public override async Task GrantResourceOwnerCredentials(OAuthGrantResourceOwnerCredentialsContext context) { context.OwinContext.Response.Headers.Add("Access-Control-Allow-Origin", new[] { "*" }); using (var authRepository = new AuthRepository()) { var user = await authRepository.FindUserAsync(context.UserName, context.Password); if (user == null) { context.SetError("invalid_grant", "The user name or password is incorrect."); return; } var identity = new ClaimsIdentity(OAuthDefaults.AuthenticationType); identity.AddClaim(new Claim(ClaimTypes.Name, user.UserName)); identity.AddClaim(new Claim(ClaimTypes.NameIdentifier, user.Id)); foreach (var role in user.Roles) { var identityRole = await authRepository.FindRoleAsync(role.RoleId); identity.AddClaim(new Claim(ClaimTypes.Role, identityRole.Name)); } var properties = new AuthenticationProperties(new Dictionary<string, string> { { "username", user.UserName } }); var ticket = new AuthenticationTicket(identity, properties); context.Validated(ticket); } }
public AccountController() { _authRepository = new AuthRepository(); }