public async Task <IActionResult> Post([FromForm] AutenticaUsuarioComando command)
{
if (command == null)
{
return(await Response(null, new List <Notification> {
new Notification("User", "Usuário ou senha inválidos")
}));
}
var identity = await GetClaims(command);
if (identity == null)
{
return(await Response(null, new List <Notification> {
new Notification("User", "Usuário ou senha inválidos")
}));
}
var claims = new[]
{
new Claim(JwtRegisteredClaimNames.UniqueName, command.Login),
new Claim(JwtRegisteredClaimNames.NameId, command.Login),
new Claim(JwtRegisteredClaimNames.Email, command.Login),
new Claim(JwtRegisteredClaimNames.Sub, command.Login),
new Claim(JwtRegisteredClaimNames.Jti, await _tokenOptions.JtiGenerator()),
new Claim(JwtRegisteredClaimNames.Iat, ToUnixEpochDate(_tokenOptions.IssuedAt).ToString(), ClaimValueTypes.Integer64),
identity.FindFirst("ModernStore")
};
var jwt = new JwtSecurityToken(
issuer: _tokenOptions.Issuer,
audience: _tokenOptions.Audience,
claims: claims.AsEnumerable(),
notBefore: _tokenOptions.NotBefore,
expires: _tokenOptions.Expiration,
signingCredentials: _tokenOptions.SigningCredentials);
var encodedJwt = new JwtSecurityTokenHandler().WriteToken(jwt);
var response = new
{
token = encodedJwt,
expires = (int)_tokenOptions.ValidFor.TotalSeconds,
user = new
{
id = _cliente.Id,
name = _cliente.Nome.ToString(),
email = _cliente.Email.Endereco,
username = _cliente.Usuario.Login
}
};
var json = JsonConvert.SerializeObject(response, _serializerSettings);
return(new OkObjectResult(json));
}
private Task <ClaimsIdentity> GetClaims(AutenticaUsuarioComando command)
{
var customer = _repository.GetByUsername(command.Login);
if (customer == null)
{
return(Task.FromResult <ClaimsIdentity>(null));
}
if (!customer.Usuario.Authenticate(command.Login, command.Senha))
{
return(Task.FromResult <ClaimsIdentity>(null));
}
_cliente = customer;
return(Task.FromResult(new ClaimsIdentity(
new GenericIdentity(customer.Usuario.Login, "Token"),
new[] {
new Claim("ModernStore", "User")
})));
}
