public async Task <IActionResult> Login([FromBody] User user)
{
if (_userRepository.GetByUserName(user.UserName) == null)
{
Serilog.Log.Logger.Error("Username is not found.");
return(NotFound());
}
if (_userRepository.ValidateCredentials(user.UserName, user.PasswordHash))
{
var returnedUser = _userRepository.GetByUserName(user.UserName).Result;
// only set explicit expiration here if persistent.
// otherwise we reply upon expiration configured in cookie middleware.
var props = new Microsoft.AspNetCore.Authentication.AuthenticationProperties
{
IsPersistent = true,
ExpiresUtc = DateTimeOffset.UtcNow.AddDays(3650)
};
var employee = await _employeesAccessor.GetEmployeeByIdAsync(returnedUser.ID);
var roles = employee.Roles;
SessionCache.Employees.Add(user.UserName, employee);
var claims = new List <Claim>();
claims.Add(new Claim(ClaimTypes.Sid, employee.ID.ToString(), ClaimValueTypes.UInteger32));
claims.Add(new Claim(ClaimTypes.Email, employee.Email, ClaimValueTypes.Email));
claims.Add(new Claim(ClaimTypes.NameIdentifier, user.UserName));
claims.Add(new Claim(JwtRegisteredClaimNames.Jti, Guid.NewGuid().ToString()));
foreach (var r in roles)
{
claims.Add(new Claim(ClaimTypes.Role, r, ClaimValueTypes.String));
}
var signingKey = new SymmetricSecurityKey(Encoding.UTF8.GetBytes("KlipperSigningKey"));
var token = new JwtSecurityToken(
issuer: "http://www.Klingelnberg.com",
audience: "http://www.Klingelnberg.com",
expires: DateTime.UtcNow.AddDays(5),
claims: claims.ToArray(),
signingCredentials: new Microsoft.IdentityModel.Tokens.SigningCredentials(signingKey, SecurityAlgorithms.HmacSha256)
);
return(Ok(new
{
Token = new JwtSecurityTokenHandler().WriteToken(token),
Expiration = token.ValidTo,
Username = user.UserName
}));
}
ModelState.AddModelError("", "Error in user authentication");
Serilog.Log.Logger.Error("Error in user authentication");
return(Unauthorized());
}
public async Task <IActionResult> Get(int employeeId)
{
var e = await _employeesAccessor.GetEmployeeByIdAsync(employeeId) as Employee;
return(Ok(e));
}