protected override async Task <IPrincipal> AuthenticateAsync(string userName, string password, CancellationToken cancellationToken) { cancellationToken.ThrowIfCancellationRequested(); //ajoutez la logique qui vérifie si le user existe dans la db et vérifié son mot de passe FnucDbContext dbContext = new FnucDbContext(); var userRepository = new Repository <User>(dbContext); var user = dbContext.Users.Where(u => u.Name == userName).FirstOrDefault(); //ici on rajoute la logique pour décoder le mot de pass stocké dans le db(quand il sera crypté) Decoder decoder = new Decoder(); var uncodedPassword = decoder.UncodePassword(user.Password); if (user == null || password != uncodedPassword) { // No user with userName/password exists. return(null); } if (user != null && uncodedPassword == password) { // Create a ClaimsIdentity with all the claims for this user. Claim nameClaim = new Claim(ClaimTypes.Name, userName); List <Claim> claims = new List <Claim> { nameClaim }; // important to set the identity this way, otherwise IsAuthenticated will be false // see: http://leastprivilege.com/2012/09/24/claimsidentity-isauthenticated-and-authenticationtype-in-net-4-5/ ClaimsIdentity identity = new ClaimsIdentity(claims, "Basic"); var principal = new ClaimsPrincipal(identity); return(principal); } return(null); }