public IActionResult Authenticate(UserIdentity userIdentity) { if (!PortalUser.Valid(userIdentity.LoginId, userIdentity.Passcode)) { return(Unauthorized("Crendential supplied not found.")); } PortalUser user = PortalUser.Get(userIdentity.LoginId); var claims = new List <Claim> { new Claim(ClaimTypes.Email, user.LoginId), new Claim(ClaimTypes.Name, user.Name), new Claim(ClaimTypes.Role, user.Role) }; var claimsIdentity = new ClaimsIdentity( claims, CookieAuthenticationDefaults.AuthenticationScheme); var authProperties = new AuthenticationProperties { ExpiresUtc = DateTimeOffset.UtcNow.AddMinutes(3), IsPersistent = false, }; HttpContext.SignInAsync( CookieAuthenticationDefaults.AuthenticationScheme, new ClaimsPrincipal(claimsIdentity), authProperties).Wait(); return(Ok("Authenticated")); }
public override async Task ValidatePrincipal(CookieValidatePrincipalContext context) { var user = (from c in context.Principal.Claims where c.Type == ClaimTypes.Email select c.Value).FirstOrDefault(); if (!user.Equals(PortalUser.Get(user).LoginId, System.StringComparison.InvariantCultureIgnoreCase)) { context.RejectPrincipal(); context.Response.StatusCode = 401; await context.HttpContext.SignOutAsync( CookieAuthenticationDefaults.AuthenticationScheme); } else { } }