//Find user in db and grant token public override async Task GrantResourceOwnerCredentials(OAuthGrantResourceOwnerCredentialsContext context) { context.OwinContext.Response.Headers.Add("Access-Control-Allow-Origin", new[] { "*" }); IdentityUser user; using (AuthRepository authRepository = new AuthRepository()) { user = await authRepository.FindUser(context.UserName, context.Password); if (user == null) { context.SetError("invalid_grant", "The user name or password is incorrect."); return; } } var identity = new ClaimsIdentity(context.Options.AuthenticationType); identity.AddClaim(new Claim("sub", context.UserName)); identity.AddClaim(new Claim("role", "user")); identity.AddClaim(new Claim(ClaimTypes.NameIdentifier, user.Id)); //Generating token context.Validated(identity); }
public AccountController() { repository = new AuthRepository(); }