public async Task AuthenticateRequestAsync(
HttpContext context,
FaToolUserManager userManager)
{
var authCookie = context.Request.Cookies[FormsAuthentication.FormsCookieName];
if (authCookie != null)
{
FormsAuthenticationTicket authTicket = FormsAuthentication.Decrypt(authCookie.Value);
if (authTicket != null && !authTicket.Expired)
{
var user = await userManager.FindByNameAsync(authTicket.Name);
if (user != null)
{
var identity = await userManager.CreateIdentityAsync(user, DefaultAuthenticationTypes.ApplicationCookie);
context.User = new ClaimsPrincipal(identity);
}
}
else if (authTicket.Expired)
{
throw new HttpException((int)HttpStatusCode.Unauthorized, "Login has been expired.");
}
}
}
private async Task <string> GenerateJwtTokenAsync(
FaToolUserManager userManager,
FaToolUser user)
{
var identity = await userManager.CreateIdentityAsync(user, DefaultAuthenticationTypes.ApplicationCookie);
var claims = identity.Claims;
var key = new SymmetricSecurityKey(Encoding.UTF8.GetBytes("SOME_RANDOM_KEY_DO_NOT_SHARE"));
var creds = new SigningCredentials(key, SecurityAlgorithms.HmacSha256);
var expires = DateTime.Now.AddMinutes(30);
var issuer = "http://fatool.com";
var tokenHandler = new JwtSecurityTokenHandler();
var token = new JwtSecurityToken(
issuer,
issuer,
claims,
expires: expires,
signingCredentials: creds
);
return(tokenHandler.WriteToken(token));
}