public async Task Token()
{
var username = Request.Form["Login"];
var password = Request.Form["Password"];
var identity = GetIdentity(username, password);
if (identity == null)
{
Response.StatusCode = 400;
await Response.WriteAsync("Invalid username or password.");
return;
}
var now = DateTime.UtcNow;
// создаем JWT-токен
var jwt = new JwtSecurityToken(
issuer: AuthApiSettings.ISSUER,
audience: AuthApiSettings.AUDIENCE,
notBefore: now,
claims: identity.Claims,
expires: now.Add(TimeSpan.FromMinutes(AuthApiSettings.LIFETIME)),
signingCredentials: new SigningCredentials(AuthApiSettings.GetSymmetricSecurityKey(), SecurityAlgorithms.HmacSha256));
var encodedJwt = new JwtSecurityTokenHandler().WriteToken(jwt);
var response = new
{
access_token = encodedJwt,
username = identity.Name
};
// сериализация ответа
Response.ContentType = "application/json";
await Response.WriteAsync(JsonConvert.SerializeObject(response, new JsonSerializerSettings {
Formatting = Formatting.Indented
}));
}
public DefaultClaimService(IOptions <AuthApiSettings> authApiSettings)
{
_authApiSettings = authApiSettings.Value;
}