public async Task <CreateToken.Response> CreateToken(CreateToken.Request request, CancellationToken cancellationToken = default) { var identityUser = await _userManager.FindByNameAsync(request.Username); if (identityUser == null) { throw new IdentityUserNotFoundException("Пользователь не найден"); } var passwordCheckResult = await _userManager.CheckPasswordAsync(identityUser, request.Password); if (!passwordCheckResult) { throw new NoRightsException("Неправильный логин или пароль"); } var claims = new List <Claim> { new Claim(ClaimTypes.Name, request.Username), new Claim(ClaimTypes.NameIdentifier, identityUser.Id) }; var userRoles = await _userManager.GetRolesAsync(identityUser); claims.AddRange(userRoles.Select(role => new Claim(ClaimTypes.Role, role))); var token = new JwtSecurityToken ( claims: claims, expires: DateTime.UtcNow.AddDays(60), notBefore: DateTime.UtcNow, signingCredentials: new SigningCredentials( new SymmetricSecurityKey(Encoding.UTF8.GetBytes(_configuration["Token:Key"])), SecurityAlgorithms.HmacSha256 ) ); return(new CreateToken.Response { Token = new JwtSecurityTokenHandler().WriteToken(token) }); }
public async Task <CreateToken.Response> CreateToken(CreateToken.Request request, CancellationToken cancellationToken = default) { var identityUserFindByEmail = await _userManager.FindByEmailAsync(request.Login); IdentityUser identityUser; if (identityUserFindByEmail == null) { var identityUserFindByUsername = await _userManager.FindByNameAsync(request.Login); if (identityUserFindByUsername == null) { throw new IdentityUserNotFoundException("Пользователь не найден"); } identityUser = identityUserFindByUsername; } else { identityUser = identityUserFindByEmail; } var resultSignIn = await _signInManager.PasswordSignInAsync(identityUser, request.Password, true, true); if (!resultSignIn.Succeeded) { throw new HaveNoRightException("Неправильный логин или пароль"); } if (resultSignIn.IsLockedOut) { throw new UserIsBlockedException($"Пользователь с Id({identityUser.Id}) заблокирован до {identityUser.LockoutEnd}"); } var isEmailConfirmed = await _userManager.IsEmailConfirmedAsync(identityUser); if (!isEmailConfirmed) { throw new HaveNoRightException("Подтвердите почту, чтобы войти!"); } var claims = new List <Claim> { new Claim(ClaimTypes.Email, identityUser.Email), new Claim(ClaimTypes.NameIdentifier, identityUser.Id) }; var userRoles = await _userManager.GetRolesAsync(identityUser); claims.AddRange(userRoles.Select(role => new Claim(ClaimTypes.Role, role))); var token = new JwtSecurityToken ( claims: claims, expires: DateTime.UtcNow.AddHours(TOKEN_EXPIRES_TIME), notBefore: DateTime.UtcNow, signingCredentials: new SigningCredentials( new SymmetricSecurityKey(Encoding.UTF8.GetBytes(_configuration["Token:Key"])), SecurityAlgorithms.HmacSha256 ) ); var domainUserId = await _userManager.GetUserIdAsync(identityUser).ConfigureAwait(false); var domainUser = await _userRepository.FindById(domainUserId, cancellationToken); return(new CreateToken.Response { Token = new JwtSecurityTokenHandler().WriteToken(token), UserRole = userRoles[0], UserName = domainUser.Username, UserAvatar = domainUser.Avatar, UserId = domainUserId }); }