public async Task <IActionResult> GetToken([FromBody] UserCredentialsForTokenDto credentials)
{
var data = await _userService.GetToken(credentials);
return(Ok(new
{
token = data
}));
}
private async Task <ClaimsIdentity> GetIdentity(UserCredentialsForTokenDto credentials)
{
var currentUser = await _context.Users.FirstOrDefaultAsync(x => x.Username == credentials.UserName &&
x.Password == credentials.Password);
if (currentUser != null)
{
var claims = new List <Claim>
{
new Claim(ClaimsIdentity.DefaultNameClaimType, currentUser.Username),
new Claim(ClaimsIdentity.DefaultRoleClaimType, currentUser.Role.ToString())
};
ClaimsIdentity claimsIdentity =
new ClaimsIdentity(claims, "Token", ClaimsIdentity.DefaultNameClaimType,
ClaimsIdentity.DefaultRoleClaimType);
return(claimsIdentity);
}
return(null);
}
public async Task <string> GetToken(UserCredentialsForTokenDto credentials)
{
var identity = await GetIdentity(credentials);
if (identity == null)
{
throw new UserNotFoundException();
}
var now = DateTime.UtcNow;
var jwt = new JwtSecurityToken(
issuer: AuthOptions.ISSUER,
audience: AuthOptions.AUDIENCE,
notBefore: now,
claims: identity.Claims,
expires: now.Add(TimeSpan.FromMinutes(AuthOptions.LIFETIME)),
signingCredentials: new SigningCredentials(AuthOptions.GetSymmetricSecurityKey(),
SecurityAlgorithms.HmacSha256));
var encodedJwt = new JwtSecurityTokenHandler().WriteToken(jwt);
return(encodedJwt);
}
