public IActionResult AuthenticateUser([FromBody] LoginViewModel login)
{
IActionResult response = BadRequest(new { message = "Authentication failed." });
var user = Authenticate(login);
if (user != null)
{
var claims = new[]
{
new Claim(JwtRegisteredClaimNames.NameId, user.Id),
new Claim(JwtRegisteredClaimNames.GivenName, user.Name),
new Claim(JwtRegisteredClaimNames.Sub, user.Name),
new Claim(JwtRegisteredClaimNames.Email, user.Email),
new Claim(JwtRegisteredClaimNames.Jti, Guid.NewGuid().ToString())
};
var tokenString = _JWTHelper.createJWTToken(claims.ToList());
var encryptedToken = _cryptoHelper.encrypt(tokenString);
string _cookieName = _cookieHelper.GetCookieName();
_cookieHelper.WriteCookie(_cookieName, encryptedToken);
response = Ok(new { token = encryptedToken, redirectUrl = _configuration["AppSettings:homePageUrl"] });
}
return(response);
}
public async Task Invoke(HttpContext context)
{
try
{
IHeaderDictionary headers = context.Request.Headers;
ICookieHelper _cookieHelper = context.GetInstanceFromContext <ICookieHelper>();
IJWTHelper _JWTHelper = context.GetInstanceFromContext <IJWTHelper>();
ICryptoHelper _cryptoHelper = context.GetInstanceFromContext <ICryptoHelper>();
string cookieName = _cookieHelper.GetCookieName();
if (!_cookieHelper.isCookieDeleted(cookieName))
{
string updatedToken = _JWTHelper.updateJWTToken();
string encryptedToken = _cryptoHelper.encrypt(updatedToken);
_cookieHelper.UpdateCookie(encryptedToken);
}
}
catch (Exception ex)
{
Console.WriteLine(ex.Message);
}
finally
{
await _next.Invoke(context);
}
}
public async Task Invoke(HttpContext context)
{
try
{
IHeaderDictionary headers = context.Request.Headers;
ICookieHelper _cookieHelper = context.GetInstanceFromContext <ICookieHelper>();
IJWTHelper _JWTHelper = context.GetInstanceFromContext <IJWTHelper>();
ICryptoHelper _cryptoHelper = context.GetInstanceFromContext <ICryptoHelper>();
string cookie = _cookieHelper.GetCookie(_cookieHelper.GetCookieName());
// Get JWT from request header.
string hdrJWT = _JWTHelper.getBearerHeaderValue(headers);
// If header doesn't have a JWT but the cookie does, add the cookie's JWT to the header.
if (String.IsNullOrEmpty(hdrJWT) && !String.IsNullOrEmpty(cookie))
{
string decryptedJWTToken = _cryptoHelper.decrypt(cookie);
_JWTHelper.setClaimsFromCookie(decryptedJWTToken);
string bearerToken = string.Format("Bearer {0}", cookie);
headers.SetCommaSeparatedValues("Authorization", bearerToken);
}
}
catch (Exception ex)
{
Console.WriteLine(ex.Message);
}
finally
{
await _next.Invoke(context);
}
}