public async Task AuthenticateRequestAsync( HttpContext context, FaToolUserManager userManager) { var authCookie = context.Request.Cookies[FormsAuthentication.FormsCookieName]; if (authCookie != null) { FormsAuthenticationTicket authTicket = FormsAuthentication.Decrypt(authCookie.Value); if (authTicket != null && !authTicket.Expired) { var user = await userManager.FindByNameAsync(authTicket.Name); if (user != null) { var identity = await userManager.CreateIdentityAsync(user, DefaultAuthenticationTypes.ApplicationCookie); context.User = new ClaimsPrincipal(identity); } } else if (authTicket.Expired) { throw new HttpException((int)HttpStatusCode.Unauthorized, "Login has been expired."); } } }
private async Task <string> GenerateJwtTokenAsync( FaToolUserManager userManager, FaToolUser user) { var identity = await userManager.CreateIdentityAsync(user, DefaultAuthenticationTypes.ApplicationCookie); var claims = identity.Claims; var key = new SymmetricSecurityKey(Encoding.UTF8.GetBytes("SOME_RANDOM_KEY_DO_NOT_SHARE")); var creds = new SigningCredentials(key, SecurityAlgorithms.HmacSha256); var expires = DateTime.Now.AddMinutes(30); var issuer = "http://fatool.com"; var tokenHandler = new JwtSecurityTokenHandler(); var token = new JwtSecurityToken( issuer, issuer, claims, expires: expires, signingCredentials: creds ); return(tokenHandler.WriteToken(token)); }