public ActionResult <string> PostUsers([FromBody] User user) { if (authenticationRepository.AuthenticateUser(user)) { var claims = new[] { new Claim(JwtRegisteredClaimNames.Sub, user.userName) }; var signingKey = new SymmetricSecurityKey( Encoding.UTF8.GetBytes("MyKeyForAuthentication")); var token = new JwtSecurityToken( issuer: "iiht.com", audience: "trainees", expires: DateTime.Now.AddHours(1), claims: claims, signingCredentials: new SigningCredentials(signingKey, SecurityAlgorithms.HmacSha256) ); return(Ok(new TokenResponse { Token = new JwtSecurityTokenHandler().WriteToken(token), Expiration = token.ValidTo })); } return(Unauthorized()); }
public async Task <IActionResult> SignInUser(User user) { var userFromRepo = _repo.AuthenticateUser(user); if (userFromRepo == null) { ViewBag.ErrorMessage = "Your email or password is incorrect."; return(View("Login")); } var claims = new List <Claim> { new Claim(ClaimTypes.Name, userFromRepo.Email), new Claim("FirstName", userFromRepo.FirstName), new Claim("LastName", userFromRepo.LastName), new Claim(ClaimTypes.Role, "User") }; var claimsIdentity = new ClaimsIdentity(claims, CookieAuthenticationDefaults.AuthenticationScheme); var authProperties = new AuthenticationProperties { AllowRefresh = true, ExpiresUtc = DateTimeOffset.UtcNow.AddMinutes(30), IsPersistent = true, RedirectUri = "/Home/Index" }; await HttpContext.SignInAsync(CookieAuthenticationDefaults.AuthenticationScheme, new ClaimsPrincipal(claimsIdentity), authProperties); return(RedirectToAction("Index", "Home")); }
public IActionResult UserLoginAsync([FromBody] User user) { if (user == null) { logger.LogInformation(400, "Bad Request"); return(BadRequest()); } if (!ModelState.IsValid) { logger.LogInformation(422, "Validation error"); return(new UnprocessableEntityObjectResult(ModelState)); } if (string.IsNullOrWhiteSpace(user.UserName) || string.IsNullOrWhiteSpace(user.Password)) { logger.LogInformation(400, "Username or Password not provided`"); return(new UnprocessableEntityObjectResult(ModelState)); } AuthenticationResponse response = new AuthenticationResponse(); try { if (repository.AuthenticateUser(user)) { var claims = new[] { new Claim(JwtRegisteredClaimNames.Sub, user.UserName) }; var signingKey = new SymmetricSecurityKey( Encoding.UTF8.GetBytes( configuration .GetSection("AuthenticationDetails") .GetSection("SecretKey").Value)); var token = new JwtSecurityToken( issuer: configuration .GetSection("AuthenticationDetails") .GetSection("ValidIssuer").Value, audience: configuration .GetSection("AuthenticationDetails") .GetSection("ValidAudience").Value, expires: DateTime.Now.AddHours(1), claims: claims, signingCredentials: new SigningCredentials(signingKey, SecurityAlgorithms.HmacSha256) ); response.TokenList = new List <TokenResponse>() { new TokenResponse { Token = new JwtSecurityTokenHandler().WriteToken( token), Expiration = token.ValidTo } }; logger.LogInformation(200, "SuccessIndicator = true"); response.SuccessIndicator = true; return(Ok(response)); } logger.LogInformation(200, "SuccessIndicator = false. User not authorized"); return(Unauthorized()); } catch (Exception ex) { var faultObj = new Fault() { FaultMessage = ex.Message, FaultSource = ex.Source }; if (ex.InnerException != null && !string.IsNullOrWhiteSpace(ex.InnerException.Message)) { faultObj.InnerMessage = ex.InnerException.Message; } response.Fault = faultObj; response.SuccessIndicator = false; logger.LogError(500, faultObj.FaultMessage); logger.LogInformation(500, "sucessIndicator = false"); } return(new InternalServerErrorObjectResult(response)); }