// POST auth/login public async Task <IActionResult> login(userForLoginDTO userForLoginDto) { var userFromRepo = await _repo.Login(userForLoginDto.username.ToLower(), userForLoginDto.password); // creation of token identifier if (userFromRepo != null) { var claims = new[] { new Claim(ClaimTypes.NameIdentifier, userFromRepo.id.ToString()), new Claim(ClaimTypes.Name, userFromRepo.username) }; var key = new SymmetricSecurityKey(Encoding.UTF8.GetBytes(_config.GetSection("AppSettings:Token").Value)); var creds = new SigningCredentials(key, SecurityAlgorithms.HmacSha512Signature); var tokenDescriptor = new SecurityTokenDescriptor { Subject = new ClaimsIdentity(claims), Expires = DateTime.Now.AddDays(1), SigningCredentials = creds }; var tokenHandler = new JwtSecurityTokenHandler(); var token = tokenHandler.CreateToken(tokenDescriptor); return(Ok(new { token = tokenHandler.WriteToken(token) })); } else { return(Unauthorized()); } }
public async Task <IActionResult> Login(userForLoginDTO userLogin) { var activeUser = await _services.Login(userLogin.Username, userLogin.Password); if (activeUser == null) { return(Unauthorized()); } var claims = new[] { new Claim(ClaimTypes.NameIdentifier, activeUser.Id.ToString()), new Claim(ClaimTypes.Name, activeUser.Username) }; var key = new SymmetricSecurityKey(Encoding.UTF8.GetBytes(_config.GetSection("AppSettings:Token").Value)); var credential = new SigningCredentials(key, SecurityAlgorithms.HmacSha512Signature); var tokenDescription = new SecurityTokenDescriptor { Subject = new ClaimsIdentity(claims), Expires = DateTime.Now.AddDays(14), SigningCredentials = credential }; var tokenHandler = new JwtSecurityTokenHandler(); SecurityToken securityToken = tokenHandler.CreateToken(tokenDescription); string token = tokenHandler.WriteToken(securityToken); return(Ok(token)); }
public async Task Login_LoginWithNonExistingUser_ReturnsUnauthorize() { var userLogin = new userForLoginDTO() { Username = "******", Password = "******" }; var response = await Login(userLogin); Assert.That(HttpStatusCode.Unauthorized, Is.EqualTo(response.StatusCode)); }
private async Task <string> GetJwtAsync() { var newUser = new userForRegisterDTO { Username = "******", FirstName = "sample", LastName = "sample", Password = "******", InitialBalance = 10 }; var newUserRegistered = await CreateUser(newUser); var userLogin = new userForLoginDTO { Username = "******", Password = "******" }; var responseToken = await Login(userLogin); var token = responseToken.Content.ReadAsStringAsync().Result; return(token); }
protected async Task <HttpResponseMessage> Login(userForLoginDTO userLogin) { return(await TestClient.PostAsJsonAsync(ApiRoutes.Auth.Login, userLogin)); }