public IntResult LoginStudent(string username, string password)
{
var encrypt_key = configuration.GetEncryptPassword();
var encodedPassword = FMCW.Seguridad.Encriptador.Encriptar(password, encrypt_key);
var user = context.Student.FirstOrDefault(s => s.Username == username && s.Password == encodedPassword);
return(user != null?
IntResult.Ok(user.IdStudent) :
IntResult.Error(new Exception("Wrong user or password")));
}
public IntResult ValidateToken(string token)
{
try
{
string issuer = _jwtConfiguration.Issuer;
string audience = _jwtConfiguration.Audience;
var secretKey = new SymmetricSecurityKey(Encoding.UTF8.GetBytes(_jwtConfiguration.SecretKey));
var tokenValidationParamters = new TokenValidationParameters
{
ValidateAudience = true,
ValidateIssuer = true,
ValidateActor = false,
ValidateLifetime = false,
IssuerSigningKey = secretKey
};
var tokenHandler = new JwtSecurityTokenHandler();
SecurityToken securityToken;
var principal = tokenHandler.ValidateToken(token, tokenValidationParamters, out securityToken);
JwtSecurityToken jwtSecurityToken = securityToken as JwtSecurityToken;
if (jwtSecurityToken == null || !jwtSecurityToken.Header.Alg.Equals(SecurityAlgorithms.HmacSha256, StringComparison.InvariantCultureIgnoreCase))
{
return(IntResult.Error("Invalid token"));
}
var userId = int.Parse(principal.FindFirst("IdUsuario")?.Value ?? "-1");
if (userId == -1)
{
return(IntResult.Error("Missing claim"));
}
if (jwtSecurityToken.ValidTo < DateTime.UtcNow)
{
return(IntResult.Error("Expired token"));
}
else
{
return(IntResult.Ok(userId));
}
}
catch (Exception ex)
{
return(IntResult.Error(ex));
}
}