public async System.Threading.Tasks.Task <IActionResult> LoginAsync(string username, string password)
{
if (await _authenticationService.IsValidUserAsync(username, password))
{
return(Content("You are not logged in " + username));
}
return(RedirectToAction("Login"));
}
protected override async Task <AuthenticateResult> HandleAuthenticateAsync()
{
// return no result if authorization header is not in the request
if (!Request.Headers.ContainsKey("Authorization"))
{
return(AuthenticateResult.NoResult());
}
// no result if the authentication header is not valid
if (!AuthenticationHeaderValue.TryParse(Request.Headers["Authorization"], out AuthenticationHeaderValue headerValue))
{
return(AuthenticateResult.NoResult());
}
// make sure scheme is "Basic" if not, then return no result
if (!"Basic".Equals(headerValue.Scheme, StringComparison.OrdinalIgnoreCase))
{
return(AuthenticateResult.NoResult());
}
// decode the user name and password from the header value
byte[] headerValueBytes = Convert.FromBase64String(headerValue.Parameter);
string userAndPassword = Encoding.UTF8.GetString(headerValueBytes);
// user name and password will be seperated by a colon
string[] parts = userAndPassword.Split(":");
if (parts.Length != 2)
{
return(AuthenticateResult.Fail("Invalid Basic authentication header"));
}
string user = parts[0];
string password = parts[1];
bool isValidUser = await _authenticationService.IsValidUserAsync(user, password);
if (!isValidUser)
{
return(AuthenticateResult.Fail("Invalid username or password"));
}
// only claim is their username
Claim[] claims = new Claim[] { new Claim(ClaimTypes.Name, user) };
// create an identity with the username claim
// Scheme is the authentication scheme, its a property of the authentication handler class
var identity = new ClaimsIdentity(claims, Scheme.Name);
// create a principal with the user identity
ClaimsPrincipal principal = new ClaimsPrincipal(identity);
// we need the authentication ticket to pass to the authenticationResult.Success method
AuthenticationTicket ticket = new AuthenticationTicket(principal, Scheme.Name);
return(AuthenticateResult.Success(ticket));
}
protected override async Task <AuthenticateResult> HandleAuthenticateAsync()
{
const string BasicScheme = "Basic";
if (!Request.Headers.ContainsKey("Authorization"))
{
return(AuthenticateResult.NoResult());
}
if (!AuthenticationHeaderValue.TryParse(Request.Headers["Authorization"], out AuthenticationHeaderValue headerValue))
{
return(AuthenticateResult.NoResult());
}
if (!BasicScheme.Equals(headerValue.Scheme, StringComparison.OrdinalIgnoreCase))
{
return(AuthenticateResult.NoResult());
}
// get the credentials from the authorization header
byte[] headerValueBytes = Convert.FromBase64String(headerValue.Parameter);
string userAndPassword = Encoding.UTF8.GetString(headerValueBytes);
string[] parts = userAndPassword.Split(':');
if (parts.Length != 2)
{
return(AuthenticateResult.Fail("Invalid Basic authentication header"));
}
string username = parts[0];
string password = parts[1];
bool isValidUser = await _authenticationService.IsValidUserAsync(Options, username, password);
if (!isValidUser)
{
return(AuthenticateResult.Fail("Invalid username or password"));
}
var claims = new[] { new Claim(ClaimTypes.Name, username) };
var identity = new ClaimsIdentity(claims, Scheme.Name);
var principal = new ClaimsPrincipal(identity);
var ticket = new AuthenticationTicket(principal, Scheme.Name);
return(AuthenticateResult.Success(ticket));
}
