0

I have implemented Token Authentication for Web API using ASP.Net Core by following the solution mentioned in following post Token Based Authentication in ASP.NET Core

To implement the authentication logic, I have defined following method

public async Task<bool> AuthenticateUser(string email, string password)
{
    UserManager<ApplicationUser> _userManager = HttpContext.ApplicationServices.GetService(typeof(UserManager<ApplicationUser>)) as UserManager<ApplicationUser>;
    SignInManager<ApplicationUser> _signInManager = HttpContext.ApplicationServices.GetService(typeof(SignInManager<ApplicationUser>)) as SignInManager<ApplicationUser>;

    var result = await _signInManager.PasswordSignInAsync(email, password, isPersistent: false, lockoutOnFailure: false);

    if (result.Succeeded)
    {                
        return true;
    }
    else
    {
        return false;
    }
}

and the Post method with is invoked is

[HttpPost]        
public dynamic Post([FromBody] AuthRequest req)
{
string email = req.username;
string password = req.password;

try
{
    bool isAuthenticated = false; 

    //implement the authentication logic over here
    isAuthenticated = AuthenticateUser(email, password).Result;

    if (isAuthenticated)
    {
        DateTime? expires = DateTime.UtcNow.AddDays(2);
        var token = GetToken(req.username, expires);
        return new { authenticated = true, entityId = 1, token = token, tokenExpires = expires };
    }
}
catch (Exception ex)
{
    return new { authenticated = false, message = "Exception: " +  ex.Message, detailedmessage = ex.InnerException};
}

return new { authenticated = false };
}

Now the problem...

The Post executes fine on first call and returns the desired result, however, on second call, it throws following exception

No authentication handler is configured to handle the scheme: Microsoft.AspNet.Identity.Application

On debugging I found that this exception is being thrown when following line is executed

var result = await _signInManager.PasswordSignInAsync(email, password, isPersistent: false, lockoutOnFailure: false);

It works fine when invoked for the first time but throws exception on all subsequent calls.

I've been searching for this issue for the past 2 days and all I find is that in Startup.cs app.UseIdentity(); should be invoked before adding the authentication middleware. It's already happeneing in my code.

Please suggest what am I missing here.

Community
  • 1
  • 1
Fahad Amin
  • 93
  • 1
  • 10

1 Answers1

0

Resolved the issue by changing HttpContext.ApplicationServices.GetService() to HttpContext.RequestServices.GetService() in AuthenticateUser() method. My updated method is

public async Task<bool> AuthenticateUser(string email, string password)
    {                        
        UserManager<ApplicationUser> _userManager = HttpContext.RequestServices.GetService(typeof(UserManager<ApplicationUser>)) as UserManager<ApplicationUser>;
        SignInManager<ApplicationUser> _signInManager = HttpContext.RequestServices.GetService(typeof(SignInManager<ApplicationUser>)) as SignInManager<ApplicationUser>;

        var result = await _signInManager.PasswordSignInAsync(email, password, isPersistent: false, lockoutOnFailure: false);
        if (result.Succeeded)
        {                
            return true;
        }
        else
        {
            return false;
        }
    }
Fahad Amin
  • 93
  • 1
  • 10