public async Task <ActionResult <SignInResponse> > SignIn(SignInRequest request) { var authAttempt = await _userAuthService.AuthenticateAsync(request.Username, request.Password); if (!authAttempt.IsSuccess) { return(StatusCode((int)HttpStatusCode.Unauthorized, new SignInResponse { ResultCode = authAttempt.Code.ToString("G"), })); } Response.Cookies.Append( JwtBearerAuthenticationOptions.JwtBearerAuthentication, _jwtTokenGenerator.CreateToken(authAttempt.User), new CookieOptions { Expires = DateTimeOffset.Now.AddDays(7), HttpOnly = false, Secure = false, } ); return(Ok(new SignInResponse { ResultCode = authAttempt.Code.ToString("G"), })); }
public async Task <IActionResult> CreateToken([FromBody] LogInReq model) { try { var user = await _userRepository.WithEmail(model.Email); if (user == null) { return(NotFound("Usuario con email no existe")); } if (_passwordHasher.VerifyHashedPassword(user, user.Password, model.Password) != PasswordVerificationResult.Success) { return(Unauthorized()); } var claims = new[] { new Claim(JwtRegisteredClaimNames.Sub, user.Id.ToString()), new Claim(JwtRegisteredClaimNames.Jti, Guid.NewGuid().ToString()), new Claim(JwtRegisteredClaimNames.Email, user.Email) }; var jwtSecurityToken = _jwtTokenGenerator.CreateToken(claims); return(Ok(new AuthResponse { Token = new JwtSecurityTokenHandler().WriteToken(jwtSecurityToken), Expiration = jwtSecurityToken.ValidTo, User = new UserResponse(user), IAmRoot = await permissionRepository.UserIsRoot(user.Id), Permissions = (await permissionRepository.GetUserPermissions(user.Id)).Select(p => new PermissionResponse(p)).ToList(), Companies = (await companyRepository.GetUserCompanies(user.Id)).Select(c => new CompanyResult(c)).ToList() })); } catch (Exception ex) { _logger.LogError($"error while creating token: {ex}"); return(StatusCode((int)HttpStatusCode.InternalServerError, "error while creating token")); } }
public ActionResult <JwtToken> RefreshTask() { StringValues token = Request.Headers["authorization"]; if (string.IsNullOrWhiteSpace(token)) { return(BadRequest()); } string userId = JwtTokenGenerator.GetUserKey(token); //Validate if the user was maybe deleted since the last auth if (!_dbDriver.Service.PamaxieUserData.Exists(userId)) { return(Unauthorized()); } var newToken = _generator.CreateToken(userId, ApiApplicationConfiguration.JwtSettings); return(Ok(newToken)); }