Esempio n. 1
0
        private string GenerateToken(UserReturnDto userInfo)
        {
            var securityKey = new SymmetricSecurityKey(Encoding.UTF8.GetBytes(_config["Jwt:Key"]));
            var credentials = new SigningCredentials(securityKey, SecurityAlgorithms.HmacSha256);

            var claims = new[]
            {
                new Claim(JwtRegisteredClaimNames.Sub, userInfo.Guid),
                new Claim(JwtRegisteredClaimNames.Jti, Guid.NewGuid().ToString()),
                new Claim(JwtRegisteredClaimNames.Aud, _config["Jwt:Audience"]),
                new Claim(type: "roles", value: userInfo.Role ?? "Buyer")
            };

            var token = new JwtSecurityToken(
                issuer: _config["Jwt:Issuer"],
                audience: _config["Jwt:Audience"],
                claims: claims,
                expires: DateTime.Now.AddDays(7),
                signingCredentials: credentials
                );

            var encodedToken = new JwtSecurityTokenHandler().WriteToken(token);

            return(encodedToken);
        }
Esempio n. 2
0
        public async Task <(UserReturnDto userCredentials, string token)> Login(UserLoginDto loginCreds)
        {
            UserReturnDto loggedUser = await AuthecticateUser(loginCreds);

            if (loggedUser != null)
            {
                string token = GenerateToken(loggedUser);
                return(loggedUser, token);
            }

            return(null, null);
        }
Esempio n. 3
0
        public ActionResult <UserReturnDto> Authenticate(LoginDto login)
        {
            User user = _context.User.Include(u => u.Faculty).Include(u => u.Department).Include(u => u.Type).FirstOrDefault(user => user.Username == login.Username && user.Password == login.Password);

            // return null if user not found
            if (user == null)
            {
                return(NotFound());
            }

            // authentication successful so generate jwt token
            JwtSecurityTokenHandler tokenHandler = new JwtSecurityTokenHandler();

            byte[] key = Encoding.ASCII.GetBytes(_userSettings.Secret);
            SecurityTokenDescriptor tokenDescriptor = new SecurityTokenDescriptor
            {
                Subject = new ClaimsIdentity(new Claim[]
                {
                    new Claim("Id", user.PID),
                    new Claim("Type", user.Type.TypeName.ToString()),
                }),
                Expires            = DateTime.UtcNow.AddDays(7),
                SigningCredentials = new SigningCredentials(new SymmetricSecurityKey(key), SecurityAlgorithms.HmacSha256Signature)
            };
            SecurityToken token      = tokenHandler.CreateToken(tokenDescriptor);
            UserReturnDto userReturn = new UserReturnDto()
            {
                PID        = user.PID,
                Fname      = user.Fname,
                Lname      = user.Lname,
                Bdate      = user.Bdate,
                Username   = user.Username,
                Faculty    = user.Faculty,
                Department = user.Department,
                Sex        = user.Sex,
                Type       = user.Type.TypeName,
                Phone      = user.Phone,
                Email      = user.Email,
                ImgUrl     = user.ImgUrl,
                Token      = tokenHandler.WriteToken(token)
            };

            return(userReturn);
        }
Esempio n. 4
0
        private async Task <UserReturnDto> AuthecticateUser(UserLoginDto loginCreds)
        {
            var pass = Helper.ComputeHash(loginCreds.Password);
            var usr  = await _context.Users
                       .FirstOrDefaultAsync(u => u.NormalizedEmail == loginCreds.Email.ToLower());

            if (usr != null)
            {
                bool isValid = Helper.Equals(usr.PasswordHash, pass);
                if (isValid)
                {
                    UserReturnDto userReturnDto = new UserReturnDto()
                    {
                        Guid     = usr.Guid,
                        Username = usr.Username,
                        Email    = usr.Email,
                        Role     = usr.Role ?? "Buyer"
                    };
                    return(userReturnDto);
                }
            }
            return(null);
        }