private bool ValidateToken(string token, out IPrincipal simplePrinciple)
{
string username = null;
string role = null;
simplePrinciple = JwtTokenLibrary.GetPrincipal(token);
if (simplePrinciple == null)
{
return(false);
}
var identity = simplePrinciple.Identity as ClaimsIdentity;
if (identity == null)
{
return(false);
}
if (!identity.IsAuthenticated)
{
return(false);
}
var usernameClaim = identity.FindFirst(ClaimTypes.Name);
username = usernameClaim?.Value;
if (string.IsNullOrEmpty(username))
{
return(false);
}
var roleClaim = identity.FindFirst(ClaimTypes.Role);
role = roleClaim?.Value;
if (string.IsNullOrEmpty(role) && role.ToLower() != "admin" && role.ToLower() != "teacher" && role.ToLower() != "student")
{
return(false);
}
return(true);
}
public string GetToken()
{
string username = HttpContext.Current.Request.Headers["username"];
string password = HttpContext.Current.Request.Headers["password"];
if (username == null || password == null)
{
throw new Exception("Unauthorized");
}
BusinessContext context = new BusinessContext();
User user = context.UserBusiness.ReadUser(username, password);
if (user == null)
{
throw new Exception("Unauthorized");
}
return(JwtTokenLibrary.GenerateToken(username, user.Role.ToString(), RsaEncryption.Encryption(password)));
}
