public async Task <ActionResult> Post([FromBody] SignInAccountRequestDTO signInAccountDTO)
{
var response = new SignInAccountResponseDTO();
Microsoft.AspNetCore.Identity.SignInResult result = await _signInManager.PasswordSignInAsync(signInAccountDTO.UserName, signInAccountDTO.PlainPassword, false, false);
if (result.Succeeded)
{
User appUser = _userManager.Users.SingleOrDefault(r => r.Email == signInAccountDTO.UserName);
var accessTokenPayload = new JWTAccessTokenPayloadModel();
accessTokenPayload.UniqueId = Guid.NewGuid().ToString();
accessTokenPayload.UserId = appUser.Id;
accessTokenPayload.UserName = appUser.UserName;
accessTokenPayload.UserRoles = await _userManager.GetRolesAsync(appUser);
response.AccessToken = GetAccessToken(accessTokenPayload);
var refreshTokenPayload = new JWTRefreshTokenPayloadModel();
refreshTokenPayload.UniqueId = Guid.NewGuid().ToString();
refreshTokenPayload.AccessToken = response.AccessToken;
response.RefreshToken = GetRefreshToken(refreshTokenPayload);
response.Message.Add("Signed in successfully.");
response.Status = true;
return(Ok(response));
}
response.Message.Add("Credentials are invalid.");
response.Status = false;
return(BadRequest(response));
}
public async Task <ActionResult> Post([FromBody] CreateAccountRequestDTO createAccountDTO)
{
var appUser = new User();
appUser.UserName = createAccountDTO.UserName;
appUser.Email = createAccountDTO.UserName;
appUser.FirstName = createAccountDTO.FirstName;
appUser.LastName = createAccountDTO.LastName;
var response = new CreateAccountResponseDTO();
string scheme = HttpContext.Request.Scheme;
string callbackUrl = Url.RouteUrl("Post", "Account", null, scheme);
callbackUrl = Url.Action("Post", "Account", null, scheme);
IdentityResult result = await _userManager.CreateAsync(appUser, createAccountDTO.PlainPassword);
if (result.Succeeded)
{
var accessTokenPayload = new JWTAccessTokenPayloadModel();
accessTokenPayload.UniqueId = Guid.NewGuid().ToString();
accessTokenPayload.UserId = appUser.Id;
accessTokenPayload.UserName = appUser.UserName;
accessTokenPayload.UserRoles = await _userManager.GetRolesAsync(appUser);
response.AccessToken = GetAccessToken(accessTokenPayload);
var refreshTokenPayload = new JWTRefreshTokenPayloadModel();
refreshTokenPayload.UniqueId = Guid.NewGuid().ToString();
refreshTokenPayload.AccessToken = response.AccessToken;
response.RefreshToken = GetRefreshToken(refreshTokenPayload);
response.Message.Add("Account created successfully.");
response.Message.Add("Signed in successfully.");
response.Status = true;
return(Ok(response));
}
response.Message = result.Errors.Select(prop => prop.Description).ToList();
response.Status = false;
return(BadRequest(response));
}
private string GetRefreshToken(JWTRefreshTokenPayloadModel payload)
{
var claims = new List <Claim>();
claims.Add(new Claim(JwtRegisteredClaimNames.Jti, payload.UniqueId));
claims.Add(new Claim(JwtRegisteredClaimNames.Sub, payload.AccessToken));
var key = new SymmetricSecurityKey(Encoding.UTF8.GetBytes(_configuration["JwtConfigure:Secret"]));
var creds = new SigningCredentials(key, SecurityAlgorithms.HmacSha256);
var expires = DateTime.Now.AddMinutes(Convert.ToInt32(_configuration["JwtConfigure:RefreshTokenExpireDate"]));
JwtSecurityToken jwtSecurityToken = new JwtSecurityToken(
_configuration["JwtConfigure:Issuer"],
_configuration["JwtConfigure:Issuer"],
claims,
expires: expires,
signingCredentials: creds
);
string accessToken = new JwtSecurityTokenHandler().WriteToken(jwtSecurityToken);
return(accessToken);
}
