public async Task <SignInResult> SignInAsync(string userName, string password) { var maybe = await FindUserByNameAsync(userName); if (!maybe.HasValue) { return(SignInResult.Fail(_translation["SignIn.Messages.Failure"])); } var user = maybe.Value; if (_password.VerifyHashedPassword(user.PasswordHash, password) == PasswordVerificationResult.Failed) { return(SignInResult.Fail(_translation["SignIn.Messages.Failure"])); } if (!user.IsActive) { return(SignInResult.Fail(_translation["SignIn.Messages.IsNotActive"])); } var userId = user.Id; var claims = await BuildClaimsAsync(userId); var token = await _token.NewTokenAsync(userId, claims); //TODO: Remove this line if you don't store jwt in cookie _antiXsrf.AddToken(claims, JwtBearerDefaults.AuthenticationScheme); return(SignInResult.Ok(token)); }
public async Task <SignInResult> SignInAsync(string userName, string password) { var maybe = await FindUserByNameAsync(userName); if (!maybe.HasValue) { return(SignInResult.Fail(_localizer["SignIn.Messages.Failure"])); } var user = maybe.Value; if (_password.VerifyHashedPassword(user.PasswordHash, password) == PasswordVerificationResult.Failed) { return(SignInResult.Fail(_localizer["SignIn.Messages.Failure"])); } if (!user.IsActive) { return(SignInResult.Fail(_localizer["SignIn.Messages.IsNotActive"])); } var userId = user.Id; var claims = await BuildClaimsAsync(userId); var token = await _token.BuildTokenAsync(userId, claims); _antiforgery.AddTokenToResponse(claims); return(SignInResult.Ok(token)); }
public async Task <SignInResult> SignInAsync(string userName, string password, bool persistent) { var userMaybe = await FindUserByNameAsync(userName); if (!userMaybe.HasValue) { return(SignInResult.Fail(_localizer["SignIn.Messages.Failure"])); } var user = userMaybe.Value; if (_password.VerifyHashedPassword(user.PasswordHash, password) == PasswordVerificationResult.Failed) { return(SignInResult.Fail(_localizer["SignIn.Messages.Failure"])); } if (!user.IsActive) { return(SignInResult.Fail(_localizer["SignIn.Messages.IsNotActive"])); } var userId = user.Id; var claims = await BuildClaimsAsync(userId); var loginCookieExpirationDays = _configuration.GetValue <int>("LoginCookieExpirationDays", defaultValue: 30); await _httpContext.HttpContext.SignInAsync( CookieAuthenticationDefaults.AuthenticationScheme, claims, new AuthenticationProperties { IsPersistent = persistent, // "Remember Me" IssuedUtc = DateTimeOffset.UtcNow, ExpiresUtc = DateTimeOffset.UtcNow.AddDays(loginCookieExpirationDays) }); // await UpdateLastActivityDateAsync(user); _logger.LogInformation(LoggingEvents.LOGIN, $"{userName} logged in."); return(SignInResult.Ok()); }