public ActionResult <UserDTO> Authenticate([FromBody] JwtTokenDTO dto) { if (dto == null) { throw new ArgumentNullException(nameof(dto)); } var user = _userService.Authenticate(dto.Username, dto.Password); if (user == null) { throw new HttpUnauthorizedException("Wrong username or password"); } var tokenHandler = new JwtSecurityTokenHandler(); var key = Encoding.ASCII.GetBytes(_jwtSettings.Value.Secret); var tokenDescriptor = new SecurityTokenDescriptor { Subject = new ClaimsIdentity(new Claim[] { new Claim(ClaimTypes.Name, user.Id.ToString()) }), Expires = DateTime.UtcNow.AddHours(8), SigningCredentials = new SigningCredentials(new SymmetricSecurityKey(key), SecurityAlgorithms.HmacSha256Signature) }; var token = tokenHandler.CreateToken(tokenDescriptor); user.Token = tokenHandler.WriteToken(token); _logger.LogInformation($"Creating JWT token for '{dto.Username}'"); return(Ok(_mapper.Map <UserDTO>(user))); }
// for fixed auth public async Task <JwtTokenDTO> AuthUserFixedAsync(Login createToken) { var user = await _userManager.FindByEmailAsync(createToken.Email); if (user == null) { throw new ArgumentNullException(nameof(user)); } var result = await _signInManager.PasswordSignInAsync(user, createToken.Password, isPersistent : false, lockoutOnFailure : false); if (!result.Succeeded) { throw new ArgumentNullException(nameof(result)); } #region CreateToken // authentication successful so generate jwt token var tokenHandler = new JwtSecurityTokenHandler(); var key = new SymmetricSecurityKey(Encoding.UTF8.GetBytes(_configuration["Jwt:SigningKey"])); var tokenDescriptor = new SecurityTokenDescriptor { Issuer = _configuration["Jwt:Site"], Subject = new ClaimsIdentity(new Claim[] { new Claim(JwtRegisteredClaimNames.UniqueName, user.Id), new Claim(JwtRegisteredClaimNames.Jti, Guid.NewGuid().ToString()), new Claim(ClaimTypes.Name, user.Id.ToString()), new Claim(ClaimTypes.Role, user.Role) }), Expires = DateTime.UtcNow.AddYears(Convert.ToInt32(_configuration["Jwt:ExpiryTimeFixed"])), SigningCredentials = new SigningCredentials(key, SecurityAlgorithms.HmacSha256Signature) }; var token = tokenHandler.CreateToken(tokenDescriptor); #endregion var tokenCreated = new JwtTokenDTO { Token = tokenHandler.WriteToken(token) }; return(tokenCreated); }