public async Task <IActionResult> login(UserForLoginDto userforlogindto) { var userFromRepo = await _repo.Login(userforlogindto.Username, userforlogindto.Password); if (userFromRepo == null) { return(Unauthorized()); } var claims = new [] { new Claim(ClaimTypes.NameIdentifier, userFromRepo.Id.ToString()), new Claim(ClaimTypes.Name, userFromRepo.Username) }; //Create security key var key = new SymmetricSecurityKey(Encoding.UTF8 .GetBytes(_config.GetSection("AppSettings:Token").Value)); //Signing credentials var creds = new SigningCredentials(key, SecurityAlgorithms.HmacSha512Signature); // set names and exp date var tokenDescriptor = new SecurityTokenDescriptor { Subject = new ClaimsIdentity(claims), Expires = DateTime.Now.AddDays(1), SigningCredentials = creds }; var tokenHandler = new JwtSecurityTokenHandler(); var token = tokenHandler.CreateToken(tokenDescriptor); return(Ok(new { token = tokenHandler.WriteToken(token) })); }
public async Task <IActionResult> Login([FromBody] UserForLogin userforlogin) { byte [] key = Encoding.ASCII.GetBytes(_config.GetSection("secrets:HashSalt").Value); if (ModelState.IsValid) { var user = await _auth.Login(userforlogin); if (user == null) { return(Unauthorized()); } var tokenhandler = new JwtSecurityTokenHandler(); var descriptor = new SecurityTokenDescriptor() { Subject = new ClaimsIdentity(new Claim [] { new Claim(ClaimTypes.NameIdentifier, user.id.ToString()), new Claim(ClaimTypes.Name, user.Username), }), Expires = System.DateTime.Now.AddDays(2), SigningCredentials = new SigningCredentials(new SymmetricSecurityKey(key), SecurityAlgorithms.HmacSha512) }; var tokenstring = tokenhandler.CreateToken(descriptor); var token = tokenhandler.WriteToken(tokenstring); return(Ok(new { token })); } return(BadRequest(ModelState)); }
public async Task <IActionResult> Login(UserForLoginDto userForLoginDto) { //This is the user attempting to login. var userFromRepo = await _repo.Login(userForLoginDto.Username.ToLower(), userForLoginDto.Password); if (userFromRepo == null) { return(Unauthorized()); } //This lays out the content of the token from the user perspective. Which is the user ID and the username. var claims = new[] { new Claim(ClaimTypes.NameIdentifier, userFromRepo.ID.ToString()), new Claim(ClaimTypes.Name, userFromRepo.Username) }; //This will create a key and a signature. These will allow the application to validate the user var key = new SymmetricSecurityKey(Encoding.UTF8.GetBytes(_config.GetSection("AppSettings:Tokens").Value)); //This takes the key created above and hashes it. var creds = new SigningCredentials(key, SecurityAlgorithms.HmacSha512Signature); //This builds a token object. var tokenDescriptor = new SecurityTokenDescriptor { Subject = new ClaimsIdentity(claims), //Claims object from above Expires = DateTime.Now.AddDays(1), // Token Expiration with is this case is 24 dours SigningCredentials = creds // The signing credentials which includes the hashed key }; //The following lines create the token and then return the token as a object. var tokenHandler = new JwtSecurityTokenHandler(); var token = tokenHandler.CreateToken(tokenDescriptor); return(Ok(new { token = tokenHandler.WriteToken(token) })); }