public async Task <IActionResult> Authenticate([FromBody] AuthenticateModel model) { AuthenticatedResult authenticatedResult = new AuthenticatedResult(); // This doesn't count login failures towards account lockout // To enable password failures to trigger account lockout, set lockoutOnFailure: true var result = await _signInManager.PasswordSignInAsync(model.Email, model.Password, false, lockoutOnFailure : false); if (result.Succeeded) { //current user var user = await _userManager.FindByNameAsync(model.Email).ConfigureAwait(true); // Get the roles for the user var roles = await _userManager.GetRolesAsync(user).ConfigureAwait(true); var RoleDetails = _context.Roles.Where(o => o.Name == roles[0]).FirstOrDefault(); authenticatedResult.Authenticated = true; authenticatedResult.Email = user.Email; authenticatedResult.OrgID = 1; authenticatedResult.Role = RoleDetails.DisplayName; authenticatedResult.RoleID = RoleDetails.Id; authenticatedResult.UserID = user.Id; authenticatedResult.UserName = user.UserName; authenticatedResult.Phone = user.PhoneNumber; authenticatedResult.StatusCode = StatusCodes.Status200OK; authenticatedResult = _authenticationServices.GenerateJWT(authenticatedResult); return(Ok(authenticatedResult)); } else if (result.RequiresTwoFactor) { authenticatedResult.Authenticated = false; authenticatedResult.StatusCode = StatusCodes.Status203NonAuthoritative; authenticatedResult.ErrorMessages = new List <string> { "two factor authentication is allowed. " }; return(Ok(authenticatedResult)); } else if (result.IsLockedOut) { authenticatedResult.Authenticated = false; authenticatedResult.StatusCode = StatusCodes.Status401Unauthorized; authenticatedResult.ErrorMessages = new List <string> { "Your account is locked. please contact your system administrator." }; return(Ok(authenticatedResult)); } else { authenticatedResult.Authenticated = false; authenticatedResult.StatusCode = StatusCodes.Status401Unauthorized; authenticatedResult.ErrorMessages = new List <string> { "Incorrect email or password." }; return(Ok(authenticatedResult)); } }
public AuthenticatedResult GenerateJWT(AuthenticatedResult authenticatedResult) { var tokenHandler = new JwtSecurityTokenHandler(); var key = Encoding.ASCII.GetBytes(_appSettings.Secret); var tokenDescriptor = new SecurityTokenDescriptor { Subject = new ClaimsIdentity(new Claim[] { new Claim(ClaimTypes.Name, authenticatedResult.UserID.ToString()), new Claim(ClaimTypes.Role, authenticatedResult.RoleID.ToString()) }), Expires = DateTime.UtcNow.AddDays(1), SigningCredentials = new SigningCredentials(new SymmetricSecurityKey(key), SecurityAlgorithms.HmacSha256Signature) }; var token = tokenHandler.CreateToken(tokenDescriptor); authenticatedResult.Token = tokenHandler.WriteToken(token); return(authenticatedResult); }