public async Task <ActionResult> Login(LoginView loginView)
{
try
{
if (ModelState.IsValid)
{
string hashed = Convert.ToBase64String(KeyDerivation.Pbkdf2(
password: loginView.Clave,
salt: System.Text.Encoding.ASCII.GetBytes(config["Salt"]),
prf: KeyDerivationPrf.HMACSHA1,
iterationCount: 1000,
numBytesRequested: 256 / 8));
var p = repo.GetByEmail(loginView.Email);
if (p == null || p.Clave != hashed)
{
ViewBag.Mensaje = "Datos inválidos";
return(View());
}
var claims = new List <Claim>
{
new Claim(ClaimTypes.Name, p.Email),
//new Claim(ClaimTypes.Name, p.Nombre),
//new Claim(ClaimTypes.Email, p.Email),
new Claim("Identity", p.IdPropietario.ToString()),
new Claim(ClaimTypes.Role, p.IdPropietario < 10 ? "RolAdmin" : "RolEmpresa"),
};
var claimsIdentity = new ClaimsIdentity(
claims, CookieAuthenticationDefaults.AuthenticationScheme);
var authProperties = new AuthenticationProperties
{
//AllowRefresh = <bool>,
// Refreshing the authentication session should be allowed.
AllowRefresh = true,
//ExpiresUtc = DateTimeOffset.UtcNow.AddMinutes(10),
// The time at which the authentication ticket expires. A
// value set here overrides the ExpireTimeSpan option of
// CookieAuthenticationOptions set with AddCookie.
//IsPersistent = true,
// Whether the authentication session is persisted across
// multiple requests. When used with cookies, controls
// whether the cookie's lifetime is absolute (matching the
// lifetime of the authentication ticket) or session-based.
//IssuedUtc = <DateTimeOffset>,
// The time at which the authentication ticket was issued.
//RedirectUri = <string>
// The full path or absolute URI to be used as an http
// redirect response value.
};
await HttpContext.SignInAsync(
CookieAuthenticationDefaults.AuthenticationScheme,
new ClaimsPrincipal(claimsIdentity),
authProperties);
return(RedirectToAction("Index"));
}
else
{
return(View());//Ver mensaje a devolver
}
}
catch (Exception ex)
{
ViewBag.Error = ex.Message;
ViewBag.StackTrate = ex.StackTrace;
return(View());
}
}
