public async Task <IActionResult> GetToken([FromBody] JwtTokenViewModel model) { if (ModelState.IsValid) { ApplicationUser user = await _userManager.FindByNameAsync(model.UserName); var signInResult = await _signInManager.CheckPasswordSignInAsync(user, model.Password, false); if (signInResult.Succeeded) { var key = new SymmetricSecurityKey(Encoding.UTF8.GetBytes(JwtConfiguration.Key)); var creds = new SigningCredentials(key, SecurityAlgorithms.HmacSha256); var claims = new[] { new Claim(JwtRegisteredClaimNames.Sub, model.UserName), new Claim(JwtRegisteredClaimNames.Jti, Guid.NewGuid().ToString()), new Claim(JwtRegisteredClaimNames.UniqueName, model.UserName) }; var token = new JwtSecurityToken( JwtConfiguration.Issuer, JwtConfiguration.Audience, claims, expires: DateTime.UtcNow.AddHours(1), signingCredentials: creds ); var result = new { token = new JwtSecurityTokenHandler().WriteToken(token), expiration = token.ValidTo }; return(Created("", result)); } } return(BadRequest()); }
public async Task <IActionResult> Login([FromBody] CredentialsBindingModel credentials ) { if (!ModelState.IsValid) { throw new Exception(); } ClaimsIdentity identity = GetClaimsIdentity(credentials.UserName, credentials.Password).Result; if (identity == null) { throw new Exception("Please enter valid credentials"); } JwtTokenViewModel jwt = Tokens.GenerateJwt(identity, _jwtFactory, _jwtOptions).Result; // var refreshToken = await _userService.GetRefreshToken(jwt.Id); // jwt.RefreshToken = refreshToken.Token; LoginAppViewModel model = new LoginAppViewModel { // Content = jwt }; return(Success(model)); }
public async Task <IActionResult> Login(LoginViewModel model, string returnUrl = null) { ViewData["ReturnUrl"] = returnUrl; if (ModelState.IsValid) { // This doesn't count login failures towards account lockout // To enable password failures to trigger account lockout, set lockoutOnFailure: true //var result = await _signInManager.PasswordSignInAsync(model.Email, model.Password, model.RememberMe, lockoutOnFailure: false); //if (result.Succeeded) //{ // _logger.LogInformation(1, "User logged in."); // return RedirectToLocal(returnUrl); //} //if (result.RequiresTwoFactor) //{ // return RedirectToAction(nameof(SendCode), new { ReturnUrl = returnUrl, RememberMe = model.RememberMe }); //} /* * if (result.IsLockedOut) * { * _logger.LogWarning(2, "User account locked out."); * return View("Lockout"); * } * else * { * ModelState.AddModelError(string.Empty, "Invalid login attempt."); * return View(model); * } */ var jwtTokenViewModel = new JwtTokenViewModel() { UserName = model.Email, Password = model.Password }; using var httpClient = new HttpClient(); using var content = new StringContent(JsonConvert.SerializeObject(jwtTokenViewModel), System.Text.Encoding.UTF8, "application/json"); HttpResponseMessage responseMessage = await httpClient.PostAsync("https://localhost:44329/account/gettoken", content); if (responseMessage.StatusCode == System.Net.HttpStatusCode.Created) { var userToken = JsonConvert.DeserializeObject <JwtToken>(responseMessage.Content.ReadAsStringAsync().Result); HttpContext.Session.SetString("JWTtoken", userToken.Token); return(RedirectToLocal(returnUrl)); } } // If we got this far, something failed, redisplay form return(View(model)); }
public async Task <IActionResult> CreateToken([FromBody] JwtTokenViewModel model) { if (ModelState.IsValid) { IdentityUser user = await _userManager.FindByNameAsync(model.UserName); var Signresult = await _signInManager.CheckPasswordSignInAsync(user, model.Password, false); var userRoles = await _userManager.GetRolesAsync(user); if (Signresult.Succeeded) { var key = new SymmetricSecurityKey(Encoding.UTF8.GetBytes(ApiJwtConst.key)); var creds = new SigningCredentials(key, SecurityAlgorithms.HmacSha256); var claims = new List <Claim> (); claims.Add(new Claim(JwtRegisteredClaimNames.Sub, model.UserName)); claims.Add(new Claim(JwtRegisteredClaimNames.Jti, Guid.NewGuid().ToString())); claims.Add(new Claim(JwtRegisteredClaimNames.UniqueName, model.UserName)); foreach (var role in userRoles) { claims.Add(new Claim(ClaimTypes.Role, role)); } var token = new JwtSecurityToken( ApiJwtConst.Issuer, ApiJwtConst.Audience, claims, expires: DateTime.UtcNow.AddMinutes(30), signingCredentials: creds ); var result = new { token = new JwtSecurityTokenHandler().WriteToken(token), expiration = token.ValidTo }; return(Created("", result)); } else { return(BadRequest("Invalid credential")); } } return(BadRequest()); }
public static async Task <JwtTokenViewModel> GenerateJwt( ClaimsIdentity identity, IJwtFactory jwtFactory, JwtIssuerOptions jwtOptions ) { JwtTokenViewModel response = new JwtTokenViewModel { Id = identity.Claims.Single(c => c.Type == "id").Value, AuthToken = await jwtFactory.GenerateEncodedToken(identity.Claims.Single(c => c.Type == "id").Value, identity), ExpiresIn = (int)jwtOptions.ValidFor.TotalSeconds, RefreshToken = Guid.NewGuid().ToString() }; return(response); }
public async Task <IActionResult> CreateToken([FromForm] JwtTokenViewModel model) { if (ModelState.IsValid) { User user = await _userManager.FindByEmailAsync(model.Email); var role = await _userManager.GetRolesAsync(user); IdentityOptions _options = new IdentityOptions(); var signInResult = await _signInManager.CheckPasswordSignInAsync(user, model.Password, false); if (signInResult.Succeeded) { var key = new SymmetricSecurityKey(Encoding.UTF8.GetBytes(MVSJwtConstants.Key)); var creds = new SigningCredentials(key, SecurityAlgorithms.HmacSha256); var claims = new [] { new Claim(JwtRegisteredClaimNames.Sub, model.Email), new Claim(JwtRegisteredClaimNames.Jti, Guid.NewGuid().ToString()), new Claim(JwtRegisteredClaimNames.Email, model.Email), new Claim(_options.ClaimsIdentity.RoleClaimType, role.FirstOrDefault()) }; var token = new JwtSecurityToken( MVSJwtConstants.Issuer, MVSJwtConstants.Audience, claims, expires: DateTime.UtcNow.AddMinutes(30), signingCredentials: creds ); var results = new { token = new JwtSecurityTokenHandler().WriteToken(token), expiration = token.ValidTo }; return(Created("", results)); } return(BadRequest()); } return(BadRequest()); }
public async Task <IActionResult> SignIn([FromBody] LoginViewModel loginViewModel) { var user = await _userManager.FindByEmailAsync(loginViewModel.Email); if (user == null) { return(new NotFoundResult()); } var result = await _signInManager.CheckPasswordSignInAsync(user, loginViewModel.Password, false); if (result.Succeeded) { var token = new JwtTokenViewModel { AccessToken = _jwtTokenGenerator.Generate(user), RefreshToken = _refreshTokenGenerator.Generate() }; try { await _tokenProvider.RegisterRefreshToken(token.RefreshToken, user.Id); await _tokenProvider.RegisterAccessToken( _jwtTokenHelper.GetSignature(token.AccessToken), _jwtTokenHelper.GetExpirationDate(token.AccessToken), user.Id); } catch (Exception) { return(new StatusCodeResult((int)HttpStatusCode.InternalServerError)); } return(new OkObjectResult(token)); } if (result.IsLockedOut || result.IsNotAllowed) { return(new ForbidResult()); } return(new ForbidResult()); }
public async Task <IActionResult> RefreshAccessToken(Guid refreshToken) { var refreshTokenObject = await _tokenProvider.GetRefreshToken(refreshToken); if (refreshTokenObject == null) { return(BadRequest()); } var user = await _userManager.FindByIdAsync(refreshTokenObject.UserId.ToString()); if (user == null) { return(BadRequest()); } var token = new JwtTokenViewModel { AccessToken = _tokenGenerator.Generate(user), RefreshToken = refreshToken.ToString() }; try { await _tokenProvider.UpdateRefreshToken(refreshToken); await _tokenProvider.RegisterAccessToken( _jwtTokenHelper.GetSignature(token.AccessToken), _jwtTokenHelper.GetExpirationDate(token.AccessToken), user.Id); } catch (Exception) { return(new StatusCodeResult((int)HttpStatusCode.InternalServerError)); } return(new OkObjectResult(token)); }
public async Task <JwtTokenViewModel> GenerateToken(UserViewModel userViewModel) { var user = await _userManager.FindByEmailAsync(userViewModel.Email); if (user == null) { throw new Exception($"The user with {userViewModel.Email} does not exist."); } var userClaims = await _userManager.GetClaimsAsync(user); var claims = userClaims; claims.Add(new Claim(ClaimTypes.Email, userViewModel.Email)); claims.Add(new Claim(ClaimTypes.Name, userViewModel.Email)); claims.Add(new Claim("Role", userClaims.First(item => item.Type == ClaimTypes.Role).Value)); claims.Add(new Claim("LastName", userViewModel.LastName ?? "")); claims.Add(new Claim("FirstName", user.FirstName ?? "")); var key = new SymmetricSecurityKey(Encoding.UTF8.GetBytes(_configuration["Tokens:Key"])); var creds = new SigningCredentials(key, SecurityAlgorithms.HmacSha256); var expiresIn = DateTime.Now.AddDays(30); var token = new JwtSecurityToken( issuer: _configuration["Tokens:Issuer"], audience: _configuration["Tokens:Audience"], claims: claims, expires: expiresIn, signingCredentials: creds); var tokenString = new JwtSecurityTokenHandler().WriteToken(token); var accessToken = new JwtTokenViewModel { access_token = tokenString, expires_in = (int)(expiresIn - DateTime.Now).TotalMinutes }; return(accessToken); }
public async Task <IActionResult> CreateToken([FromBody] JwtTokenViewModel model) { if (ModelState.IsValid) { AspNetUser user = await _userManager.FindByNameAsync(model.UserName); if (user == null) { return(BadRequest("no user found")); } // var IsSuccess= Hasher.VerifyHashedPassword(user.PasswordHash, model.Password); var Signresult = await _signInManager.CheckPasswordSignInAsync(user, model.Password, false); List <string> userRoles = new List <string>(); //var userRoles = await _userManager.GetRolesAsync(user); var LstuserRoles = await _context.AspNetUserRoles.Where(e => e.UserId == user.Id).ToListAsync(); foreach (var item in LstuserRoles) { var t = await _context.AspNetRoles.Where(e => e.Id == item.RoleId).SingleAsync(); if (t != null) { userRoles.Add(t.Name); } } if (Signresult.Succeeded) { var key = new SymmetricSecurityKey(Encoding.UTF8.GetBytes(ApiConst.key)); var creds = new SigningCredentials(key, SecurityAlgorithms.HmacSha256); var claims = new List <Claim>(); claims.Add(new Claim(JwtRegisteredClaimNames.Sub, model.UserName)); claims.Add(new Claim(JwtRegisteredClaimNames.Jti, Guid.NewGuid().ToString())); claims.Add(new Claim(JwtRegisteredClaimNames.UniqueName, model.UserName)); foreach (var role in userRoles) { claims.Add(new Claim(ClaimTypes.Role, role)); } var token = new JwtSecurityToken( ApiConst.Issuer, ApiConst.Audience, claims, expires: DateTime.UtcNow.AddMinutes(30), signingCredentials: creds ); var result = new Token { token = new JwtSecurityTokenHandler().WriteToken(token), expiration = token.ValidTo }; return(Created("", result)); } else { return(BadRequest("Invalid credential")); } } return(BadRequest()); }