using System; using System.IdentityModel.Tokens.Jwt; using System.Security.Claims; using System.Threading.Tasks; using Api.Models; using HN.Infrastructure.Identity; using Microsoft.AspNetCore.Authorization; using Microsoft.AspNetCore.Identity; using Microsoft.AspNetCore.Mvc; using Microsoft.IdentityModel.Tokens; namespace Api.Controllers { [ApiController] [Route("api/[controller]")] public sealed class AccountsController : ControllerBase { private readonly UserManager _usersManager; private readonly SignInManager _signinManager; private readonly TokenValidationParameters _tokenParameters; public AccountsController(UserManager usersManager, SignInManager signinManager, TokenValidationParameters tokenParameters) { _usersManager = usersManager; _signinManager = signinManager; _tokenParameters = tokenParameters; } /// /// Récupère un jeton d'accès pour un utilisateur particulier. /// /// /// [HttpPost("login")] [AllowAnonymous] public async Task> Login(LoginViewModel command) { var user = await _usersManager.FindByNameAsync(command.Username); if (user == null) { return NotFound(); } var result = await _signinManager.CheckPasswordSignInAsync(user, command.Password, false); if (!result.Succeeded) { return BadRequest(); } var tokenDescriptor = new SecurityTokenDescriptor { Subject = new ClaimsIdentity(new Claim[] { new Claim(ClaimTypes.NameIdentifier, user.Id.ToString()), new Claim(ClaimTypes.Name, command.Username), }), Expires = DateTime.UtcNow.AddDays(7), Issuer = _tokenParameters.ValidIssuer, Audience = _tokenParameters.ValidAudience, SigningCredentials = new SigningCredentials(_tokenParameters.IssuerSigningKey, SecurityAlgorithms.HmacSha256Signature) }; return Ok(new JwtSecurityTokenHandler().CreateEncodedJwt(tokenDescriptor)); } } }