private static dynamic JWT(Models.ProgramModels.AuthorizationOptions option, ClaimsIdentity identity) { var key = new SymmetricSecurityKey(Encoding.ASCII.GetBytes(option.Key)); var now = DateTime.UtcNow; var jwt = new JwtSecurityToken( issuer: option.Issuer, audience: option.Audience, notBefore: now, claims: identity.Claims, expires: now.Add(TimeSpan.FromMinutes(option.Lifetime)), signingCredentials: new SigningCredentials(key, SecurityAlgorithms.HmacSha256)); var encodedJwt = new JwtSecurityTokenHandler().WriteToken(jwt); return(encodedJwt); }
public async Task <IActionResult> Token(string username, string password) { Account user = await repoacc.CheckAccount(username); if (user == null) { return(BadRequest()); } bool confirm; confirm = VerifyHashedPassword(user.Password, password); if (confirm == false) { return(null); } else { Account account = await repoacc.GetAccount(username, user.Password); if (account == null) { return(BadRequest(new { errorText = "Invalid username or password." })); } Account person = new Account { Login = account.Login, Password = account.Password, Role = account.Role, Status = account.Status }; var identity = GetIdentity(person); authoption = Configuration.GetSection("Option").Get <Models.ProgramModels.AuthorizationOptions>(); var response = new { access_token = JWT(authoption, identity), username = identity.Name, }; return(Json(response)); } }