// [ValidateAntiForgeryToken] public async Task <ActionResult> Login(LoginModel model) { var error = ""; ApiToken tokenData = null; if (ModelState.IsValid) { if (WebSecurity.Login(model.Email, new Security(model.Password).Encrypt(), persistCookie: false)) //Check the database { var user = GetUserRepository().GetUserProfile(model.Email); string role = ((UserRole)user.RoleId).ToString(); string baseUrl = Request.Url.AbsoluteUri.ToLowerInvariant().Contains("localhost") ? AppKeys.LocalApiDomain : AppKeys.LocalApiDomain; tokenData = await WebHelper.GetTokenAsync(model.Email, model.Password, baseUrl); List <Claim> claims = new ClaimExtension().AddClaims(model.Email, user.UserId.ToString(), user.FirstName + " " + user.LastName, role); if (null != claims) { AddClaims(claims); } } else { error = ("Invalid username or password!."); } } else { error = ("Data is not valid!."); } return(Json(new { status = error == "", error, tokenData })); }
/// <summary> /// Create authentication token voor given user /// </summary> /// <param name="user">The user that want to login</param> /// <returns>The created token</returns> public string CreateAuthenticationToken(User user) { Claim[] claims = ClaimExtension.GenerateUserClaims(user.ID, user.Name); SymmetricSecurityKey key = new SymmetricSecurityKey(Encoding.UTF8.GetBytes(_configuration["AppSettings:AppSecret"])); SigningCredentials credentials = new SigningCredentials(key, SecurityAlgorithms.HmacSha512Signature); IdentityModelEventSource.ShowPII = true; SecurityTokenDescriptor tokenDescriptor = new SecurityTokenDescriptor { Subject = new ClaimsIdentity(claims, "jwt"), Expires = DateTime.Now.AddDays(1), SigningCredentials = credentials }; JwtSecurityTokenHandler tokenHandler = new JwtSecurityTokenHandler(); SecurityToken token = tokenHandler.CreateToken(tokenDescriptor); return(tokenHandler.WriteToken(token)); }
/// <summary> /// Create invite token for a group invitation /// </summary> /// <param name="user">The user that is invited</param> /// <param name="group">The Group where the user is invited for</param> /// <returns>Return jwt token</returns> public string CreateInviteToken(User user, Group group) { Claim[] claims = ClaimExtension.GenerateInviteClaims(user.ID, group.ID); SigningCredentials credentials = CreateSigningCredentials(); IdentityModelEventSource.ShowPII = true; SecurityTokenDescriptor tokenDescriptor = new SecurityTokenDescriptor { Subject = new ClaimsIdentity(claims, "jwt"), Expires = DateTime.Now.AddDays(1), SigningCredentials = credentials, Issuer = user.ID.ToString(), Audience = user.ID.ToString() }; JwtSecurityTokenHandler tokenHandler = new JwtSecurityTokenHandler(); JwtSecurityToken token = tokenHandler.CreateJwtSecurityToken(tokenDescriptor); return(tokenHandler.WriteToken(token)); }
public async Task <IActionResult> Login([FromBody] LoginViewModel loginViewModel) { try { var user = await _userManager.FindByNameAsync(loginViewModel.Email); var now = DateTime.Now; var refreshToken = ""; if (user != null) { if (_haser.VerifyHashedPassword(user, user.PasswordHash, loginViewModel.Password) == PasswordVerificationResult.Success) { var userClaims = await _userManager.GetClaimsAsync(user); List <AppUserClaim> appUserClaim = new List <AppUserClaim>(); foreach (var item in userClaims) { appUserClaim.Add(new AppUserClaim() { ClaimType = item.Type, ClaimValue = item.Value, UserId = user.Id, ClaimId = null }); } if (appUserClaim == null) { } if (loginViewModel.RememberMe) { var refresh_token = Guid.NewGuid().ToString().Replace("-", ""); if (!await _roleManager.RoleExistsAsync("RefreshToken")) { await _roleManager.CreateAsync(new IdentityRole { Name = "RefreshToken" }); } await _userManager.AddToRoleAsync(user, "RefreshToken"); var isToRemembered = await _userManager.IsInRoleAsync(user, "RefreshToken"); if (isToRemembered) { IIdentity identity = new GenericIdentity(user.UserName); ClaimsIdentity claimsIdentity = new ClaimsIdentity(identity); claimsIdentity.AddClaims(userClaims.OrderBy(c => c.Type)); //Add refresh token to current user's identity claims await ClaimExtension.AddUpdateClaimAsync(claimsIdentity, _userManager, user, "RefreshToken", refresh_token); await ClaimExtension.AddUpdateClaimAsync(claimsIdentity, _userManager, user, "DaysToExpire", _config["Tokens:DaysToExpireRefreshToken"]); await ClaimExtension.AddUpdateClaimAsync(claimsIdentity, _userManager, user, "RefreshTokenExpired", "False"); } refreshToken = refresh_token; } //var userClaims = await _userManager.GetClaimsAsync(user); var claims = new[] { new Claim(JwtRegisteredClaimNames.Sub, user.UserName), new Claim(JwtRegisteredClaimNames.Jti, Guid.NewGuid().ToString()) }.Union(userClaims); var key = new SymmetricSecurityKey(Encoding.UTF8.GetBytes(_config["Tokens:Key"])); var cred = new SigningCredentials(key, SecurityAlgorithms.HmacSha256); var jwt = new JwtSecurityToken( issuer: _config["Tokens:Issuer"], audience: _config["Tokens:Audience"], claims: claims, signingCredentials: cred, expires: now.AddMinutes(Convert.ToInt32( _config["Tokens:MinutesToExpiration"])) ); var handler = new JwtSecurityTokenHandler(); var encodedJwt = handler.WriteToken(jwt); var token = new OAuthToken { UserId = user.Id.ToString(), UserName = user.UserName, BearerToken = encodedJwt, ExpiresIn = jwt.ValidTo, RefreshToken = refreshToken, Claims = appUserClaim, IsAuthenticated = true }; return(Ok(token)); } } } catch (Exception) { throw; } return(BadRequest("Something bad happened")); }