public IActionResult Post([FromBody] LoginModel model) { if (!ModelState.IsValid) { return(BadRequest("Некорректные данные в запросе")); } var userId = repo.CheckWebPassword(model); var identity = _authHandler.GetIdentity(model.UserName, userId, "customer"); if (identity == null) { return(NotFound(new { result = false, message = "Не верный логин и пароль" })); } var now = DateTime.UtcNow; var custInfo = repo.GetCustomerFIO(Convert.ToInt32(identity.Claims.ElementAt(2).Value)); if (custInfo == null) { return(NotFound(new { result = false, message = "Не верный логин и пароль" })); } string fio = null; if (custInfo != null) { fio = custInfo.FIO; } var jwt = new JwtSecurityToken( issuer: _options.Value.Issuer, audience: GetAUDIENCE(), notBefore: now, claims: identity.Claims, expires: now.AddMonths(1), signingCredentials: new SigningCredentials(AuthOptions.GetSymmetricSecurityKey(_options), SecurityAlgorithms.HmacSha256)); var endcodedJwt = new JwtSecurityTokenHandler().WriteToken(jwt); var response = new LoginSuccessModel { AccessToken = endcodedJwt, UserName = identity.Name, FIO = fio, Phone = custInfo.Phone, Email = custInfo.E_mail, Skype = custInfo.Skype, WhatsApp = custInfo.Whatsapp, Role = identity.Claims.ElementAt(1).Value, UserId = identity.Claims.ElementAt(2).Value, }; var mainImage = service.GetMainImage(); response.MainImage = mainImage; return(Ok(response)); }
public IActionResult Login([FromBody] AdminLoginViewModel model) { if (!ModelState.IsValid) { return(BadRequest("параметры запроса некорректные")); } var loginModel = mapper.Map <LoginModel>(model); // var admin = service.CheckWebPasswordAdmin(loginModel, model.UserName); // после обновления до 5.0 метод выше включить, а код ниже удалить var admin = repo.CheckWebPasswordAdmin(loginModel); if (admin == null) { return(NotFound(new { result = false, message = "Не верный логин и пароль" })); } var now = DateTime.UtcNow; var identity = _authHandler.GetIdentity(model.UserName, admin.Cust_ID, admin.Role); var audience = Request.GetDisplayUrl(); var jwt = new JwtSecurityToken( issuer: _options.Value.Issuer, audience: audience, notBefore: now, claims: identity.Claims, expires: now.AddMonths(1), signingCredentials: new SigningCredentials(AuthOptions.GetSymmetricSecurityKey(_options), SecurityAlgorithms.HmacSha256)); var endcodedJwt = new JwtSecurityTokenHandler().WriteToken(jwt); admin.accessToken = endcodedJwt; // после обновления до 5.0 код выше удалить return(Ok(admin)); }