using Microsoft.AspNetCore.Authentication.Cookies; using Microsoft.AspNetCore.Builder; using Microsoft.AspNetCore.Hosting; using Microsoft.AspNetCore.Http; using Microsoft.Extensions.DependencyInjection; using System; using System.Threading.Tasks; namespace Fiver.Security.Authentication { public class Startup { public void ConfigureServices( IServiceCollection services) { services.AddAuthentication("FiverSecurityScheme") .AddCookie("FiverSecurityScheme", options => { options.AccessDeniedPath = new PathString("/Security/Access"); options.Cookie = new CookieBuilder { //Domain = "", HttpOnly = true, Name = ".Fiver.Security.Cookie", Path = "/", SameSite = SameSiteMode.Lax, SecurePolicy = CookieSecurePolicy.SameAsRequest }; options.Events = new CookieAuthenticationEvents { OnSignedIn = context => { Console.WriteLine("{0} - {1}: {2}", DateTime.Now, "OnSignedIn", context.Principal.Identity.Name); return Task.CompletedTask; }, OnSigningOut = context => { Console.WriteLine("{0} - {1}: {2}", DateTime.Now, "OnSigningOut", context.HttpContext.User.Identity.Name); return Task.CompletedTask; }, OnValidatePrincipal = context => { Console.WriteLine("{0} - {1}: {2}", DateTime.Now, "OnValidatePrincipal", context.Principal.Identity.Name); return Task.CompletedTask; } }; //options.ExpireTimeSpan = TimeSpan.FromMinutes(10); options.LoginPath = new PathString("/Security/Login"); options.ReturnUrlParameter = "RequestPath"; options.SlidingExpiration = true; }); services.AddMvc(); } //public void ConfigureServices( // IServiceCollection services) //{ // services.AddAuthentication("FiverSecurityScheme") // .AddCookie("FiverSecurityScheme", options => // { // options.AccessDeniedPath = new PathString("/Security/Access"); // options.LoginPath = new PathString("/Security/Login"); // }); // services.AddMvc(); //} public void Configure( IApplicationBuilder app, IHostingEnvironment env) { app.UseDeveloperExceptionPage(); app.UseAuthentication(); app.UseMvcWithDefaultRoute(); } } }
using System.Threading.Tasks; using Microsoft.AspNetCore.Mvc; using Fiver.Security.Authentication.Models.Security; using System.Security.Claims; using System.Collections.Generic; using Microsoft.AspNetCore.Authentication; using System; namespace Fiver.Security.Authentication.Controllers { public class SecurityController : Controller { public IActionResult Login(string requestPath) { ViewBag.RequestPath = requestPath ?? "/"; return View(); } [HttpPost] public async Task<IActionResult> Login(LoginInputModel inputModel) { if (!IsAuthentic(inputModel.Username, inputModel.Password)) return View(); // create claims List<Claim> claims = new List<Claim> { new Claim(ClaimTypes.Name, "Sean Connery"), new Claim(ClaimTypes.Email, inputModel.Username) }; // create identity ClaimsIdentity identity = new ClaimsIdentity(claims, "cookie"); // create principal ClaimsPrincipal principal = new ClaimsPrincipal(identity); // sign-in await HttpContext.SignInAsync( scheme: "FiverSecurityScheme", principal: principal, properties: new AuthenticationProperties { //IsPersistent = true, // for ‘remember me‘ feature //ExpiresUtc = DateTime.UtcNow.AddMinutes(1) }); return Redirect(inputModel.RequestPath ?? "/"); //return RedirectToAction("Index", "Home"); } public async Task<IActionResult> Logout(string requestPath) { await HttpContext.SignOutAsync( scheme: "FiverSecurityScheme"); return RedirectToAction("Login"); } public IActionResult Access() { return View(); } #region " Private " private bool IsAuthentic(string username, string password) { return (username == "james" && password == "bond"); } #endregion } }