public User Authenticate(string userName, string password) {

1. public User Authenticate(string userName, string password)
2. {
3. var user = _user.SingleOrDefault(x => x.UserName == userName && x.Password == password);
4. if (user==null)
5. {
6. return null;
7. }
8. //if user is not null then generate jwt token
9. var tokenHandler = new JwtSecurityTokenHandler();
10. var key = Encoding.ASCII.GetBytes(_appSettings);
11. var tokenDescriptor = new SecurityTokenDescriptor
12. {
13. Subject = new ClaimsIdentity(new Claim[]
14. {
15. new Claim(ClaimTypes.Name, user.Id.ToString())
16. }),
17. Expires = DateTime.Now.AddMinutes(5),
18. SigningCredentials = new SigningCredentials(new SymmetricSecurityKey(key), SecurityAlgorithms.HmacSha256Signature)
19.  
20. };
21. var token = tokenHandler.CreateToken(tokenDescriptor);
22. user.Token = tokenHandler.WriteToken(token);
23. user.validFrom=token.ValidFrom;
24. user.validTo = token.ValidTo;
25. user.Password = null;
26. return user;
27. }
28. public static bool ValidateUser(string token, out string userid)
29. {
30. userid = null;
31. var principle = GetPrincipal(token);
32. if (principle==null)
33. {
34. return false;
35. }
36. var identity = principle.Identity as ClaimsIdentity;
37. if (identity==null)
38. {
39. return false;
40. }
41. if (!identity.IsAuthenticated)
42. return false;
43. var useridClaim = identity.FindFirst(ClaimTypes.Name);
44. userid = useridClaim.Value;
45. if (string.IsNullOrEmpty(userid))
46. {
47. return false;
48. }
49. return true;
50.  
51. }
52. public static ClaimsPrincipal GetPrincipal(string token)
53. {
54. try
55. {
56. var tokenHandler = new JwtSecurityTokenHandler();
57. var jwtToken = tokenHandler.ReadToken(token) as JwtSecurityToken;
58.  
59. if (jwtToken == null)
60. return null;
61.  
62. var symmetricKey = Encoding.ASCII.GetBytes(AppSettings.Secret);
63.  
64. var validationParameters = new TokenValidationParameters()
65. {
66. RequireExpirationTime = true,
67. ValidateIssuer = false,
68. ValidateAudience = false,
69. IssuerSigningKey = new SymmetricSecurityKey(symmetricKey)
70. };
71.  
72. SecurityToken securityToken;
73. var principal = tokenHandler.ValidateToken(token, validationParameters, out securityToken);
74.  
75. return principal;
76. }
77.  
78. catch (Exception)
79. {
80. //should write log
81. return null;
82. }
83. }