using System.Security.Claims; using System.Threading.Tasks; using Microsoft.AspNetCore.Identity; using Microsoft.AspNetCore.Mvc; using Microsoft.Extensions.Options; using Newtonsoft.Json; using PodNoms.Api.Models; using PodNoms.Api.Models.ViewModels; using PodNoms.Api.Services.Auth; using PodNoms.Api.Utils; namespace PodNoms.Api.Controllers { [Route("[controller]")] public class AuthController : Controller { private readonly UserManager _userManager; private readonly IJwtFactory _jwtFactory; private readonly JwtIssuerOptions _jwtOptions; public AuthController(UserManager userManager, IJwtFactory jwtFactory, IOptions jwtOptions) { _userManager = userManager; _jwtFactory = jwtFactory; _jwtOptions = jwtOptions.Value; } // POST api/auth/login [HttpPost("login")] public async Task Post([FromBody]CredentialsViewModel credentials) { if (!ModelState.IsValid) { return BadRequest(ModelState); } var identity = await GetClaimsIdentity(credentials.UserName, credentials.Password); if (identity == null) { return BadRequest(Errors.AddErrorToModelState("login_failure", "Invalid username or password.", ModelState)); } var jwt = await Tokens.GenerateJwt(identity, _jwtFactory, credentials.UserName, _jwtOptions, new JsonSerializerSettings { Formatting = Formatting.Indented }); return new OkObjectResult(jwt); } private async Task GetClaimsIdentity(string userName, string password) { if (string.IsNullOrEmpty(userName) || string.IsNullOrEmpty(password)) return await Task.FromResult(null); // get the user to verifty var userToVerify = await _userManager.FindByNameAsync(userName); if (userToVerify == null) return await Task.FromResult(null); // check the credentials if (await _userManager.CheckPasswordAsync(userToVerify, password)) { return await Task.FromResult(_jwtFactory.GenerateClaimsIdentity(userName, userToVerify.Id)); } // Credentials are invalid, or account doesn't exist return await Task.FromResult(null); } } }