public async Task <IActionResult> Login(UserForLoginDto dto)
{
var userFromRepo = await _repo.Login(dto.Username.ToLower(), dto.Password);
if (userFromRepo == null)
{
return(Unauthorized("Pas autorisé à se connecter"));
}
var claims = new[]
{
new Claim(ClaimTypes.NameIdentifier, userFromRepo.Id.ToString()),
new Claim(ClaimTypes.Name, userFromRepo.Username)
};
var key = new SymmetricSecurityKey(Encoding.UTF8
.GetBytes(_config.GetSection("AppSettings:Token").Value));
var creds = new SigningCredentials(key, SecurityAlgorithms.HmacSha512Signature);
var tokenDescriptor = new SecurityTokenDescriptor
{
Subject = new ClaimsIdentity(claims),
Expires = DateTime.Now.AddDays(1),
SigningCredentials = creds
};
var tokenHandler = new JwtSecurityTokenHandler();
var token = tokenHandler.CreateToken(tokenDescriptor);
LoginReturnDto loginDto = new LoginReturnDto
{
Token = tokenHandler.WriteToken(token),
User = _mapper.Map <UserForLoginReturnDto>(userFromRepo),
};
return(Ok(loginDto));
}
/// <summary>
/// Login
/// </summary>
/// <param name="dto">Dto</param>
/// <returns></returns>
public async Task <HttpResponseMessage> PostLogin(UserForLoginDto dto)
{
_storage.RemoveItem("token");
_storage.RemoveItem("username");
var requestJson = Json.Serialize(dto);
HttpRequestMessage req = new HttpRequestMessage(HttpMethod.Post, $"{Constants.URL_BASE}api/User/login");
req.Content = new StringContent(requestJson, Encoding.Default, "application/json");
var response = await _httpClient.SendAsync(req);
if (response.StatusCode == System.Net.HttpStatusCode.OK)
{
// Set local storage
string content = await response.Content.ReadAsStringAsync();
LoginReturnDto _dto = Json.Deserialize <LoginReturnDto>(content);
_storage["token"] = _dto.Token;
_storage["username"] = _dto.User.Username;
}
return(response);
}
