public async Task <object> Login([FromBody] Messages.Authenticator.LoginCommand cmd) { var result = await authenticator.Login(cmd.Username, cmd.Password); if (result is Messages.Authenticator.LoginSuccess) { Response.StatusCode = 200; return(result); } if (result is Messages.Authenticator.FormInvalidData) { Response.StatusCode = 400; return(result); } if (result is Messages.Authenticator.LoginFailedPassword) { Response.StatusCode = 400; return(result); } Response.StatusCode = 500; return(new object()); }
private void Login(Messages.Authenticator.LoginCommand cmd) { Console.WriteLine("Login command"); using (MyContext context = MyContext.Connect(GetPath())) { var result = context.Users.Where(p => p.Username == cmd.Username).ToList(); if (result.Count > 0) { var userDb = result[0]; if (userDb.Password == cmd.Password) { var claims = new[] { new Claim(ClaimTypes.Name, userDb.Username), new Claim("Name", userDb.Name), new Claim("Id", userDb.Id.ToString()) }; var key = new SymmetricSecurityKey(Encoding.UTF8.GetBytes(Configuration["SecurityKey"])); var creds = new SigningCredentials(key, SecurityAlgorithms.HmacSha256); var token = new JwtSecurityToken( issuer: "yourdomain.com", audience: "yourdomain.com", // TODO: use Configuration file for this claims: claims, expires: DateTime.Now.AddDays(30), signingCredentials: creds); Sender.Tell(new Messages.Authenticator.LoginSuccess(new JwtSecurityTokenHandler().WriteToken(token))); } else { Sender.Tell(new Messages.Authenticator.LoginFailedPassword()); } } } }