示例#1
0
        public async Task <ActionResult> Login(LoginView loginView)
        {
            try
            {
                if (ModelState.IsValid)
                {
                    string hashed = Convert.ToBase64String(KeyDerivation.Pbkdf2(
                                                               password: loginView.Clave,
                                                               salt: System.Text.Encoding.ASCII.GetBytes(config["Salt"]),
                                                               prf: KeyDerivationPrf.HMACSHA1,
                                                               iterationCount: 1000,
                                                               numBytesRequested: 256 / 8));
                    var p = repo.GetByEmail(loginView.Email);
                    if (p == null || p.Clave != hashed)
                    {
                        ViewBag.Mensaje = "Datos inválidos";
                        return(View());
                    }
                    var claims = new List <Claim>
                    {
                        new Claim(ClaimTypes.Name, p.Email),
                        //new Claim(ClaimTypes.Name, p.Nombre),
                        //new Claim(ClaimTypes.Email, p.Email),
                        new Claim("Identity", p.IdPropietario.ToString()),
                        new Claim(ClaimTypes.Role, p.IdPropietario < 10 ? "RolAdmin" : "RolEmpresa"),
                    };

                    var claimsIdentity = new ClaimsIdentity(
                        claims, CookieAuthenticationDefaults.AuthenticationScheme);

                    var authProperties = new AuthenticationProperties
                    {
                        //AllowRefresh = <bool>,
                        // Refreshing the authentication session should be allowed.
                        AllowRefresh = true,
                        //ExpiresUtc = DateTimeOffset.UtcNow.AddMinutes(10),
                        // The time at which the authentication ticket expires. A
                        // value set here overrides the ExpireTimeSpan option of
                        // CookieAuthenticationOptions set with AddCookie.

                        //IsPersistent = true,
                        // Whether the authentication session is persisted across
                        // multiple requests. When used with cookies, controls
                        // whether the cookie's lifetime is absolute (matching the
                        // lifetime of the authentication ticket) or session-based.

                        //IssuedUtc = <DateTimeOffset>,
                        // The time at which the authentication ticket was issued.

                        //RedirectUri = <string>
                        // The full path or absolute URI to be used as an http
                        // redirect response value.
                    };

                    await HttpContext.SignInAsync(
                        CookieAuthenticationDefaults.AuthenticationScheme,
                        new ClaimsPrincipal(claimsIdentity),
                        authProperties);

                    return(RedirectToAction("Index"));
                }
                else
                {
                    return(View());//Ver mensaje a devolver
                }
            }
            catch (Exception ex)
            {
                ViewBag.Error      = ex.Message;
                ViewBag.StackTrate = ex.StackTrace;
                return(View());
            }
        }