public async Task <IActionResult> Login(UserForLoginDto userForLoginDto) { var userFromRepo = await _repo.Login(userForLoginDto.Username.ToLower(), userForLoginDto.Password); if (userFromRepo == null) { return(Unauthorized()); } var claims = new[] { new Claim(ClaimTypes.NameIdentifier, userFromRepo.Id.ToString()), new Claim(ClaimTypes.Name, userFromRepo.Username) }; var key = new SymmetricSecurityKey(Encoding.UTF8.GetBytes(_config.GetSection("AppSettings:Token").Value)); var creds = new SigningCredentials(key, SecurityAlgorithms.HmacSha512Signature); var tokenDecriptor = new SecurityTokenDescriptor { Subject = new ClaimsIdentity(claims), Expires = DateTime.Now.AddDays(1), SigningCredentials = creds }; var tokenHandler = new JwtSecurityTokenHandler(); var token = tokenHandler.CreateToken(tokenDecriptor); return(Ok(new { token = tokenHandler.WriteToken(token) })); }
public async Task <IActionResult> Login(UserForRegisterDto userForLoginDto) { var userFromRepo = await _repo.Login(userForLoginDto.Username.ToLower(), userForLoginDto.Password); if (userForLoginDto == null) { return(Unauthorized()); } var claims = new[] //Information that is going to get contained in the token { new Claim(ClaimTypes.NameIdentifier, userFromRepo.Id.ToString()), new Claim(ClaimTypes.Name, userFromRepo.Username) }; // now the server can just look into the tokens and does not need to go through our db //key to sign our token var key = new SymmetricSecurityKey(Encoding.UTF8.GetBytes(_config.GetSection("AppSettings:Token").Value)); // signing cridentials var creds = new SigningCredentials(key, SecurityAlgorithms.HmacSha512Signature); // security token descriptor for claims, expiry date for token and signing cridentials var tokenDescriptor = new SecurityTokenDescriptor { Subject = new ClaimsIdentity(claims), Expires = DateTime.Now.AddDays(1), SigningCredentials = creds }; var tokenHandler = new JwtSecurityTokenHandler(); var token = tokenHandler.CreateToken(tokenDescriptor); return(Ok(new { token = tokenHandler.WriteToken(token) })); }
public async Task <IActionResult> Login(UserForLoginDto userForLogin) { //throw new Exception("Application!"); var userFormRepo = await _repo.Login(userForLogin.UserName.ToLower(), userForLogin.Password); //first we are making sure that we have a user in our database with these username and password. if (userFormRepo == null) { return(Unauthorized()); } //Token has 2 claims var claims = new[] { new Claim(ClaimTypes.NameIdentifier, userFormRepo.Id.ToString()), new Claim(ClaimTypes.Name, userFormRepo.Username) }; //creating a security key var key = new SymmetricSecurityKey(Encoding.UTF8.GetBytes(_config.GetSection("AppSettings:Token").Value)); var creds = new SigningCredentials(key, SecurityAlgorithms.HmacSha512Signature); var tokenDescriptor = new SecurityTokenDescriptor { Subject = new ClaimsIdentity(claims), Expires = DateTime.Now.AddDays(1), SigningCredentials = creds }; var tokenHandler = new JwtSecurityTokenHandler(); var token = tokenHandler.CreateToken(tokenDescriptor); var user = _mapper.Map <UserForListDto>(userFormRepo); return(Ok(new { token = tokenHandler.WriteToken(token), user } )); }