public User Post([FromBody] UserViewModel userViewModel) { userViewModel.Password = CommonHelper.Base64Encode(userViewModel.Password); var user = _userRepository.Add(userViewModel.Adapt <User>()); return(user); }
public async Task <IActionResult> Login([FromBody] CredentialsViewModel applicationUserViewModel) { const string badUserNameOrPasswordMessage = "Username or password is incorrect."; if (applicationUserViewModel == null) { return(BadRequest(badUserNameOrPasswordMessage)); } var lookupUser = _userRepository.GetByEmail(applicationUserViewModel.Email); var lookupUserPassword = CommonHelper.Base64Decode(lookupUser?.Password); if (lookupUserPassword != applicationUserViewModel.Password) { return(BadRequest(badUserNameOrPasswordMessage)); } var identity = new ClaimsIdentity(CookieAuthenticationDefaults.AuthenticationScheme); identity.AddClaim(new Claim(ClaimTypes.Name, lookupUser.FirstName)); identity.AddClaim(new Claim(ClaimTypes.Role, lookupUser.UserRoleId.ToString())); var claimsPrincipal = new ClaimsPrincipal(identity); await HttpContext.SignInAsync(CookieAuthenticationDefaults.AuthenticationScheme, claimsPrincipal); var auth = JsonConvert.SerializeObject(identity); return(Redirect($"{Configuration["Clientapp:ClientURL"] }/callback?auth={CommonHelper.Base64Encode(auth)}")); }
private async Task <ClaimsIdentity> GetClaimsIdentity(string email, string password) { if (string.IsNullOrEmpty(email) || string.IsNullOrEmpty(password)) { return(await Task.FromResult <ClaimsIdentity>(null)); } //var lookupUser = _userRepository.GetByEmail(applicationUserViewModel.Email); // var lookupUserPassword = CommonHelper.Base64Decode(lookupUser?.Password); // if (lookupUserPassword != applicationUserViewModel.Password) // get the user to verifty var userToVerify = _userRepository.GetByEmail(email); var encodedPassword = CommonHelper.Base64Encode(password);//System.Text.ASCIIEncoding.ASCII.GetString(System.Convert.FromBase64String(userToVerify?.Password)); if (userToVerify == null) { return(await Task.FromResult <ClaimsIdentity>(null)); } // check the credentials if (encodedPassword == userToVerify?.Password) { var userRole = _userRoleRepository.GetById(userToVerify.UserRoleId); return(await Task.FromResult(_jwtFactory.GenerateClaimsIdentity(email, userToVerify.Id.ToString(), userRole.UserRoleName))); } // Credentials are invalid, or account doesn't exist return(await Task.FromResult <ClaimsIdentity>(null)); }