我有2个项目(App1)和(App1API)使用相同的解决方案进行加载。我正在考虑通过JWT通过App1API对用户进行身份验证。但是,我不确定如何创建控制器来登录用户。
我是否从我的App1引用登录控制器?它使用实体框架生成的默认登录功能。如何从API控制器引用呢?还是有另一种方法?
这是我用于登录的App1控制器
[HttpPost]
[AllowAnonymous]
[ValidateAntiForgeryToken]
public async Task<ActionResult> Login(LoginViewModel model, string returnUrl)
{
if (!ModelState.IsValid)
{
return View(model);
}
// This doesn't count login failures towards account lockout
// To enable password failures to trigger account lockout, change to shouldLockout: true
var result = await SignInManager.PasswordSignInAsync(model.Email, model.Password, model.RememberMe, shouldLockout: false);
switch (result)
{
case SignInStatus.Success:
return RedirectToLocal(returnUrl);
case SignInStatus.LockedOut:
return View("Lockout");
case SignInStatus.RequiresVerification:
return RedirectToAction("SendCode", new { ReturnUrl = returnUrl, RememberMe = model.RememberMe });
case SignInStatus.Failure:
default:
ModelState.AddModelError("", "Invalid login attempt.");
return View(model);
}
}
这是App1API控制器
[HttpPost]
public HttpResponseMessage Login(User user)
{
User u = new UserRepository().GetUser(user.UserName);
if (u == null)
return Request.CreateResponse(HttpStatusCode.NotFound, "The user was not found.");
bool credentials = u.Password.Equals(user.Password);
if (!credentials) return Request.CreateResponse(HttpStatusCode.Forbidden,
"The username/password combination was wrong.");
return Request.CreateResponse(HttpStatusCode.OK, TokenManagerModel.GenerateToken(user.UserName));
}