Exemplo n.º 1
0
        public ActionResult <string> PostUsers([FromBody] User user)
        {
            if (authenticationRepository.AuthenticateUser(user))
            {
                var claims = new[]
                {
                    new Claim(JwtRegisteredClaimNames.Sub, user.userName)
                };

                var signingKey = new SymmetricSecurityKey(
                    Encoding.UTF8.GetBytes("MyKeyForAuthentication"));

                var token = new JwtSecurityToken(
                    issuer: "iiht.com",
                    audience: "trainees",
                    expires: DateTime.Now.AddHours(1),
                    claims: claims,
                    signingCredentials:
                    new SigningCredentials(signingKey,
                                           SecurityAlgorithms.HmacSha256)
                    );

                return(Ok(new TokenResponse
                {
                    Token = new JwtSecurityTokenHandler().WriteToken(token),
                    Expiration = token.ValidTo
                }));
            }

            return(Unauthorized());
        }
Exemplo n.º 2
0
        public async Task <IActionResult> SignInUser(User user)
        {
            var userFromRepo = _repo.AuthenticateUser(user);

            if (userFromRepo == null)
            {
                ViewBag.ErrorMessage = "Your email or password is incorrect.";
                return(View("Login"));
            }

            var claims = new List <Claim>
            {
                new Claim(ClaimTypes.Name, userFromRepo.Email),
                new Claim("FirstName", userFromRepo.FirstName),
                new Claim("LastName", userFromRepo.LastName),
                new Claim(ClaimTypes.Role, "User")
            };

            var claimsIdentity = new ClaimsIdentity(claims, CookieAuthenticationDefaults.AuthenticationScheme);

            var authProperties = new AuthenticationProperties
            {
                AllowRefresh = true,
                ExpiresUtc   = DateTimeOffset.UtcNow.AddMinutes(30),
                IsPersistent = true,
                RedirectUri  = "/Home/Index"
            };

            await HttpContext.SignInAsync(CookieAuthenticationDefaults.AuthenticationScheme, new ClaimsPrincipal(claimsIdentity), authProperties);

            return(RedirectToAction("Index", "Home"));
        }
Exemplo n.º 3
0
        public IActionResult UserLoginAsync([FromBody] User user)
        {
            if (user == null)
            {
                logger.LogInformation(400, "Bad Request");
                return(BadRequest());
            }

            if (!ModelState.IsValid)
            {
                logger.LogInformation(422, "Validation error");
                return(new UnprocessableEntityObjectResult(ModelState));
            }

            if (string.IsNullOrWhiteSpace(user.UserName) ||
                string.IsNullOrWhiteSpace(user.Password))
            {
                logger.LogInformation(400, "Username or Password not provided`");
                return(new UnprocessableEntityObjectResult(ModelState));
            }

            AuthenticationResponse response = new AuthenticationResponse();

            try
            {
                if (repository.AuthenticateUser(user))
                {
                    var claims = new[]
                    {
                        new Claim(JwtRegisteredClaimNames.Sub, user.UserName)
                    };

                    var signingKey = new SymmetricSecurityKey(
                        Encoding.UTF8.GetBytes(
                            configuration
                            .GetSection("AuthenticationDetails")
                            .GetSection("SecretKey").Value));

                    var token = new JwtSecurityToken(
                        issuer: configuration
                        .GetSection("AuthenticationDetails")
                        .GetSection("ValidIssuer").Value,
                        audience: configuration
                        .GetSection("AuthenticationDetails")
                        .GetSection("ValidAudience").Value,
                        expires: DateTime.Now.AddHours(1),
                        claims: claims,
                        signingCredentials:
                        new SigningCredentials(signingKey,
                                               SecurityAlgorithms.HmacSha256)
                        );

                    response.TokenList = new List <TokenResponse>()
                    {
                        new TokenResponse
                        {
                            Token = new JwtSecurityTokenHandler().WriteToken(
                                token),
                            Expiration = token.ValidTo
                        }
                    };

                    logger.LogInformation(200, "SuccessIndicator = true");
                    response.SuccessIndicator = true;

                    return(Ok(response));
                }

                logger.LogInformation(200,
                                      "SuccessIndicator = false. User not authorized");
                return(Unauthorized());
            }
            catch (Exception ex)
            {
                var faultObj = new Fault()
                {
                    FaultMessage = ex.Message,
                    FaultSource  = ex.Source
                };

                if (ex.InnerException != null &&
                    !string.IsNullOrWhiteSpace(ex.InnerException.Message))
                {
                    faultObj.InnerMessage = ex.InnerException.Message;
                }

                response.Fault            = faultObj;
                response.SuccessIndicator = false;
                logger.LogError(500, faultObj.FaultMessage);
                logger.LogInformation(500, "sucessIndicator = false");
            }
            return(new InternalServerErrorObjectResult(response));
        }