64 lines
1.9 KiB
C#
64 lines
1.9 KiB
C#
using System;
|
|
using System.IdentityModel.Tokens.Jwt;
|
|
using System.Security.Claims;
|
|
using System.Threading.Tasks;
|
|
using Api.Models;
|
|
using HN.Infrastructure.Identity;
|
|
using Microsoft.AspNetCore.Authorization;
|
|
using Microsoft.AspNetCore.Identity;
|
|
using Microsoft.AspNetCore.Mvc;
|
|
using Microsoft.IdentityModel.Tokens;
|
|
|
|
namespace Api.Controllers
|
|
{
|
|
[ApiController]
|
|
[Route("api/[controller]")]
|
|
public sealed class AccountsController : ControllerBase
|
|
{
|
|
private readonly UserManager<User> _usersManager;
|
|
private readonly SignInManager<User> _signinManager;
|
|
private readonly TokenValidationParameters _tokenParameters;
|
|
|
|
public AccountsController(UserManager<User> usersManager, SignInManager<User> signinManager, TokenValidationParameters tokenParameters)
|
|
{
|
|
_usersManager = usersManager;
|
|
_signinManager = signinManager;
|
|
_tokenParameters = tokenParameters;
|
|
}
|
|
|
|
[HttpPost("login")]
|
|
[AllowAnonymous]
|
|
public async Task<IActionResult> Login(LoginViewModel command)
|
|
{
|
|
var user = await _usersManager.FindByNameAsync(command.Username);
|
|
|
|
if (user == null)
|
|
{
|
|
return NotFound();
|
|
}
|
|
|
|
var result = await _signinManager.CheckPasswordSignInAsync(user, command.Password, false);
|
|
|
|
if (!result.Succeeded)
|
|
{
|
|
return BadRequest();
|
|
}
|
|
|
|
var tokenDescriptor = new SecurityTokenDescriptor
|
|
{
|
|
Subject = new ClaimsIdentity(new Claim[]
|
|
{
|
|
new Claim(ClaimTypes.NameIdentifier, user.Id.ToString()),
|
|
new Claim(ClaimTypes.Name, command.Username),
|
|
}),
|
|
|
|
Expires = DateTime.UtcNow.AddDays(7),
|
|
Issuer = _tokenParameters.ValidIssuer,
|
|
Audience = _tokenParameters.ValidAudience,
|
|
SigningCredentials = new SigningCredentials(_tokenParameters.IssuerSigningKey, SecurityAlgorithms.HmacSha256Signature)
|
|
};
|
|
|
|
return Ok(new JwtSecurityTokenHandler().CreateEncodedJwt(tokenDescriptor));
|
|
}
|
|
}
|
|
} |