public static void SetAuthorizationCookie(this HttpResponseBase response, UserModel userModel)
{
var jwtToken = JwtTokenProvider.GenerateAccessToken(JwtTokenProvider.WebAudience, userModel);
var cookie = new HttpCookie("token", jwtToken)
{
Expires = userModel.RememberMe ? DateTime.UtcNow.AddYears(1) : DateTime.UtcNow.AddMinutes(30)
};
response.SetCookie(cookie);
}
public async Task <HttpResponseMessage> Token()
{
var username = Request.Headers.Contains("username") ? Request.Headers.GetValues("username").FirstOrDefault() : null;
var password = Request.Headers.Contains("password") ? Request.Headers.GetValues("password").FirstOrDefault() : null;
var language = Request.Headers.Contains("language") ? Request.Headers.GetValues("language").FirstOrDefault() : null;
User user = await _authenticationService.GetUser(username);
var response = Request.CreateResponse(System.Net.HttpStatusCode.OK, false);
if (user == null)
{
return(response);
}
using (SHA1 sha = new SHA1CryptoServiceProvider())
{
byte[] passwordHash = sha.ComputeHash(Encoding.Default.GetBytes(password));
if (await _authenticationService.IsUserValid(username, passwordHash))
{
response = Request.CreateResponse(System.Net.HttpStatusCode.OK, false);
var requestSource = Request.Headers.Contains("RequestSource") ? Request.Headers.GetValues("RequestSource") : null;
var audience = JwtTokenProvider.DesktopAudience;
if (requestSource.Contains("App : KL²"))
{
audience = JwtTokenProvider.DesktopAudience;
}
else if (requestSource.Contains("App : Web"))
{
audience = JwtTokenProvider.WebAudience;
}
else
{
audience = JwtTokenProvider.TabletAudience;
}
user.CurrentLanguageCode = language ?? user.DefaultLanguageCode;
response.Headers.Add("token", JwtTokenProvider.GenerateAccessToken(audience, user.ToUserModel()));
}
}
return(response);
}
