public async Task <IActionResult> Login(LoginPoco user, string returnUrl = null) { const string badUserNameOrPasswordMessage = "Username or password is incorrect."; var userFromLogin = loginService.Login(user.LoginUserName.ToLower(), user.LoginPassword); if (userFromLogin == null) { return(BadRequest(badUserNameOrPasswordMessage)); } var identity = new ClaimsIdentity(CookieAuthenticationDefaults.AuthenticationScheme); identity.AddClaim(new Claim(ClaimTypes.Name, userFromLogin.LoginUserName)); await HttpContext.SignInAsync(CookieAuthenticationDefaults.AuthenticationScheme, new ClaimsPrincipal(identity)); if (returnUrl == null) { returnUrl = TempData["returnUrl"]?.ToString(); } if (returnUrl != null) { return(Redirect(returnUrl)); } return(RedirectToAction(nameof(HomeController.Index), "Home")); }
public async Task <UserAccount> IsValidAssertion(LoginPoco assertion) { //#if DEBUG // assertion.Username = "******"; // assertion.Password = "******"; //#endif var findByNameAsync = await FindByNameAsync(assertion.Username); if (!await CheckPasswordAsync(findByNameAsync, assertion.Password)) { // if password is invalid return(null); } return(findByNameAsync); }
// GET api/WebAuth public async Task <IHttpActionResult> Post([FromBody] LoginPoco assertion) { UserAccount user; if ((user = await _authManager.IsValidAssertion(assertion)) == null) { return(Unauthorized()); } var token = await _tokenManager.CreateToken(user); return(Ok(new LoginResult { AuthenticationToken = token, User = new LoginResultUser { UserId = user.UserName } })); }