protected override async Task <AuthenticateResult> HandleAuthenticateAsync()
{
if (!Request.Headers.ContainsKey(HeaderNames.Authorization))
{
return(AuthenticateResult.Fail("Missing Authorization Header"));
}
ClaimsPrincipal claimsPrincipal;
try
{
var authHeader = AuthenticationHeaderValue.Parse(Request.Headers[HeaderNames.Authorization]);
var credentialBytes = Convert.FromBase64String(authHeader.Parameter);
var credentials = Encoding.UTF8.GetString(credentialBytes).Split(':');
var username = credentials[0];
var password = credentials[1];
claimsPrincipal = await _authenticationService.Login(username, password);
}
catch
{
return(AuthenticateResult.Fail("Invalid Authorization Header"));
}
if (claimsPrincipal == null)
{
return(AuthenticateResult.Fail("Invalid Username or Password"));
}
var ticket = new AuthenticationTicket(claimsPrincipal, Scheme.Name);
return(AuthenticateResult.Success(ticket));
}
public async Task <IActionResult> Login(LoginModel loginModel)
{
var claimsPrincipal = await _authenticationService.Login(loginModel.UserName, loginModel.Password);
if (claimsPrincipal == null)
{
return(View(loginModel));
}
await HttpContext.SignInAsync(CookieAuthenticationDefaults.AuthenticationScheme, claimsPrincipal);
var redirectionView = string.IsNullOrWhiteSpace(loginModel.ReturnUrl)
? ResolveHomePageFromRole(claimsPrincipal)
: loginModel.ReturnUrl;
return(Redirect(redirectionView));
}
