public Trainer Login(LoginRequest p_loginRequest)
{
var trainer = _trainerService.GetTrainerByCredentials(p_loginRequest.Email, p_loginRequest.Password);
if (trainer != null)
{
trainer.Password = null;
return(trainer);
}
throw new WebApiException(401, "Email or password are incorrect");
}
protected override Task <AuthenticateResult> HandleAuthenticateAsync()
{
var endpoint = Context.GetEndpoint();
if (endpoint?.Metadata?.GetMetadata <IAllowAnonymous>() != null)
{
return(Task.FromResult(AuthenticateResult.NoResult()));
}
if (!Request.Headers.ContainsKey("Authorization"))
{
failReason = "Missing Authorization Header";
return(Task.FromResult(AuthenticateResult.Fail(failReason)));
}
Trainer trainer = null;
try
{
var authHeader = AuthenticationHeaderValue.Parse(Request.Headers["Authorization"]);
var credentialBytes = Convert.FromBase64String(authHeader.Parameter);
var credentials = Encoding.UTF8.GetString(credentialBytes).Split(new[] { ':' }, 2);
var email = credentials[0];
var password = credentials[1];
trainer = _trainerService.GetTrainerByCredentials(email, password);
}
catch
{
failReason = "Invalid Authorization Header";
return(Task.FromResult(AuthenticateResult.Fail(failReason)));
}
if (trainer == null)
{
failReason = "Invalid Username or Password";
return(Task.FromResult(AuthenticateResult.Fail(failReason)));
}
var claims = new[] {
new Claim(ClaimTypes.NameIdentifier, trainer.Id.ToString()),
new Claim(ClaimTypes.Name, trainer.Name),
};
var identity = new ClaimsIdentity(claims, Scheme.Name);
var principal = new ClaimsPrincipal(identity);
var ticket = new AuthenticationTicket(principal, Scheme.Name);
return(Task.FromResult(AuthenticateResult.Success(ticket)));
}