public async Task <IActionResult> login(UserForLoginDto userforlogindto)
{
var userFromRepo = await _repo.Login(userforlogindto.Username, userforlogindto.Password);
if (userFromRepo == null)
{
return(Unauthorized());
}
var claims = new [] {
new Claim(ClaimTypes.NameIdentifier, userFromRepo.Id.ToString()),
new Claim(ClaimTypes.Name, userFromRepo.Username)
};
//Create security key
var key = new SymmetricSecurityKey(Encoding.UTF8
.GetBytes(_config.GetSection("AppSettings:Token").Value));
//Signing credentials
var creds = new SigningCredentials(key, SecurityAlgorithms.HmacSha512Signature);
// set names and exp date
var tokenDescriptor = new SecurityTokenDescriptor {
Subject = new ClaimsIdentity(claims),
Expires = DateTime.Now.AddDays(1),
SigningCredentials = creds
};
var tokenHandler = new JwtSecurityTokenHandler();
var token = tokenHandler.CreateToken(tokenDescriptor);
return(Ok(new {
token = tokenHandler.WriteToken(token)
}));
}
public async Task <IActionResult> Login([FromBody] UserForLogin userforlogin)
{
byte [] key = Encoding.ASCII.GetBytes(_config.GetSection("secrets:HashSalt").Value);
if (ModelState.IsValid)
{
var user = await _auth.Login(userforlogin);
if (user == null)
{
return(Unauthorized());
}
var tokenhandler = new JwtSecurityTokenHandler();
var descriptor = new SecurityTokenDescriptor()
{
Subject = new ClaimsIdentity(new Claim [] {
new Claim(ClaimTypes.NameIdentifier, user.id.ToString()),
new Claim(ClaimTypes.Name, user.Username),
}),
Expires = System.DateTime.Now.AddDays(2),
SigningCredentials = new SigningCredentials(new SymmetricSecurityKey(key), SecurityAlgorithms.HmacSha512)
};
var tokenstring = tokenhandler.CreateToken(descriptor);
var token = tokenhandler.WriteToken(tokenstring);
return(Ok(new { token }));
}
return(BadRequest(ModelState));
}
public async Task <IActionResult> Login(UserForLoginDto userForLoginDto)
{
//This is the user attempting to login.
var userFromRepo = await _repo.Login(userForLoginDto.Username.ToLower(), userForLoginDto.Password);
if (userFromRepo == null)
{
return(Unauthorized());
}
//This lays out the content of the token from the user perspective. Which is the user ID and the username.
var claims = new[]
{
new Claim(ClaimTypes.NameIdentifier, userFromRepo.ID.ToString()),
new Claim(ClaimTypes.Name, userFromRepo.Username)
};
//This will create a key and a signature. These will allow the application to validate the user
var key = new SymmetricSecurityKey(Encoding.UTF8.GetBytes(_config.GetSection("AppSettings:Tokens").Value));
//This takes the key created above and hashes it.
var creds = new SigningCredentials(key, SecurityAlgorithms.HmacSha512Signature);
//This builds a token object.
var tokenDescriptor = new SecurityTokenDescriptor
{
Subject = new ClaimsIdentity(claims), //Claims object from above
Expires = DateTime.Now.AddDays(1), // Token Expiration with is this case is 24 dours
SigningCredentials = creds // The signing credentials which includes the hashed key
};
//The following lines create the token and then return the token as a object.
var tokenHandler = new JwtSecurityTokenHandler();
var token = tokenHandler.CreateToken(tokenDescriptor);
return(Ok(new {
token = tokenHandler.WriteToken(token)
}));
}
