예제 #1
0
        public async Task <IActionResult> AuthenticateAsync([FromBody] AuthenticateApiModel authenticate)
        {
            var user = await _userService.AuthenticateAsync(authenticate.Username, authenticate.Password);

            // return null if user not found
            if (user == null)
            {
                return(null);
            }

            // authentication successful so generate jwt token
            var tokenHandler    = new JwtSecurityTokenHandler();
            var key             = Encoding.ASCII.GetBytes(_configuration.GetSection("AppSettings:Secret").Value);
            var tokenDescriptor = new SecurityTokenDescriptor
            {
                Subject = new ClaimsIdentity(new Claim[]
                {
                    new Claim(ClaimTypes.Name, user.Id.ToString())
                }),
                Expires            = DateTime.UtcNow.AddDays(7),
                SigningCredentials = new SigningCredentials(new SymmetricSecurityKey(key), SecurityAlgorithms.HmacSha256Signature)
            };
            var token = tokenHandler.CreateToken(tokenDescriptor);

            user.Token = tokenHandler.WriteToken(token);

            return(new OkObjectResult(user));
        }
예제 #2
0
        public async Task <IActionResult> Authenticate([FromBody] AuthenticateApiModel model)
        {
            var pinLookup = Pin.GeneratePinLookup(model.EmailAddress, config.SecretEmailSalt);
            var validPin  = await loginService.VerifyPin(model.EmailAddress, pinLookup, model.PinCode);

            if (!validPin)
            {
                return(BadRequest("Pin provided is invalid"));
            }

            var accessToken = await loginService.UpsertUser(model.Name, model.EmailAddress, model.CountryCode);

            return(Ok(accessToken));
        }
        public async Task <IActionResult> Authenticate([FromBody] AuthenticateApiModel model)
        {
            var user = _context.Users.FirstOrDefault(u => u.Name.Equals(model.Name));

            if (user != null && user.Identifier.Equals(SecurityService.Hash(model.Identifier, user.Salt)))
            {
                var identity = new ClaimsIdentity(new[]
                {
                    new Claim(ClaimTypes.Name, user.Name),
                    new Claim(ClaimTypes.Email, user.Name)
                }, CookieAuthenticationDefaults.AuthenticationScheme);
                await HttpContext.Authentication.SignInAsync(CookieAuthenticationDefaults.AuthenticationScheme, new ClaimsPrincipal(identity));

                // Return encrypted key store
                return(Json(new { result = true, keyStore = user.KeyStore }));
            }
            return(Json(new { result = false }));
        }