public async Task <IActionResult> SignIn(SignInViewModel data) { ViewData["Email"] = data.Email; if (!ModelState.IsValid) { return(PartialView()); } var userSpecification = new UserSpecification() { Email = data.Email }; AuthenticationUser = await _userRepository.ReadAsync(userSpecification); if (AuthenticationUser is null) { ModelState.AddModelError("Invalid", _localizer[AuthenticationErrorMessages.InvalidData]); return(PartialView()); } var passwordVerification = _passwordHasherService.VerifyHashedPassword( user: AuthenticationUser, hashedPassword: AuthenticationUser.PassHash, providedPassword: SignInData.Password); if (passwordVerification == PasswordVerificationResult.Failed) { ModelState.AddModelError("Invalid", _localizer[AuthenticationErrorMessages.InvalidData]); return(PartialView()); } var identity = new ClaimsIdentity( authenticationType: CookieAuthenticationDefaults.AuthenticationScheme, nameType: ClaimTypes.Name, roleType: ClaimTypes.Role); identity.AddClaim(new Claim(ClaimTypes.NameIdentifier, AuthenticationUser.ID.ToString())); identity.AddClaim(new Claim(ClaimTypes.Name, AuthenticationUser.FullName)); identity.AddClaim(new Claim(ClaimTypes.Email, AuthenticationUser.Email)); foreach (var role in AuthenticationUser.Roles.Where(r => r.HasRole)) { identity.AddClaim(new Claim(ClaimTypes.Role, role.Name)); } var principal = new ClaimsPrincipal(identity); await HttpContext.SignInAsync( scheme : CookieAuthenticationDefaults.AuthenticationScheme, principal : principal, properties : new AuthenticationProperties { IsPersistent = data.RememberMe }); return(Json(new { Route = Url.RouteUrl("default") })); }
public async Task <User> FindAsync(string userName, string password) { if (string.IsNullOrWhiteSpace(userName) || string.IsNullOrWhiteSpace(password)) { return(null); } var user = await FindByUserNameAsync(userName); if (user == null) { return(null); } var result = _passwordHasherService .VerifyHashedPassword(user.PasswordHash, password); return(result == PasswordVerificationResult.Success ? user : null); }
public async Task <UserToken> FindToken(string userName, string password, string accessToken) { var accessTokenHash = _securityService.GetSha256Hash(accessToken); var token = await _tokens.Include(u => u.User) .Where(u => u.User.UserName == userName && u.AccessTokenHash == accessTokenHash) .FirstOrDefaultAsync(); if (token != null) { if (_passwordHasherService.VerifyHashedPassword(token.User.PasswordHash, password) == PasswordVerificationResult.Success) { return(token); } } return(null); }