["TokenSettings:Issuer"],
                Audience           = _configuration["TokenSettings:Audience"]
            };
            var encodedJwt = tokenHandler.CreateToken(tokenDescriptor);

            return(tokenHandler.WriteToken(encodedJwt));
        }
Exemple #2
0
        public async Task <UserLoginReponseModel> ValidateUser(string email, string password)
        {
            //1.Get user record from the database by email;
            var user = await _userRepository.GetUserByEmail(email);

            if (user == null)
            {
                //user does not even exists
                throw new Exception("Register first, user does not exisit");
            }
            //2. we need to hash the password that user entered in the page with Salt from the database
            var hashedPassword = _cryptoService.HashPassword(password, user.Salt);

            //3. compare the database hashed password with Hashed password generated in step 2

            if (hashedPassword == user.HashedPassword)
            {
                //user entered right password
                //send some user details
                var response = new UserLoginReponseModel
                {
                    Id          = user.Id,
                    FirstName   = user.FirstName,
                    LastName    = user.LastName,
                    DateOfBirth = user.DateOfBirth,
                    Email       = user.Email
                };
                return(response);
            }
            return(null);
        }
Exemple #3
0
        public async Task <UserLoginReponseModel> ValidateUser(string email, string password)
        {
            // setp 1: get user record from the database by email;

            var user = await _userRepository.GetUserByEmail(email);

            if (user == null)
            {
                // user does not exists
                throw new Exception("Register first, user does not exist.");
            }
            // step 2, if user exist, hash the password that user entered in the page  with salt from the database
            var hashedPassword = _cryptoService.HashPassword(password, user.Salt);

            // setp3, compare the hashed password with the on from database.
            if (hashedPassword == user.HashedPassword)
            {
                // password match
                // send more user details

                var response = new UserLoginReponseModel
                {
                    Id          = user.Id,
                    FirstName   = user.FirstName,
                    LastName    = user.LastName,
                    Email       = user.Email,
                    DateOfBirth = user.DateOfBirth,
                };
                return(response);
            }
            return(null);
        }
Exemple #4
0
 public AuthResponse(UserLoginReponseModel user, string token)
 {
     this.User  = user;
     this.Token = token;
 }