// This method gets called by the runtime. Use this method to add services to the container. public IServiceProvider ConfigureServices(IServiceCollection services) { var tokenAuthOption = TokenAuthOptionBuilder.BuildFromConfig(); services.AddAuthentication(authOptions => { authOptions.DefaultAuthenticateScheme = JwtBearerDefaults.AuthenticationScheme; authOptions.DefaultChallengeScheme = JwtBearerDefaults.AuthenticationScheme; }) .AddJwtBearer(options => { options.RequireHttpsMetadata = false; options.SaveToken = true; options.TokenValidationParameters = new TokenValidationParameters { //ValidateIssuer = true, //ValidateAudience = true, //ValidateLifetime = true, //ValidateIssuerSigningKey = true, ValidIssuer = tokenAuthOption.Issuer, ValidAudience = tokenAuthOption.Audience, IssuerSigningKey = tokenAuthOption.SecurityKey }; options.Events = new JwtBearerEvents() { OnAuthenticationFailed = c => { c.NoResult(); c.Response.StatusCode = 401; c.Response.ContentType = "text/plain"; return(c.Response.WriteAsync(c.Exception.ToString())); } }; } ); // Enable the use of an [Authorize("Bearer")] attribute on methods and classes to protect. services.AddAuthorization(auth => { auth.AddPolicy("Bearer", new AuthorizationPolicyBuilder() .AddAuthenticationSchemes(JwtBearerDefaults.AuthenticationScheme) .RequireAuthenticatedUser().Build()); }); services.AddCors(); services.AddScoped <UserInfoService>(); services.AddCustomIntegrations(Configuration); services.AddEventBus(Configuration); services.AddMvc().SetCompatibilityVersion(CompatibilityVersion.Version_2_1); var container = new ContainerBuilder(); container.Populate(services); return(new AutofacServiceProvider(container.Build())); }
public string GetAuthToken([FromBody] UserInfo user) { if (!string.IsNullOrWhiteSpace(user.Username)) { user.Username = user.Username.Trim(); } if (!string.IsNullOrWhiteSpace(user.Password)) { user.Password = user.Password.Trim(); } var existUser = _repository.GetByLoginAndPassword(user.Username, user.Password); if (existUser != null) { var tokenAuthOption = TokenAuthOptionBuilder.BuildFromConfig(); var claims = new[] { new Claim(JwtRegisteredClaimNames.Sub, existUser.Username), new Claim(JwtRegisteredClaimNames.Jti, existUser.Id.ToString()), }; var creds = new SigningCredentials(tokenAuthOption.SecurityKey, SecurityAlgorithms.HmacSha256); var token = new JwtSecurityToken(tokenAuthOption.Issuer, tokenAuthOption.Audience, claims, expires: tokenAuthOption.ExpiresIn, signingCredentials: creds); string tokenStr = ""; tokenStr = new JwtSecurityTokenHandler().WriteToken(token); var eventMessage = new UserLoggedinEvent(existUser.Id.ToString(), existUser.Username, tokenStr); // Once basket is checkout, sends an integration event to // ordering.api to convert basket to order and proceeds with // order creation process _eventBus.Publish(eventMessage); return(JsonConvert.SerializeObject(new RequestResult { State = RequestState.Success, Data = new { requertAt = DateTime.Now, username = user.Username, //expiresIn = TokenAuthOption.ExpiresSpan.TotalSeconds, //tokeyType = TokenAuthOption.TokenType, accessToken = tokenStr, idUserIdentity = existUser.Id } })); } else { return(JsonConvert.SerializeObject(new RequestResult { State = RequestState.Failed, Msg = "Username or password is invalid" })); } }