private string GenerateToken(UserReturnDto userInfo) { var securityKey = new SymmetricSecurityKey(Encoding.UTF8.GetBytes(_config["Jwt:Key"])); var credentials = new SigningCredentials(securityKey, SecurityAlgorithms.HmacSha256); var claims = new[] { new Claim(JwtRegisteredClaimNames.Sub, userInfo.Guid), new Claim(JwtRegisteredClaimNames.Jti, Guid.NewGuid().ToString()), new Claim(JwtRegisteredClaimNames.Aud, _config["Jwt:Audience"]), new Claim(type: "roles", value: userInfo.Role ?? "Buyer") }; var token = new JwtSecurityToken( issuer: _config["Jwt:Issuer"], audience: _config["Jwt:Audience"], claims: claims, expires: DateTime.Now.AddDays(7), signingCredentials: credentials ); var encodedToken = new JwtSecurityTokenHandler().WriteToken(token); return(encodedToken); }
public async Task <(UserReturnDto userCredentials, string token)> Login(UserLoginDto loginCreds) { UserReturnDto loggedUser = await AuthecticateUser(loginCreds); if (loggedUser != null) { string token = GenerateToken(loggedUser); return(loggedUser, token); } return(null, null); }
public ActionResult <UserReturnDto> Authenticate(LoginDto login) { User user = _context.User.Include(u => u.Faculty).Include(u => u.Department).Include(u => u.Type).FirstOrDefault(user => user.Username == login.Username && user.Password == login.Password); // return null if user not found if (user == null) { return(NotFound()); } // authentication successful so generate jwt token JwtSecurityTokenHandler tokenHandler = new JwtSecurityTokenHandler(); byte[] key = Encoding.ASCII.GetBytes(_userSettings.Secret); SecurityTokenDescriptor tokenDescriptor = new SecurityTokenDescriptor { Subject = new ClaimsIdentity(new Claim[] { new Claim("Id", user.PID), new Claim("Type", user.Type.TypeName.ToString()), }), Expires = DateTime.UtcNow.AddDays(7), SigningCredentials = new SigningCredentials(new SymmetricSecurityKey(key), SecurityAlgorithms.HmacSha256Signature) }; SecurityToken token = tokenHandler.CreateToken(tokenDescriptor); UserReturnDto userReturn = new UserReturnDto() { PID = user.PID, Fname = user.Fname, Lname = user.Lname, Bdate = user.Bdate, Username = user.Username, Faculty = user.Faculty, Department = user.Department, Sex = user.Sex, Type = user.Type.TypeName, Phone = user.Phone, Email = user.Email, ImgUrl = user.ImgUrl, Token = tokenHandler.WriteToken(token) }; return(userReturn); }
private async Task <UserReturnDto> AuthecticateUser(UserLoginDto loginCreds) { var pass = Helper.ComputeHash(loginCreds.Password); var usr = await _context.Users .FirstOrDefaultAsync(u => u.NormalizedEmail == loginCreds.Email.ToLower()); if (usr != null) { bool isValid = Helper.Equals(usr.PasswordHash, pass); if (isValid) { UserReturnDto userReturnDto = new UserReturnDto() { Guid = usr.Guid, Username = usr.Username, Email = usr.Email, Role = usr.Role ?? "Buyer" }; return(userReturnDto); } } return(null); }