public async Task <dtoValidateUsercs> Authenticate(string userName, string password)
{
User user = await this._db.FirstOrDefault(x => x.UserName == userName && x.Password == password);
dtoValidateUsercs dtouser = new dtoValidateUsercs {
UserName = user.UserName, Password = user.Password
};
//return null if user not fond;
if (user == null)
{
return(null);
}
var tokenhandler = new JwtSecurityTokenHandler();
var key = Encoding.ASCII.GetBytes(_appSettings.key);
var tokenDescriptor = new SecurityTokenDescriptor
{
Subject = new System.Security.Claims.ClaimsIdentity(new Claim[] {
new Claim(ClaimTypes.Name, user.Id.ToString()),
new Claim(ClaimTypes.Role, "Admin"),
new Claim(ClaimTypes.Version, "V3.1")
}),
Expires = DateTime.UtcNow.AddDays(2),
SigningCredentials = new SigningCredentials(new SymmetricSecurityKey(key), SecurityAlgorithms.HmacSha256Signature)
};
var token = tokenhandler.CreateToken(tokenDescriptor);
dtouser.Token = tokenhandler.WriteToken(token);
dtouser.Password = null;
return(dtouser);
}
public dtoValidateUsercs CreateToken(User user, Guid tenentid)
{
dtoValidateUsercs dtouser = new dtoValidateUsercs
{
Id = user.Id,
UserName = user.UserName,
Password = user.Password,
Role = user.Role,
Tenentid = tenentid,
};
var tokenDescriptor = new SecurityTokenDescriptor
{
Subject = new System.Security.Claims.ClaimsIdentity(
new Claim[]
{
// new Claim(ClaimTypes.Name, userName)
new Claim("id", dtouser.Id.ToString()),
new Claim("username", dtouser.UserName),
new Claim("password", dtouser.Password),
new Claim("role", dtouser.Role),
new Claim("tenentId", dtouser.Tenentid.ToString())
}
),
Expires = DateTime.UtcNow.AddMinutes(30),
SigningCredentials = new SigningCredentials(
new SymmetricSecurityKey(secrectKey),
SecurityAlgorithms.HmacSha256Signature
)
};
var token = tokenHandler.CreateToken(tokenDescriptor);
dtouser.Token = tokenHandler.WriteToken(token);
return(dtouser);
}
public async Task <ActionResult <dtoValidateUsercs> > Post([FromBody] DtoUser dtouser)
{
dtoValidateUsercs user = await _authenticatservice.Authenticate(dtouser.UserName, dtouser.Password);
if (user == null)
{
return(BadRequest(new { message = "Username or Password in Incorrect" }));
}
return(Ok(user));
}
public async Task <ActionResult <User> > GetUserAsPerId(Guid tenentId, string username, string password)
{
//EncryptAndDecrypt.ConvertToDecrypt(password)
if (tenentId.ToString() == null || username == null || password == null)
{
return(BadRequest("Invalid UserName And Password"));
}
User validateUser = new User {
UserName = username, Password = password
};
User user = await this._Userrepo.FirstOrDefault(x => x.UserName == username && x.Password == password && x.Tenent.Id == tenentId);
if (user == null)
{
return(BadRequest("No User Found"));
}
dtoValidateUsercs token = _tokenManager.CreateToken(user, tenentId);
return(Ok(token));
}
