internal UserAccounts LoginUser(IncomingLoginRequest request) { var account = Context.UserAccounts .FirstOrDefault(x => x.Email == request.Email); if (account == null) { return(null); } string hashed = Convert.ToBase64String(KeyDerivation.Pbkdf2( password: request.Password, salt: Convert.FromBase64String(account.Salt), prf: KeyDerivationPrf.HMACSHA1, iterationCount: 10000, numBytesRequested: 256 / 8)); if (hashed == account.Password) { return(account); } else { return(null); } }
public async Task <JsonResult> Login([FromBody] IncomingLoginRequest request) { var jsonrResult = Json("False"); // var result = Json("failed"); using (var context = new UsersContext(Context, Configuration)) { var result = context.LoginUser(request); if (result != null) { jsonrResult = Json("Success"); var identity = new ClaimsIdentity(CookieAuthenticationDefaults.AuthenticationScheme, ClaimTypes.Name, ClaimTypes.Role); identity.AddClaim(new Claim(ClaimTypes.NameIdentifier, result.Email)); identity.AddClaim(new Claim(ClaimTypes.Actor, result.Id.ToString())); identity.AddClaim(new Claim(ClaimTypes.Email, result.ProjectRights.Value.ToString())); identity.AddClaim(new Claim(ClaimTypes.Role, "User")); // identity.AddClaim(new Claim(ClaimTypes.Name, result.FirstName)); // identity.AddClaim(new Claim(ClaimTypes.Role, "User")); // identity.AddClaim(new Claim(ClaimTypes.SerialNumber, result.SubscriptionId.ToString())); var principal = new ClaimsPrincipal(identity); var authProperties = new AuthenticationProperties { AllowRefresh = true, ExpiresUtc = DateTimeOffset.Now.AddDays(1), IsPersistent = true, }; await HttpContext.SignInAsync(CookieAuthenticationDefaults.AuthenticationScheme, new ClaimsPrincipal(principal), authProperties); return(jsonrResult); // return new OutgoingJsonData { Data = JsonConvert.SerializeObject(result) }; } } return(jsonrResult); }