public static string CreateToken(User user)
{
//Ref: https://www.c-sharpcorner.com/article/asp-net-web-api-2-creating-and-validating-jwt-json-web-token/
var userDetailsClaim = AuthMapper.UserDetailsClaimMap(user);
string userDetails = JsonConvert.SerializeObject(userDetailsClaim);
//Create a List of Claims, Keep claims name short
var permClaims = new List <Claim>();
permClaims.Add(new Claim(JwtRegisteredClaimNames.Jti, Guid.NewGuid().ToString()));
permClaims.Add(new Claim(ClaimTypes.Role, user.Role));
permClaims.Add(new Claim(USER_ID_CLAIM, user.Id.ToString()));
permClaims.Add(new Claim(USER_DETAILS_CLAIM, userDetails));
permClaims.Add(new Claim(USER_ROLE_CLAIM, user.Role));
//Create Security Token object by giving required parameters
var token = new JwtSecurityToken(
TokenIssuer, //Issure
TokenAudience, //Audience
permClaims,
expires: DateTime.Now.AddMinutes(double.Parse(TokenLifetimeInMinutes)),
signingCredentials: SigningCredentials
);
var jwt_token = new JwtSecurityTokenHandler().WriteToken(token);
return(jwt_token);
}
public override void Serialize(Stream stream)
{
using (var w = stream.ToBinaryWriter(true))
{
w.WriteEnum(AuthMapper.GetOpCode(GetType()));
Serializer.Serialize(w, this);
}
}
public IHttpActionResult Login([FromBody] Login login)
{
var existingUser = userService.GetUserByUsername(login.Username);
if (existingUser == null)
{
return(Unauthorized());
}
var isAuthenticated = Crypto.VerifyHashedPassword(existingUser.PasswordHash, login.Password);
if (!isAuthenticated)
{
return(Unauthorized());
}
var token = JwtUtility.CreateToken(existingUser);
var user = AuthMapper.LoginMap(existingUser, token);
return(Ok(user));
}
public ProudMessage GetMessage(ISession session, ushort opCode, BinaryReader r)
{
return(AuthMapper.GetMessage((AuthOpCode)opCode, r));
}
