public IActionResult Get([FromForm] vm.Authenticate model)
{
if (model == null)
{
return(this.BadRequest());
}
var user = this.Users.Query.FirstOrDefault(x => x.UserName == model.UserName);
if (user == null)
{
return(this.BadRequest("User not found"));
}
if (!PasswordProvider.Verify(model.Password, user.Password))
{
return(this.BadRequest("Incorrect user name or password"));
}
var claims = this.GetClaims(user);
var token = this.Token.Generate(claims);
return(this.Ok(new
{
access_token = token
}));
}
public void VerifyShouldReturnTrue()
{
// Arrange
IPasswordProvider passwordProvider = new PasswordProvider();
var password = "******";
var passwordHashed = passwordProvider.Hash(password);
// Act
var result = passwordProvider.Verify(password, passwordHashed);
// Assert
result.Should().BeTrue();
}
public async Task <IActionResult> Login([FromForm] vm.Authenticate model)
{
if (model == null)
{
return(this.BadRequest());
}
var user =
this.Users
.Query
.WithPharmacy()
.FirstOrDefault(x => x.UserName == model.UserName);
if (user == null)
{
return(this.BadRequest("User not found"));
}
if (!PasswordProvider.Verify(model.Password, user.Password))
{
return(this.BadRequest("Incorrect user name or password"));
}
var claims = this.GetClaims(user);
var entity = new ClaimsIdentity(claims, CookieAuthenticationDefaults.AuthenticationScheme);
await
this.HttpContext
.SignInAsync(CookieAuthenticationDefaults.AuthenticationScheme, new ClaimsPrincipal(entity));
var referer = new Uri(this.Request.Headers["Referer"].ToString());
var request =
HttpUtility.ParseQueryString(referer.Query)
.Get("ReturnUrl");
if (user.PharmacyId.HasValue)
{
this.Data.Pharmacy.TryAdd(user.UserName, user.Pharmacy.Id);
}
return
(!string.IsNullOrWhiteSpace(request)
? this.Redirect(request)
: this.Redirect("/"));
}
public bool CheckCredentials(string username, string password)
{
Printer.WriteLine($"Validando credenciales\r\n Usuario: {username}\r\n Contraseña: {password}\r\n");
if (string.IsNullOrWhiteSpace(username) || string.IsNullOrWhiteSpace(password))
{
Printer.WriteLine($"Resultado: NO VALIDO - El nombre de usuario o la contraseña es NULL");
return(false);
}
var ide = Repository.Find(username);
if (ide == null)
{
Printer.WriteLine($"Resultado: NO VALIDO - No se ha encontrado una identidad con ese nombre de usuario");
return(false);
}
var res = PasswordProvider.Verify(password, ide.PasswordHash, ide.PasswordSalt);
if (res)
{
Printer.WriteLine($"Resultado: VALIDO");
}
return(res);
}