expressappframework-devexpress-dot-expressapp-dot-security-36a25e13.md
Exposes API required for user sign in. Use Dependency Injection to access this class’s instance in an application.
Namespace : DevExpress.ExpressApp.Security
Assembly : DevExpress.ExpressApp.Security.v25.2.dll
NuGet Package : DevExpress.ExpressApp.Security
public sealed class SignInManager
Public NotInheritable Class SignInManager
The code sample below demonstrates how to use the SignInManager.AuthenticateByLogonParameters method to implement a Backend Web API Service controller for JSON Web Token (JWT)-based authentication. The Template Kit generates equivalent code for Blazor projects with integrated Web API.
File: MySolution.Blazor\API\Security\AuthenticationController.cs
using DevExpress.ExpressApp.Security;
using Microsoft.AspNetCore.Mvc;
using Microsoft.IdentityModel.Tokens;
using Swashbuckle.AspNetCore.Annotations;
using System.IdentityModel.Tokens.Jwt;
using System.Text;
namespace MySolution.WebApi.Jwt;
[ApiController]
[Route("api/[controller]")]
public class AuthenticationController : ControllerBase {
readonly SignInManager signInManager;
readonly IConfiguration configuration;
public AuthenticationController(SignInManager signInManager, IConfiguration configuration) {
this.signInManager = signInManager;
this.configuration = configuration;
}
[HttpPost("Authenticate")]
public IActionResult Authenticate(
[FromBody]
[SwaggerRequestBody(@"For example:
{ ""userName"": ""Sam"", ""password"": """" }")]
AuthenticationStandardLogonParameters logonParameters
) {
var authenticationResult = signInManager.AuthenticateByLogonParameters(logonParameters);
if(authenticationResult.Succeeded) {
var issuerSigningKey = new SymmetricSecurityKey(Encoding.UTF8.GetBytes(configuration["Authentication:Jwt:IssuerSigningKey"]!));
var token = new JwtSecurityToken(
issuer: configuration["Authentication:Jwt:ValidIssuer"],
audience: configuration["Authentication:Jwt:ValidAudience"],
claims: authenticationResult.Principal.Claims,
expires: DateTime.Now.AddHours(2),
signingCredentials: new SigningCredentials(issuerSigningKey, SecurityAlgorithms.HmacSha256)
);
return Ok(new JwtSecurityTokenHandler().WriteToken(token));
}
return Unauthorized("User name or password is incorrect.");
}
}
Object SignInManager
See Also