Exemplo n.º 1
0
        public IHttpActionResult Authenticate([FromBody] LoginRequest login)
        {
            LoginRequest loginrequest = new LoginRequest {
            };

            loginrequest.Username = login.Username;
            loginrequest.Password = login.Password;

            HttpResponseMessage responseMsg = new HttpResponseMessage();
            bool isUsernamePasswordValid    = false;

            if (login != null)
            {
                if (loginrequest.Username == "!S3Lvmue1uhjaT4vr#6fyVIiMO1AijD4hKn2gRObRPGzbF4TSe" &&
                    loginrequest.Password == "13NzgZpJT8Unk#q^jz!b9R1Da#h8sit9XgAXsuwEb&Fa&I3L89Rj5^Qp$d^MKVtpHDZ@M6JomuBHsvI2uMWY7GNL@gJ*ATmX1u6MMuF77GvHB9BzD66nJcimn1thhpb$u1$xt256pb&iMTutt#U#d8Q@gR6MwRlx6iD3M*fzZe5WIhy3K@DRMofsD6d#X@MMHOWiv*w2jpdGdSVPoGu2*GOT!E$Mk7S#44eef4xwFBT%VyKo16m6&25rhfP551Oh")
                {
                    isUsernamePasswordValid = true;
                }
                else
                {
                    isUsernamePasswordValid = false;
                }
            }

            // if credentials are valid
            if (isUsernamePasswordValid)
            {
                GeneratedTokenResponse GeneratedTokenResponse = CreateToken(loginrequest.Username);

                //return the token json
                return(Ok(GeneratedTokenResponse));
            }
            else
            {
                LoginResponseCode loginResponse = new LoginResponseCode {
                };

                // if credentials are not valid send unauthorized status code in response
                loginResponse.ResponseMsg.StatusCode = HttpStatusCode.Unauthorized;
                return(Content(loginResponse.ResponseMsg.StatusCode, "Incorrect username or password! Please try again.", Configuration.Formatters.JsonFormatter));
            }
        }
Exemplo n.º 2
0
        private GeneratedTokenResponse CreateToken(string username)
        {
            //Set issued at date
            DateTime issuedAt = DateTime.UtcNow;
            //set the time when it expires
            DateTime expires = issuedAt.AddDays(7);

            //http://stackoverflow.com/questions/18223868/how-to-encrypt-jwt-security-token
            var tokenHandler = new JwtSecurityTokenHandler();

            //create a identity and add claims to the user which we want to log in
            ClaimsIdentity claimsIdentity = new ClaimsIdentity(new[]
            {
                new Claim(ClaimTypes.Name, username)
            });

            const string sec = "6vfkszunr3d3p46kh778aszjqkr9466m5b5m6rx3ea3g3382veg7b2pgb9j93qqdt2heds8aw7f9yvjyzzk6cfxur6nmaf8sgrsqkt546nsn3f3kazg9gqga9pt586wqjb8wvtzwsb76htrfj2afesp8ksfgnmrnt27h5j5884av6a8kfqaeqcfestzd4dp4288z2dwaucgy8hegtxjuryhvsts89nd7fmmes9445mejdh8588wev85tacs2e2eq";

            var securityKey        = new Microsoft.IdentityModel.Tokens.SymmetricSecurityKey(System.Text.Encoding.Default.GetBytes(sec));
            var signingCredentials = new Microsoft.IdentityModel.Tokens.SigningCredentials(securityKey, Microsoft.IdentityModel.Tokens.SecurityAlgorithms.HmacSha256Signature);


            //create the jwt
            var token =
                (JwtSecurityToken)
                tokenHandler.CreateJwtSecurityToken(issuer: "http://localhost:60483", audience: "http://localhost:60483",
                                                    subject: claimsIdentity, notBefore: issuedAt, expires: expires, signingCredentials: signingCredentials);
            var tokenString = tokenHandler.WriteToken(token);

            GeneratedTokenResponse GeneratedTokenResponse = new GeneratedTokenResponse
            {
                Issued_At        = issuedAt,
                Expires_At       = expires.ToString("o"),
                Requesting_Token = username,
                Token            = "Bearer " + tokenString,
            };

            return(GeneratedTokenResponse);
        }