private static IEnumerable <Claim> GetTokenClaims(UserAuthenticate user, IConfiguration Configuration)
{
return(new List <Claim>
{
new Claim(JwtRegisteredClaimNames.Jti, Guid.NewGuid().ToString()),
new Claim(JwtRegisteredClaimNames.Sub, user.Email),
new Claim(JwtRegisteredClaimNames.Email, user.Email)
});
}
public async Task <IActionResult> Post([FromBody] UserAuthenticate model)
{
var token = await GetJwtSecurityToken(model);
return(Ok(new
{
token = new JwtSecurityTokenHandler().WriteToken(token),
expiration = token.ValidTo
}));
}
private async Task <ClaimsIdentity> GetIdentity(UserAuthenticate model)
{
var result = await _signInManager.PasswordSignInAsync(model.Email, model.Password, false, false);
if (result.Succeeded)
{
return(new ClaimsIdentity(new System.Security.Principal.GenericIdentity(model.Email, "Token"), new Claim[] { }));
}
return(null);
}
private async Task <JwtSecurityToken> GetJwtSecurityToken(UserAuthenticate user)
{
var identity = await GetIdentity(user);
if (identity == null)
{
throw new UnauthorizedAccessException();
}
return(new JwtSecurityToken(
issuer: Configuration["Tokens:Issuer"],
audience: Configuration["Tokens:Issuer"],
claims: GetTokenClaims(user, Configuration),
expires: DateTime.UtcNow.AddMinutes(10),
signingCredentials: new SigningCredentials(new SymmetricSecurityKey(Encoding.UTF8.GetBytes(Configuration["Tokens:Key"])), SecurityAlgorithms.HmacSha256)
));
}
