public async Task <IHttpActionResult> Login(ViewModels.LoginViewModel model) { //if (!this.ModelState.IsValid) //{ // return this.View(model); //} // This doesn't count login failures towards account lockout // To enable password failures to trigger account lockout, change to shouldLockout: true var result = await this.AppSignInManager.PasswordSignInAsync(model.Email, model.Password, model.RememberMe, shouldLockout : false); switch (result) { case SignInStatus.Success: var user = await this.AppUserManager.FindByNameAsync(model.Email); var request = HttpContext.Current.Request; var tokenServiceUrl = request.Url.GetLeftPart(UriPartial.Authority) + request.ApplicationPath + "/Token"; using (var client = new HttpClient()) { var requestParams = new List <KeyValuePair <string, string> > { new KeyValuePair <string, string>("grant_type", "password"), new KeyValuePair <string, string>("username", model.Email), new KeyValuePair <string, string>("password", model.Password) }; var requestParamsFormUrlEncoded = new FormUrlEncodedContent(requestParams); var tokenServiceResponse = await client.PostAsync(tokenServiceUrl, requestParamsFormUrlEncoded); var responseString = await tokenServiceResponse.Content.ReadAsStringAsync(); var responseCode = tokenServiceResponse.StatusCode; var jsSerializer = new System.Web.Script.Serialization.JavaScriptSerializer(); var responseData = jsSerializer.Deserialize <Dictionary <string, string> >(responseString); var authToken = responseData["access_token"]; var userName = responseData["userName"]; // Save bearer token to the database userSessionService.CreateUserSession(userName, authToken); // Cleanup: delete expired sessions from the database userSessionService.DeleteExpiredSessions(); return(Json(new { status = true, token = authToken })); } case SignInStatus.LockedOut: return(Json(new { status = false, error = "Lockout" })); case SignInStatus.RequiresVerification: return(Json(new { status = false, error = "" })); case SignInStatus.Failure: default: this.ModelState.AddModelError("", "Invalid login attempt."); return(Json(new { status = false, error = "Invalid login attempt" })); } }
public UserLoginResponseModel Login(UserLoginModel model) { model.Password = hashCryptoHelper.HashString(model.Password); var data = userDataRepository.FetchAll() .Where(x => x.UserEmail == model.UserEmail && x.PassHash == model.Password) .Select(x => new { x, x.Role.RoleValue }) .FirstOrDefault(); if (data == null) { throw new GenericException(Enums.GenericErrorEnum.UserDoesNotExist); } var userData = data.x; var role = data.RoleValue; userSessionService.DeleteUserSession(userData.Id.ToString()); userSessionService.CreateUserSession(userData.Id.ToString()); if (userData.FailedLoginCount != 0) { userData.FailedLoginCount = 0; userDataRepository.Update(userData); userDataRepository.Save(); } var claims = new ClaimsIdentity(new Claim[] { new Claim(ClaimTypes.Name, aesCryptoHelper.EncryptString(userData.Id.ToString())), new Claim(ClaimTypes.Role, role.ToString()) }); return(new UserLoginResponseModel() { JWT = jwtHelper.ConstructUserJwt(claims) }); }