protected override async Task <AuthenticateResult> HandleAuthenticateAsync() { if (!Request.Headers.ContainsKey(HeaderNames.Authorization)) { return(AuthenticateResult.Fail("Missing Authorization Header")); } ClaimsPrincipal claimsPrincipal; try { var authHeader = AuthenticationHeaderValue.Parse(Request.Headers[HeaderNames.Authorization]); var credentialBytes = Convert.FromBase64String(authHeader.Parameter); var credentials = Encoding.UTF8.GetString(credentialBytes).Split(':'); var username = credentials[0]; var password = credentials[1]; claimsPrincipal = await _authenticationService.Login(username, password); } catch { return(AuthenticateResult.Fail("Invalid Authorization Header")); } if (claimsPrincipal == null) { return(AuthenticateResult.Fail("Invalid Username or Password")); } var ticket = new AuthenticationTicket(claimsPrincipal, Scheme.Name); return(AuthenticateResult.Success(ticket)); }
public async Task <IActionResult> Login(LoginModel loginModel) { var claimsPrincipal = await _authenticationService.Login(loginModel.UserName, loginModel.Password); if (claimsPrincipal == null) { return(View(loginModel)); } await HttpContext.SignInAsync(CookieAuthenticationDefaults.AuthenticationScheme, claimsPrincipal); var redirectionView = string.IsNullOrWhiteSpace(loginModel.ReturnUrl) ? ResolveHomePageFromRole(claimsPrincipal) : loginModel.ReturnUrl; return(Redirect(redirectionView)); }