Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- public User Authenticate(string userName, string password)
- {
- var user = _user.SingleOrDefault(x => x.UserName == userName && x.Password == password);
- if (user==null)
- {
- return null;
- }
- //if user is not null then generate jwt token
- var tokenHandler = new JwtSecurityTokenHandler();
- var key = Encoding.ASCII.GetBytes(_appSettings);
- var tokenDescriptor = new SecurityTokenDescriptor
- {
- Subject = new ClaimsIdentity(new Claim[]
- {
- new Claim(ClaimTypes.Name, user.Id.ToString())
- }),
- Expires = DateTime.Now.AddMinutes(5),
- SigningCredentials = new SigningCredentials(new SymmetricSecurityKey(key), SecurityAlgorithms.HmacSha256Signature)
- };
- var token = tokenHandler.CreateToken(tokenDescriptor);
- user.Token = tokenHandler.WriteToken(token);
- user.validFrom=token.ValidFrom;
- user.validTo = token.ValidTo;
- user.Password = null;
- return user;
- }
- public static bool ValidateUser(string token, out string userid)
- {
- userid = null;
- var principle = GetPrincipal(token);
- if (principle==null)
- {
- return false;
- }
- var identity = principle.Identity as ClaimsIdentity;
- if (identity==null)
- {
- return false;
- }
- if (!identity.IsAuthenticated)
- return false;
- var useridClaim = identity.FindFirst(ClaimTypes.Name);
- userid = useridClaim.Value;
- if (string.IsNullOrEmpty(userid))
- {
- return false;
- }
- return true;
- }
- public static ClaimsPrincipal GetPrincipal(string token)
- {
- try
- {
- var tokenHandler = new JwtSecurityTokenHandler();
- var jwtToken = tokenHandler.ReadToken(token) as JwtSecurityToken;
- if (jwtToken == null)
- return null;
- var symmetricKey = Encoding.ASCII.GetBytes(AppSettings.Secret);
- var validationParameters = new TokenValidationParameters()
- {
- RequireExpirationTime = true,
- ValidateIssuer = false,
- ValidateAudience = false,
- IssuerSigningKey = new SymmetricSecurityKey(symmetricKey)
- };
- SecurityToken securityToken;
- var principal = tokenHandler.ValidateToken(token, validationParameters, out securityToken);
- return principal;
- }
- catch (Exception)
- {
- //should write log
- return null;
- }
- }
Add Comment
Please, Sign In to add comment