public IHttpActionResult Authenticate([FromBody] LoginRequest login)
{
LoginRequest loginrequest = new LoginRequest {
};
loginrequest.Username = login.Username;
loginrequest.Password = login.Password;
HttpResponseMessage responseMsg = new HttpResponseMessage();
bool isUsernamePasswordValid = false;
if (login != null)
{
if (loginrequest.Username == "!S3Lvmue1uhjaT4vr#6fyVIiMO1AijD4hKn2gRObRPGzbF4TSe" &&
loginrequest.Password == "13NzgZpJT8Unk#q^jz!b9R1Da#h8sit9XgAXsuwEb&Fa&I3L89Rj5^Qp$d^MKVtpHDZ@M6JomuBHsvI2uMWY7GNL@gJ*ATmX1u6MMuF77GvHB9BzD66nJcimn1thhpb$u1$xt256pb&iMTutt#U#d8Q@gR6MwRlx6iD3M*fzZe5WIhy3K@DRMofsD6d#X@MMHOWiv*w2jpdGdSVPoGu2*GOT!E$Mk7S#44eef4xwFBT%VyKo16m6&25rhfP551Oh")
{
isUsernamePasswordValid = true;
}
else
{
isUsernamePasswordValid = false;
}
}
// if credentials are valid
if (isUsernamePasswordValid)
{
GeneratedTokenResponse GeneratedTokenResponse = CreateToken(loginrequest.Username);
//return the token json
return(Ok(GeneratedTokenResponse));
}
else
{
LoginResponseCode loginResponse = new LoginResponseCode {
};
// if credentials are not valid send unauthorized status code in response
loginResponse.ResponseMsg.StatusCode = HttpStatusCode.Unauthorized;
return(Content(loginResponse.ResponseMsg.StatusCode, "Incorrect username or password! Please try again.", Configuration.Formatters.JsonFormatter));
}
}
private GeneratedTokenResponse CreateToken(string username)
{
//Set issued at date
DateTime issuedAt = DateTime.UtcNow;
//set the time when it expires
DateTime expires = issuedAt.AddDays(7);
//http://stackoverflow.com/questions/18223868/how-to-encrypt-jwt-security-token
var tokenHandler = new JwtSecurityTokenHandler();
//create a identity and add claims to the user which we want to log in
ClaimsIdentity claimsIdentity = new ClaimsIdentity(new[]
{
new Claim(ClaimTypes.Name, username)
});
const string sec = "6vfkszunr3d3p46kh778aszjqkr9466m5b5m6rx3ea3g3382veg7b2pgb9j93qqdt2heds8aw7f9yvjyzzk6cfxur6nmaf8sgrsqkt546nsn3f3kazg9gqga9pt586wqjb8wvtzwsb76htrfj2afesp8ksfgnmrnt27h5j5884av6a8kfqaeqcfestzd4dp4288z2dwaucgy8hegtxjuryhvsts89nd7fmmes9445mejdh8588wev85tacs2e2eq";
var securityKey = new Microsoft.IdentityModel.Tokens.SymmetricSecurityKey(System.Text.Encoding.Default.GetBytes(sec));
var signingCredentials = new Microsoft.IdentityModel.Tokens.SigningCredentials(securityKey, Microsoft.IdentityModel.Tokens.SecurityAlgorithms.HmacSha256Signature);
//create the jwt
var token =
(JwtSecurityToken)
tokenHandler.CreateJwtSecurityToken(issuer: "http://localhost:60483", audience: "http://localhost:60483",
subject: claimsIdentity, notBefore: issuedAt, expires: expires, signingCredentials: signingCredentials);
var tokenString = tokenHandler.WriteToken(token);
GeneratedTokenResponse GeneratedTokenResponse = new GeneratedTokenResponse
{
Issued_At = issuedAt,
Expires_At = expires.ToString("o"),
Requesting_Token = username,
Token = "Bearer " + tokenString,
};
return(GeneratedTokenResponse);
}
