我正在尝试制作一个向我返回Bearer型令牌的控制器。 我采取了以下步骤:
我在请求中传递了用户名和密码 检查数据库上是否有尝试登录的帐户,如果要登录,我要创建令牌以传递到前端。
我通过身份验证启动了api网络模板,并编写了以下代码。
我在哪里错了?
[HttpPost, Route("Login")]
[AllowAnonymous]
public async Task<IHttpActionResult> LoginAsync(LoginRequestModel model)
{
if (!ModelState.IsValid)
{
return BadRequest(ModelState);
}
var user = new User();
OracleConnection dbConn = new OracleConnection(ConfigurationManager.AppSettings.Get("connectionString"));
dbConn.Open();
OracleCommand command = dbConn.CreateCommand();
OracleParameterCollection paramCollection = command.Parameters;
paramCollection.Add(new OracleParameter(":COD_ANAGR_UTENTE", model.Username));
command.CommandText = command.CommandText = CommandStrings.GetCodiceAnagraficoUtente;
OracleDataReader reader = command.ExecuteReader();
if (reader == null)
{
return NotFound();
}
OAuthGrantResourceOwnerCredentialsContext context = null;
var identity = new ClaimsIdentity(OAuthDefaults.AuthenticationType);
identity.AddClaim(new Claim(ClaimTypes.Name, model.Username));
context.Validated(identity);
return Ok();
}