public ActionResult <User> AuthenticateUser(User user)
        {
            var myUser = _userLogic.AuthenticateUser(user);

            if (myUser != null)
            {
                var tokenHandler    = new JwtSecurityTokenHandler();
                var tokenDescriptor = new SecurityTokenDescriptor
                {
                    Subject = new ClaimsIdentity(new Claim[] {
                        new Claim(ClaimTypes.NameIdentifier, myUser.Id.ToString()),
                        new Claim(ClaimTypes.Name, myUser.Username)
                    }),
                    Issuer             = "https://localhost:44339",
                    Audience           = "https://localhost:44339",
                    Expires            = DateTime.Now.AddMinutes(60),
                    SigningCredentials = new SigningCredentials(new SymmetricSecurityKey(Encoding.UTF8.GetBytes("A-VERY-STRONG-KEY-HERE")), SecurityAlgorithms.HmacSha512Signature),
                };

                var token = tokenHandler.CreateToken(tokenDescriptor);
                return(Ok(new
                {
                    token = tokenHandler.WriteToken(token),
                    expiration = token.ValidTo
                }));
            }
            else
            {
                return(StatusCode(401));
            }
        }
示例#2
0
        public IActionResult AuthenticateUser([FromBody] AuthenticateModel model)
        {
            var jwtToken = _userLogic.AuthenticateUser(model);

            if (jwtToken == string.Empty)
            {
                return(BadRequest(ErrorDetails.SetError(StatusCodes.Status400BadRequest, "Username or password is incorrect")));
            }

            return(Ok(new { jwtToken }));
        }