public async Task <IActionResult> Login([FromBody] LoginRequestModel model) { var user = await _userManager.FindByNameAsync(model.UserName); if (user == null || !await _userManager.CheckPasswordAsync(user, model.Password).ConfigureAwait(false)) { return(BadRequest("invalid login")); } await _signInManager.SignInAsync(user, true).ConfigureAwait(false); var claims = new List <Claim> { new Claim(ClaimTypes.Email, user.Email), new Claim(ClaimTypes.Name, user.UserName), new Claim(ClaimTypes.NameIdentifier, user.Id), new Claim(JwtRegisteredClaimNames.Jti, Guid.NewGuid().ToString()) }; var userRoles = await _userManager.GetRolesAsync(user); if (userRoles.Any()) { foreach (var roleName in userRoles) { claims.Add(new Claim(ClaimTypes.Role, roleName)); var role = await _roleManager.FindByNameAsync(roleName); var userRoleClaims = await _roleManager.GetClaimsAsync(role); if (userRoleClaims != null) { foreach (var claim in userRoleClaims) { claims.Add(new Claim(claim.Type, claim.Value)); } } } } var token = _tokenHelper.BuildToken(claims); return(Ok(new LoginResponseModel(token, claims))); }
public AuthenticationResult Authenticate(HttpRequestMessage requestMessage) { //if (!requestMessage.RequestUri.PathAndQuery.Contains("clientid", System.StringComparison.OrdinalIgnoreCase)) { // return new AuthenticationResult { IsAuthenticated = false, ErrorCode = 401, Reason = "You must provide your Client ID." }; //} var credentials = _httpRequestMessageHandler.GetCredentials(requestMessage); if (credentials == null) { return new AuthenticationResult { IsAuthenticated = false, ErrorCode = 401, Reason = "You must provide user and Password." } } ; var user = _userManager.GetUser(credentials.UserName); if (user == null) { return new AuthenticationResult { IsAuthenticated = false, ErrorCode = 401, Reason = "User does not exist" } } ; var salt = user.salt; var hashedPassword = _hashHelper.GetHash(credentials.Password + salt); if (user.hashedpassword == hashedPassword) { var token = _tokenHelper.BuildToken(credentials.UserName, "sitaonair", "wms"); //requestMessage.Headers.GetValues("RemoteAddress")?.FirstOrDefault() return(new AuthenticationResult { IsAuthenticated = true, Username = credentials.UserName, Token = token, Regenerate = true }); } return(new AuthenticationResult { IsAuthenticated = false, ErrorCode = 401, Reason = "Authentication failed. Wrong Password" }); } } }