public IActionResult Login(StudentLoginDto userLoginDTO) { var user = _authRepository.Login(userLoginDTO.Username.ToLower(), userLoginDTO.Password); if (user == null) { return(Unauthorized()); } var claims = new[] { new Claim(ClaimTypes.NameIdentifier, user.Id.ToString()), new Claim(ClaimTypes.Name, user.Username), new Claim(ClaimTypes.Role, user.Role) }; var key = new SymmetricSecurityKey(Encoding.UTF8.GetBytes(_config.GetSection("AppSettings:Token").Value)); var tokenDescriptor = new SecurityTokenDescriptor { Subject = new ClaimsIdentity(claims), Expires = DateTime.Now.AddHours(3), SigningCredentials = new SigningCredentials(key, SecurityAlgorithms.HmacSha512Signature) }; var tokenHandler = new JwtSecurityTokenHandler(); var token = tokenHandler.CreateToken(tokenDescriptor); return(Ok(new { token = tokenHandler.WriteToken(token) })); }
private async Task <StudentReturnDto> AuthenticateStudent(StudentLoginDto loginCreds) { var password = Helper.ComputeHash(loginCreds.Password); var studentsWithEmail = _context.Students .AsNoTracking() .Include(s => s.Speciality) .Where(t => t.Email.ToLower() == loginCreds.Email.ToLower()); foreach (var student in studentsWithEmail) { if (Helper.Equals(student.Password, password)) { var currentCourses = await _context.CurrentCourseStudents .AsNoTracking() .Include(cs => cs.Course) .Where(c => c.StudentId == student.Id) .Select(cs => new CourseReturnDto() { Id = cs.Course.Id, Name = cs.Course.Name, AbsenceLimit = cs.Course.AbsenceLimit, Credit = cs.Course.Credit, SyllabusPath = cs.Course.SyllabusPath }).ToListAsync(); var studentReturn = new StudentReturnDto() { Id = student.Id, CurrentCourses = currentCourses, Details = student.Details, Email = student.Email, Gender = student.Gender, Name = student.Name, SpecialityId = student.SpecialityId, SpecialityName = student.Speciality.Name, RegisterStatus = student.RegisterStatus }; return(studentReturn); } } return(null); }
public async Task <IActionResult> PostLoginStudent(StudentLoginDto loginDto) { if (!ModelState.IsValid) { return(RedirectToAction( actionName: "GetLoginStudent", routeValues: new { error = "Invalid login credentials." } )); } var result = await _repo.LoginStudent(loginDto); if (result.IsSuccess) { var claims = new List <Claim> { new Claim(ClaimTypes.NameIdentifier, result.Content.Id.ToString()), new Claim(ClaimTypes.Name, result.Content.Name), new Claim(ClaimTypes.Email, result.Content.Email), new Claim(ClaimTypes.Role, "student") }; var identity = new ClaimsIdentity( claims, CookieAuthenticationDefaults.AuthenticationScheme ); var principal = new ClaimsPrincipal(identity); await HttpContext.SignInAsync(principal); return(RedirectToAction("GetProfile")); } return(RedirectToAction( "GetLoginStudent", routeValues: new { error = result.Message } )); }
public async Task <RepoResponse <StudentReturnDto> > LoginStudent(StudentLoginDto loginCreds) { var student = await AuthenticateStudent(loginCreds); if (student == null) { var failResponse = new RepoResponse <StudentReturnDto>() { IsSuccess = false, Message = _config["ErrorCodes:login"] }; return(failResponse); } if (student.RegisterStatus != RegistrationStatus.Approved) { return(new RepoResponse <StudentReturnDto>() { IsSuccess = false, Message = _config["ErrorCodes:reg_status"], Content = student }); } var token = GenerateToken(student.Id, student.Email, "student"); var response = new RepoResponse <StudentReturnDto>() { IsSuccess = true, Content = student, //Message = token (token based auth) Message = _config["SuccessCodes:login"] }; return(response); }
public Task <RepoResponse <bool> > DeleteStudent(StudentLoginDto creds) { throw new System.NotImplementedException(); }