public IActionResult CreateToken([FromBody] UsersAuth login)
{
if (login == null)
{
return(Unauthorized());
}
DateTime dt = DateTime.UtcNow.AddDays(7);
bool validUser = Authenticate(login);
string tokenString = string.Empty;
var getUser = _context.UsersItems.SingleOrDefault(x => x.Username == login.Username);
if (validUser)
{
tokenString = MyFunctions.BuildToken(_config, login.Username, dt);
}
else
{
return(Unauthorized());
}
return(Ok(
new {
id = getUser.Id,
username = getUser.Username,
email = getUser.Email,
role = getUser.Role,
firstName = getUser.FirstName,
lastName = getUser.LastName,
image = getUser.Image,
token = tokenString,
expiration = dt
}
));
}
private bool Authenticate(UsersAuth login)
{
var isUser = _context.UsersItems.SingleOrDefault(x => x.Username == login.Username);
if (isUser == null || !BC.Verify(login.Password, isUser.Password))
{
return(false);
}
else
{
return(true);
}
}
public IActionResult Authenticate(UsersAuth u)
{
var users = new List <UsersAuth>()
{
new UsersAuth()
{
username = "******", password = "******"
},
new UsersAuth()
{
username = "******", password = "******"
},
new UsersAuth()
{
username = "******", password = "******"
},
new UsersAuth()
{
username = "******", password = "******"
},
new UsersAuth()
{
username = "******", password = "******"
}
};
var _user = users.Find(e => e.username == u.username);
var tokenHandler = new JwtSecurityTokenHandler();
var tokenDescription = new SecurityTokenDescriptor()
{
Subject = new ClaimsIdentity(new Claim[] {
new Claim(ClaimTypes.Name, _user.username),
new Claim(ClaimTypes.Sid, _user.password)
}),
Expires = DateTime.UtcNow.AddDays(7),
SigningCredentials = new SigningCredentials(new SymmetricSecurityKey(Encoding.ASCII.GetBytes("ini secretnya kurang panjaaaaaangggggg banget")), SecurityAlgorithms.HmacSha512Signature)
};
var token = tokenHandler.CreateToken(tokenDescription);
var tokenResponse = new
{
token = tokenHandler.WriteToken(token),
user = _user.username
};
return(Ok(tokenResponse));
}
