public async Task <IActionResult> Token(string username, string password)
{
var json = "";
var agent = await _agentsService.GetAgentByUserPass(username, password);
if (agent == null)
{
return(null);
}
var claims = new[]
{
new Claim(JwtRegisteredClaimNames.Sub, agent["username"].ToString()),
new Claim(ClaimTypes.Role, agent["role"].ToString()),
new Claim("user_id", agent["id"].ToString()),
new Claim("name", agent["name"].ToString()),
new Claim(JwtRegisteredClaimNames.Jti, await _jwtOptions.JtiGenerator()),
new Claim(JwtRegisteredClaimNames.Iat, TokenProviderMiddleware.ToUnixEpochDate(_jwtOptions.IssuedAt).ToString(), ClaimValueTypes.Integer64)
};
// Create the JWT security token and encode it.
var jwt = new JwtSecurityToken(
issuer: _jwtOptions.Issuer,
audience: _jwtOptions.Audience,
claims: claims,
notBefore: _jwtOptions.NotBefore,
expires: _jwtOptions.Expiration,
signingCredentials: _jwtOptions.SigningCredentials);
var encodedJwt = new JwtSecurityTokenHandler().WriteToken(jwt);
var response = new
{
user_id = agent["id"].ToString(),
access_token = encodedJwt,
expires_in = (int)_jwtOptions.ValidFor.TotalSeconds,
role = (string)agent["role"],
business_id = (string)agent["business_id"],
};
json = JsonConvert.SerializeObject(response, _serializerSettings);
return(new OkObjectResult(json));
}
public async Task <IActionResult> Login([FromForm] LoginUserVm applicationUser)
{
var identity = await _tokenProviderMiddleware.GetClaimsIdentity(applicationUser);
if (identity == null)
{
_logger.LogInformation(
$"Invalid username ({applicationUser.Email}) or password ({applicationUser.Password})");
return(BadRequest("Invalid credentials"));
}
var claims = new[]
{
new Claim(JwtRegisteredClaimNames.Sub, applicationUser.Email),
new Claim(JwtRegisteredClaimNames.Jti, await _jwtOptions.JtiGenerator()),
new Claim(JwtRegisteredClaimNames.Iat,
_tokenProviderMiddleware.ToUnixEpochDate(_jwtOptions.IssuedAt).ToString(), ClaimValueTypes.Integer64),
identity.FindFirst("IdentityUser")
};
// Create the JWT security token and encode it.
var jwt = new JwtSecurityToken(
issuer: _jwtOptions.Issuer,
audience: _jwtOptions.Audience,
claims: claims,
notBefore: _jwtOptions.NotBefore,
expires: _jwtOptions.Expiration,
signingCredentials: _jwtOptions.SigningCredentials);
var encodedJwt = new JwtSecurityTokenHandler().WriteToken(jwt);
// Serialize and return the response
var response = new
{
access_token = encodedJwt,
expires_in = (int)_jwtOptions.ValidFor.TotalSeconds
};
var json = JsonConvert.SerializeObject(response, _serializerSettings);
return(new OkObjectResult(json));
}