public async Task <IActionResult> Login([FromBody] UserAuthenticationInfo info) { logger.LogInformation("User {user} logging in", info.UserName); var user = await userManager.FindByNameAsync(info.UserName); if (user == null) { logger.LogWarning("User {user} not found, login failed", info.UserName); return(Unauthorized()); // no such user } var isPasswordValid = await userManager.CheckPasswordAsync(user, info.Password); if (!isPasswordValid) { logger.LogWarning("User {user} supplied wrong password, login failed", info.UserName); return(Unauthorized()); } // load blog too await context.Entry(user).Reference(u => u.Blog).LoadAsync(); var token = tokenService.GenerateToken(user); logger.LogInformation("User {user} login succeeded", info.UserName); return(Ok(token)); }
public IActionResult Auth([FromBody] UserAuthenticationInfo authenticationInfo) { if (!this.ModelState.IsValid) { var error = ServiceErrorResponses.BodyIsMissing(nameof(UserAuthenticationInfo)); return(this.BadRequest()); } SessionState sessionState; try { sessionState = this.authenticator.AuthenticateAsync(authenticationInfo.Login, authenticationInfo.Password, new CancellationToken()).Result; } catch (AuthenticationException) { return(this.Unauthorized()); } this.HttpContext.Response.Cookies.Append("user_id", sessionState.UserId.ToString()); this.HttpContext.Response.Cookies.Append("pass_hash", sessionState.PasswordHash); this.HttpContext.Response.Cookies.Append("session_id", sessionState.SessionId); return(this.Ok()); }