// [ValidateAntiForgeryToken]
public async Task <ActionResult> Login(LoginModel model)
{
var error = "";
ApiToken tokenData = null;
if (ModelState.IsValid)
{
if (WebSecurity.Login(model.Email, new Security(model.Password).Encrypt(), persistCookie: false)) //Check the database
{
var user = GetUserRepository().GetUserProfile(model.Email);
string role = ((UserRole)user.RoleId).ToString();
string baseUrl = Request.Url.AbsoluteUri.ToLowerInvariant().Contains("localhost") ? AppKeys.LocalApiDomain : AppKeys.LocalApiDomain;
tokenData = await WebHelper.GetTokenAsync(model.Email, model.Password, baseUrl);
List <Claim> claims = new ClaimExtension().AddClaims(model.Email, user.UserId.ToString(), user.FirstName + " " + user.LastName, role);
if (null != claims)
{
AddClaims(claims);
}
}
else
{
error = ("Invalid username or password!.");
}
}
else
{
error = ("Data is not valid!.");
}
return(Json(new { status = error == "", error, tokenData }));
}
/// <summary>
/// Create authentication token voor given user
/// </summary>
/// <param name="user">The user that want to login</param>
/// <returns>The created token</returns>
public string CreateAuthenticationToken(User user)
{
Claim[] claims = ClaimExtension.GenerateUserClaims(user.ID, user.Name);
SymmetricSecurityKey key = new SymmetricSecurityKey(Encoding.UTF8.GetBytes(_configuration["AppSettings:AppSecret"]));
SigningCredentials credentials = new SigningCredentials(key, SecurityAlgorithms.HmacSha512Signature);
IdentityModelEventSource.ShowPII = true;
SecurityTokenDescriptor tokenDescriptor = new SecurityTokenDescriptor
{
Subject = new ClaimsIdentity(claims, "jwt"),
Expires = DateTime.Now.AddDays(1),
SigningCredentials = credentials
};
JwtSecurityTokenHandler tokenHandler = new JwtSecurityTokenHandler();
SecurityToken token = tokenHandler.CreateToken(tokenDescriptor);
return(tokenHandler.WriteToken(token));
}
/// <summary>
/// Create invite token for a group invitation
/// </summary>
/// <param name="user">The user that is invited</param>
/// <param name="group">The Group where the user is invited for</param>
/// <returns>Return jwt token</returns>
public string CreateInviteToken(User user, Group group)
{
Claim[] claims = ClaimExtension.GenerateInviteClaims(user.ID, group.ID);
SigningCredentials credentials = CreateSigningCredentials();
IdentityModelEventSource.ShowPII = true;
SecurityTokenDescriptor tokenDescriptor = new SecurityTokenDescriptor
{
Subject = new ClaimsIdentity(claims, "jwt"),
Expires = DateTime.Now.AddDays(1),
SigningCredentials = credentials,
Issuer = user.ID.ToString(),
Audience = user.ID.ToString()
};
JwtSecurityTokenHandler tokenHandler = new JwtSecurityTokenHandler();
JwtSecurityToken token = tokenHandler.CreateJwtSecurityToken(tokenDescriptor);
return(tokenHandler.WriteToken(token));
}
public async Task <IActionResult> Login([FromBody] LoginViewModel loginViewModel)
{
try
{
var user = await _userManager.FindByNameAsync(loginViewModel.Email);
var now = DateTime.Now;
var refreshToken = "";
if (user != null)
{
if (_haser.VerifyHashedPassword(user, user.PasswordHash, loginViewModel.Password)
== PasswordVerificationResult.Success)
{
var userClaims = await _userManager.GetClaimsAsync(user);
List <AppUserClaim> appUserClaim = new List <AppUserClaim>();
foreach (var item in userClaims)
{
appUserClaim.Add(new AppUserClaim()
{
ClaimType = item.Type,
ClaimValue = item.Value,
UserId = user.Id,
ClaimId = null
});
}
if (appUserClaim == null)
{
}
if (loginViewModel.RememberMe)
{
var refresh_token = Guid.NewGuid().ToString().Replace("-", "");
if (!await _roleManager.RoleExistsAsync("RefreshToken"))
{
await _roleManager.CreateAsync(new IdentityRole { Name = "RefreshToken" });
}
await _userManager.AddToRoleAsync(user, "RefreshToken");
var isToRemembered = await _userManager.IsInRoleAsync(user, "RefreshToken");
if (isToRemembered)
{
IIdentity identity = new GenericIdentity(user.UserName);
ClaimsIdentity claimsIdentity = new ClaimsIdentity(identity);
claimsIdentity.AddClaims(userClaims.OrderBy(c => c.Type));
//Add refresh token to current user's identity claims
await ClaimExtension.AddUpdateClaimAsync(claimsIdentity, _userManager, user, "RefreshToken", refresh_token);
await ClaimExtension.AddUpdateClaimAsync(claimsIdentity, _userManager, user, "DaysToExpire", _config["Tokens:DaysToExpireRefreshToken"]);
await ClaimExtension.AddUpdateClaimAsync(claimsIdentity, _userManager, user, "RefreshTokenExpired", "False");
}
refreshToken = refresh_token;
}
//var userClaims = await _userManager.GetClaimsAsync(user);
var claims = new[]
{
new Claim(JwtRegisteredClaimNames.Sub, user.UserName),
new Claim(JwtRegisteredClaimNames.Jti, Guid.NewGuid().ToString())
}.Union(userClaims);
var key = new SymmetricSecurityKey(Encoding.UTF8.GetBytes(_config["Tokens:Key"]));
var cred = new SigningCredentials(key, SecurityAlgorithms.HmacSha256);
var jwt = new JwtSecurityToken(
issuer: _config["Tokens:Issuer"],
audience: _config["Tokens:Audience"],
claims: claims,
signingCredentials: cred,
expires: now.AddMinutes(Convert.ToInt32(
_config["Tokens:MinutesToExpiration"]))
);
var handler = new JwtSecurityTokenHandler();
var encodedJwt = handler.WriteToken(jwt);
var token = new OAuthToken
{
UserId = user.Id.ToString(),
UserName = user.UserName,
BearerToken = encodedJwt,
ExpiresIn = jwt.ValidTo,
RefreshToken = refreshToken,
Claims = appUserClaim,
IsAuthenticated = true
};
return(Ok(token));
}
}
}
catch (Exception)
{
throw;
}
return(BadRequest("Something bad happened"));
}
