public async Task <SignInResult> SignInAsync(string userName, string password)
{
var maybe = await FindUserByNameAsync(userName);
if (!maybe.HasValue)
{
return(SignInResult.Fail(_translation["SignIn.Messages.Failure"]));
}
var user = maybe.Value;
if (_password.VerifyHashedPassword(user.PasswordHash, password) == PasswordVerificationResult.Failed)
{
return(SignInResult.Fail(_translation["SignIn.Messages.Failure"]));
}
if (!user.IsActive)
{
return(SignInResult.Fail(_translation["SignIn.Messages.IsNotActive"]));
}
var userId = user.Id;
var claims = await BuildClaimsAsync(userId);
var token = await _token.NewTokenAsync(userId, claims);
//TODO: Remove this line if you don't store jwt in cookie
_antiXsrf.AddToken(claims, JwtBearerDefaults.AuthenticationScheme);
return(SignInResult.Ok(token));
}
public async Task <SignInResult> SignInAsync(string userName, string password)
{
var maybe = await FindUserByNameAsync(userName);
if (!maybe.HasValue)
{
return(SignInResult.Fail(_localizer["SignIn.Messages.Failure"]));
}
var user = maybe.Value;
if (_password.VerifyHashedPassword(user.PasswordHash, password) == PasswordVerificationResult.Failed)
{
return(SignInResult.Fail(_localizer["SignIn.Messages.Failure"]));
}
if (!user.IsActive)
{
return(SignInResult.Fail(_localizer["SignIn.Messages.IsNotActive"]));
}
var userId = user.Id;
var claims = await BuildClaimsAsync(userId);
var token = await _token.BuildTokenAsync(userId, claims);
_antiforgery.AddTokenToResponse(claims);
return(SignInResult.Ok(token));
}
public async Task <SignInResult> SignInAsync(string userName, string password, bool persistent)
{
var userMaybe = await FindUserByNameAsync(userName);
if (!userMaybe.HasValue)
{
return(SignInResult.Fail(_localizer["SignIn.Messages.Failure"]));
}
var user = userMaybe.Value;
if (_password.VerifyHashedPassword(user.PasswordHash, password) == PasswordVerificationResult.Failed)
{
return(SignInResult.Fail(_localizer["SignIn.Messages.Failure"]));
}
if (!user.IsActive)
{
return(SignInResult.Fail(_localizer["SignIn.Messages.IsNotActive"]));
}
var userId = user.Id;
var claims = await BuildClaimsAsync(userId);
var loginCookieExpirationDays = _configuration.GetValue <int>("LoginCookieExpirationDays", defaultValue: 30);
await _httpContext.HttpContext.SignInAsync(
CookieAuthenticationDefaults.AuthenticationScheme,
claims,
new AuthenticationProperties
{
IsPersistent = persistent, // "Remember Me"
IssuedUtc = DateTimeOffset.UtcNow,
ExpiresUtc = DateTimeOffset.UtcNow.AddDays(loginCookieExpirationDays)
});
// await UpdateLastActivityDateAsync(user);
_logger.LogInformation(LoggingEvents.LOGIN, $"{userName} logged in.");
return(SignInResult.Ok());
}
