// POST: api/<UserController>/Login
public async Task <IActionResult> Login(LogingModel model)
{
//login
var user = await _userManager.FindByNameAsync(model.UserName);
if (user != null && await _userManager.CheckPasswordAsync(user, model.Password))
{
//create a tokenDescriptor with userId to generate token
var tokenDescriptor = new SecurityTokenDescriptor
{
Subject = new ClaimsIdentity(new Claim[] {
new Claim("UserID", user.Id.ToString())
}),
Expires = DateTime.UtcNow.AddDays(1),
SigningCredentials = new SigningCredentials(new SymmetricSecurityKey(Encoding.UTF8.GetBytes(_appSetting.JWT_Secret)), SecurityAlgorithms.HmacSha256Signature)
};
var tokenHandler = new JwtSecurityTokenHandler();
var security = tokenHandler.CreateToken(tokenDescriptor);
var token = tokenHandler.WriteToken(security);
return(Ok(new { token }));
}
else
{
return(BadRequest(new { message = "userName or Password is correct" }));
}
}
public ActionResult Login(LogingModel u)
{
if((Session["LogedUserId"] == null))
{
if (ModelState.IsValid)
{
using (UserEntities dc = new UserEntities())
{
u.password = HashPassword(u.password);
var v = dc.Users.Where(a => a.userName.Equals(u.userName) && a.password.Equals(u.password)).FirstOrDefault();
if (v != null)
{
Session["LogedUserID"] = v.id.ToString();
Session["LogedUsername"] = v.userName.ToString();
Session["LogedPassword"] = v.password.ToString();
return RedirectToAction("AfterLogin");
}
}
}
}
return View(u);
}
