Exemplo n.º 1
0
        public override async Task GrantResourceOwnerCredentials(OAuthGrantResourceOwnerCredentialsContext context)
        {
            //// Bawaannya .NET
            //var userManager = context.OwinContext.GetUserManager<ApplicationUserManager>();

            //ApplicationUser user = await userManager.FindAsync(context.UserName, context.Password);

            //if (user == null)
            //{
            //    context.SetError("invalid_grant", "The user name or password is incorrect.");
            //    return;
            //}

            //ClaimsIdentity oAuthIdentity = await user.GenerateUserIdentityAsync(userManager,
            //   OAuthDefaults.AuthenticationType);
            //ClaimsIdentity cookiesIdentity = await user.GenerateUserIdentityAsync(userManager,
            //    CookieAuthenticationDefaults.AuthenticationType);

            //AuthenticationProperties properties = CreateProperties(user.UserName);
            //AuthenticationTicket ticket = new AuthenticationTicket(oAuthIdentity, properties);
            //context.Validated(ticket);
            //context.Request.Context.Authentication.SignIn(cookiesIdentity);

            var identity = new ClaimsIdentity(context.Options.AuthenticationType);
            //refresh current token
            var getIdentity = identity.Claims.FirstOrDefault(x => x.Value == context.UserName);

            identity.TryRemoveClaim(getIdentity);

            // Custom sendiri nih
            bool getLogin = LoginSet.UsernamePassword(context.UserName, context.Password);

            if (!getLogin)
            {
                context.SetError("invalid_grant", "The user name or password is incorrect.");
                return;
            }


            identity.AddClaim(new Claim(ClaimTypes.Name, context.UserName));
            // Optional : You can add a role based claim by uncommenting the line below.
            // identity.AddClaim(new Claim(ClaimTypes.Role, "Administrator"));

            context.Validated(identity);
        }
Exemplo n.º 2
0
        // For basic authentication
        public HttpResponseMessage Login([FromUri] string username, [FromUri] string password)
        {
            try
            {
                bool getLogin = LoginSet.UsernamePassword(username, password);
                if (!getLogin)
                {
                    return(Request.CreateResponse(HttpStatusCode.NotFound, "Invalid username / password!"));
                }

                var AccountUser = new AccountUser()
                {
                    Username = username,
                    Password = password,
                };
                var jsonString = JsonConvert.SerializeObject(AccountUser);
                var token      = StringCrypter.Encrypt(jsonString, password);
                return(Request.CreateResponse(HttpStatusCode.OK, token));
            }
            catch (Exception ex)
            {
                return(Request.CreateResponse(HttpStatusCode.BadRequest, "There error :" + ex.Message));
            }
        }