Exemplo n.º 1
0
        public (Employee, string) Authenticate(Employee employeeIn)
        {
            //todo brug db context her til at sammenligne employee brugere..
            //var employee = employeeList.SingleOrDefault(x => x.Username == userName && x.Password == password);

            var userFound = db.GetEmployeeLogin(employeeIn.Username, employeeIn.Password);

            // return null if employee is not found
            if (userFound == null)
            {
                return(null, null);
            }

            (Employee, string)elevatedUser;
            elevatedUser.Item1 = userFound;

            var tokenHandler    = new JwtSecurityTokenHandler();
            var key             = Encoding.ASCII.GetBytes(_appSettings.SecretKey);
            var tokenDescriptor = new SecurityTokenDescriptor
            {
                Subject = new ClaimsIdentity(new Claim[] {
                    new Claim(ClaimTypes.Name, elevatedUser.Item1.Id.ToString()),
                    new Claim(ClaimTypes.Role, "Admin"),
                    new Claim(ClaimTypes.Version, "V3.1")
                }),
                Expires            = DateTime.UtcNow.AddDays(2),
                SigningCredentials = new SigningCredentials(new SymmetricSecurityKey(key), SecurityAlgorithms.HmacSha256Signature),
            };
            var token = tokenHandler.CreateToken(tokenDescriptor);

            elevatedUser.Item2 = tokenHandler.WriteToken(token);

            elevatedUser.Item1.Password = "******";

            return(elevatedUser);
        }
Exemplo n.º 2
0
        public IActionResult Login(string username, string password)
        {
            var userFound = db.GetEmployeeLogin(username, password);

            return(Json(userFound));
        }