Skip to content
Switch branches/tags

Name already in use

A tag already exists with the provided branch name. Many Git commands accept both tag and branch names, so creating this branch may cause unexpected behavior. Are you sure you want to create this branch?
Go to file
Cannot retrieve contributors at this time

using System.Security.Claims;
using System.Threading.Tasks;
using AngularASPNETCore2WebApiAuth.Auth;
using AngularASPNETCore2WebApiAuth.Helpers;
using AngularASPNETCore2WebApiAuth.Models;
using AngularASPNETCore2WebApiAuth.Models.Entities;
using AngularASPNETCore2WebApiAuth.ViewModels;
using Microsoft.AspNetCore.Identity;
using Microsoft.AspNetCore.Mvc;
using Microsoft.Extensions.Options;
using Newtonsoft.Json;
namespace AngularASPNETCore2WebApiAuth.Controllers
public class AuthController : Controller
private readonly UserManager<AppUser> _userManager;
private readonly IJwtFactory _jwtFactory;
private readonly JwtIssuerOptions _jwtOptions;
public AuthController(UserManager<AppUser> userManager, IJwtFactory jwtFactory, IOptions<JwtIssuerOptions> jwtOptions)
_userManager = userManager;
_jwtFactory = jwtFactory;
_jwtOptions = jwtOptions.Value;
// POST api/auth/login
public async Task<IActionResult> Post([FromBody]CredentialsViewModel credentials)
if (!ModelState.IsValid)
return BadRequest(ModelState);
var identity = await GetClaimsIdentity(credentials.UserName, credentials.Password);
if (identity == null)
return BadRequest(Errors.AddErrorToModelState("login_failure", "Invalid username or password.", ModelState));
var jwt = await Tokens.GenerateJwt(identity, _jwtFactory, credentials.UserName, _jwtOptions, new JsonSerializerSettings { Formatting = Formatting.Indented });
return new OkObjectResult(jwt);
private async Task<ClaimsIdentity> GetClaimsIdentity(string userName, string password)
if (string.IsNullOrEmpty(userName) || string.IsNullOrEmpty(password))
return await Task.FromResult<ClaimsIdentity>(null);
// get the user to verifty
var userToVerify = await _userManager.FindByNameAsync(userName);
if (userToVerify == null) return await Task.FromResult<ClaimsIdentity>(null);
// check the credentials
if (await _userManager.CheckPasswordAsync(userToVerify, password))
return await Task.FromResult(_jwtFactory.GenerateClaimsIdentity(userName, userToVerify.Id));
// Credentials are invalid, or account doesn't exist
return await Task.FromResult<ClaimsIdentity>(null);