示例#1
0
        public async Task <ActionResult <AccountResponse> > PostLogin([FromBody] LoginRequest request)
        {
            if (!ModelState.IsValid)
            {
                return(BadRequest());
            }

            var account = await AccountAccessor.Find(request.Username);

            if (account == null)
            {
                return(BadRequest(new { message = "Incorrect username/email" }));
            }

            if (!BCrypt.Net.BCrypt.Verify(Sha512Hmac.HashPassword(request.Password), account.Password))
            {
                return(BadRequest(new { message = "Incorrect password" }));
            }

            // issue cookie
            var claims = new Claim[]
            {
                new Claim(ClaimTypes.Name, account.Id.ToString()),
                new Claim(ClaimTypes.Role, account.Role.ToString()),
            };

            var claimsIdentity = new ClaimsIdentity(claims, CookieAuthenticationDefaults.AuthenticationScheme);

            await HttpContext.SignInAsync(CookieAuthenticationDefaults.AuthenticationScheme, new ClaimsPrincipal(claimsIdentity), authProperties);

            return(Ok(_mapper.Map <AccountResponse>(account)));
        }
示例#2
0
        public async Task <string> Hello([FromBody] LoginRequest request)
        {
            var account = await AccountAccessor.Find(request.Username);

            return("hello world");
        }