public async Task <IActionResult> Login([FromBody] LoginViewModel model)
{
if (!ModelState.IsValid)
{
return(BadRequest(ModelState));
}
User user = await _userManager.FindByNameAsync(model.Email);
if (user == null)
{
ModelState.AddModelError("login_error", "user not found");
return(BadRequest());
}
// return claims information
List <Claim> claims = new List <Claim>();
var roles = await _userManager.GetRolesAsync(user);
foreach (string role in roles)
{
claims.Add(new Claim(ClaimTypes.Role, role));
}
var result = await _signInManager.CheckPasswordSignInAsync(user, model.Password, false);
if (result.Succeeded)
{
var jwt = await _jwtManager.GenerateJwtStringAsync(model.Email, claims);
if (jwt == null)
{
ModelState.AddModelError("login_error", "authentication error");
return(BadRequest(ModelState));
}
// return jwt in cookie
HttpContext.Response.Cookies.Append("Authorization", "Bearer " + jwt, new CookieOptions {
HttpOnly = true
});
string name = "user";
return(Ok(new
{
role = roles.Contains("admin") ? "admin" : "user",
name = name
}));
}
else
{
if (result.IsLockedOut)
{
ModelState.AddModelError("login_error", "Account is locked out");
}
else if (result.IsNotAllowed)
{
ModelState.AddModelError("login_error", "Account access is not allowed");
}
else
{
ModelState.AddModelError("login_error", "Incorrect username/password");
}
return(BadRequest(ModelState));
}
}