private async Task <AuthenticateResult> ManagerAuthorization(AppRole enumRole) { Manager user = null; try { var authHeader = AuthenticationHeaderValue.Parse(Request.Headers["Authorization"]); var credentialBytes = Convert.FromBase64String(authHeader.Parameter); var credentials = Encoding.UTF8.GetString(credentialBytes).Split(new[] { ':' }, 2); var username = credentials[0]; var query = new GetUserQuery <Manager>() { Login = username }; user = await queryExecutor.Execute(query); if (user == null) { return(AuthenticateResult.Fail("Resource does not exist")); } var password = passwordHasher.HashToCheck(credentials[1], user.Salt); if (user.Password != password) { return(AuthenticateResult.Fail("Wrong password")); } } catch { return(AuthenticateResult.Fail("Invalid Authorization Header")); } var claims = new[] { new Claim(ClaimTypes.NameIdentifier, user.Id.ToString()), new Claim(ClaimTypes.Name, user.Login), new Claim(ClaimTypes.Role, enumRole.ToString()), new Claim(ClaimTypes.UserData, user.Company.Id.ToString()) }; var identity = new ClaimsIdentity(claims, Scheme.Name); var principal = new ClaimsPrincipal(identity); var ticket = new AuthenticationTicket(principal, Scheme.Name); return(AuthenticateResult.Success(ticket)); }
protected override async Task <AuthenticateResult> HandleAuthenticateAsync() { var endpoint = Context.GetEndpoint(); if (endpoint?.Metadata?.GetMetadata <IAllowAnonymous>() != null) { return(AuthenticateResult.NoResult()); } if (!Request.Headers.ContainsKey("Authorization")) { return(AuthenticateResult.Fail("Missing Authorization Header")); } User user = null; try { var authHeader = AuthenticationHeaderValue.Parse(Request.Headers["Authorization"]); var credentialBytes = Convert.FromBase64String(authHeader.Parameter); var credentials = Encoding.UTF8.GetString(credentialBytes).Split(new[] { ':' }, 2); var username = credentials[0]; //var password = credentials[1]; var query = new GetUserQuery() { Username = username }; user = await this.queryExecutor.Execute(query); if (user == null) { return(AuthenticateResult.Fail("Resource does not exist")); } var password = passwordHasher.HashToCheck(credentials[1], user.Salt); if (user.Password != password) { return(AuthenticateResult.Fail("Wrong password")); } } catch { return(AuthenticateResult.Fail("Invalid Authorization Header")); } var claims = new[] { new Claim(ClaimTypes.NameIdentifier, user.CompanyId.ToString()), new Claim(ClaimTypes.Name, user.Username), new Claim(ClaimTypes.Role, user.Permission.ToString()) }; var identity = new ClaimsIdentity(claims, Scheme.Name); var principal = new ClaimsPrincipal(identity); var ticket = new AuthenticationTicket(principal, Scheme.Name); return(AuthenticateResult.Success(ticket)); }