public static string CreateToken(string name, string email, string username, string role)
{
var tokenFactory = new JwtTokenFactory(new Base64UrlUtil(true), new RsaSigningUtil("caissekey.pem", "caissekeyp.pem", HashFunctionType.Sha256));
return(tokenFactory.CreateToken("CaisseWebAPI", "CaisseWebApiAuth", name, email, 30, username, new List <string>()
{
role
}));
}
public async Task <IActionResult> Login([FromBody] LoginCredentialsModel credentials)
{
if (!ModelState.IsValid)
{
return(BadRequest(ModelState));
}
var isValid = await IsValidUser(credentials);
if (!isValid)
{
return(BadRequest("provided credentials are not valid"));
}
var user = await userManager.FindByNameAsync(credentials.UserName);
var token = jwtTokenFactory.CreateToken(user);
return(Ok(token));
}
public async Task <IActionResult> GetToken([FromRoute] string base64Url)
{
var sessionId = httpContextAccessor.HttpContext.Request.Cookies[config["Jwt:MerlinSessionKey"]];
string userId = null;
try
{
if (hostingEnvironment.IsDevelopment())
{
userId = "STU";
}
else
{
//need to use single; if more than one user has the same session ID, we should not log them in and throw exception
userId = await readContext.EpiUser
.Where(user => user.IdSession == sessionId && user.DsLoggedIn == "1")
.Select(user => user.IdUser)
.SingleAsync();
}
var identity = await service.GetIdentityAsync(userId);
var token = tokenFactory.CreateToken(identity);
return(Ok(new { token }));
}
catch (Exception ex)
{
logger.Error($"Failed to Authenticate user '{userId}'", ex);
string siteRoot = $"{Request.Scheme}://{Request.Host}{Url.Content("~")}";
string url = Encoding.UTF8.GetString(Convert.FromBase64String(base64Url));
string encodedUrl = WebUtility.UrlEncode(url);
string merlinLoginUrl = siteRoot.Replace("MerlinCore", $@"Merlin/default.aspx?returnUrl={encodedUrl}");
return(Redirect(merlinLoginUrl));
}
}