public async Task <ActionResult <UserLoginResponseContract> > Authenticate([FromBody] UserForAuthenticationContract userForAuthContract) { User user = await this.userManager.FindByNameAsync(userForAuthContract.UserName); // no username in our base if (user is null) { return(Unauthorized(new ErrorDetails() { StatusCode = StatusCodes.Status401Unauthorized, Message = "Wrong password or login." })); } var passCheck = await this.signInManager.CheckPasswordSignInAsync(user, userForAuthContract.Password, true); // Check password correct. if (!passCheck.Succeeded) { int leftAttempts = userManager.Options.Lockout.MaxFailedAccessAttempts - user.AccessFailedCount; return(Unauthorized(new ErrorDetails() { StatusCode = StatusCodes.Status401Unauthorized, Message = passCheck.IsLockedOut ? $"The account is blocked to {user.LockoutEnd}" : $"Wrong password or login. {leftAttempts} login attempts remaining." })); } var roles = await this.userManager.GetRolesAsync(user); UserLoginResponseContract res = new UserLoginResponseContract() { UserName = user.UserName, UserId = user.Id.ToString(), UserFullName = $"{user.FirstName} {user.LastName}", Token = await this.authManager.CreateToken(user), Roles = roles.ToArray() }; return(Ok(res)); }
public async Task <bool> ValidateUser(UserForAuthenticationContract userForAuth) { var user = await this.userManager.FindByNameAsync(userForAuth.UserName); return(user != null && await this.userManager.CheckPasswordAsync(user, userForAuth.Password)); }