public async Task <IActionResult> LoginRequest([FromBody] LoginByUsernameViewModel model) { if (ModelState.IsValid) { // This doesn't count login failures towards account lockout // To enable password failures to trigger account lockout, set lockoutOnFailure: true var result = await _signInManager.PasswordSignInAsync(model.Username, model.Password, false, lockoutOnFailure : false); if (result.Succeeded) { var appUser = _userManager.Users.SingleOrDefault(r => r.UserName == model.Username); var roles = await _userManager.GetRolesAsync(appUser); string token = JWTGenerator.Generate(appUser.Email, appUser, roles, _configuration); _logger.LogInformation("User logged in."); return(new OkObjectResult(new { Token = token, Roles = roles, UserName = appUser.Name })); } else { ModelState.AddModelError(string.Empty, "Invalid login attempt."); return(new BadRequestObjectResult("Invalid login or password")); } } else { return(new BadRequestObjectResult("Invalid data")); } }
public string Login(string username, string password, UserRole[] rolesAllowed) { string hashedPassword = getHashedPassword(password); using (var ds = new DataService()) { if (ds.getUserDAO().ExistsUsernamePassword(username, hashedPassword, rolesAllowed)) { return(JWTGenerator.Generate(username)); } return(null); } }