SignInManager.AuthenticateByLogonParameters(Object) Method
Authenticates a user based on the specified logon parameters.
Namespace: DevExpress.ExpressApp.Security
Assembly: DevExpress.ExpressApp.Security.v25.2.dll
NuGet Package: DevExpress.ExpressApp.Security
Declaration
Parameters
| Name | Type | Description |
|---|---|---|
| logonParameters | Object | An object that contains a user’s logon parameters. |
Returns
| Type | Description |
|---|---|
| DevExpress.ExpressApp.Security.AuthenticationResult | An object of the |
Remarks
Use this method to programmatically authenticate a user in an XAF application. This method takes an object that contains a user’s logon parameters and returns an AuthenticationResult object.
The returned object exposes the following properties.
Succeeded- A
booleanproperty that indicates whether or not the authentication attempt was successful. Principal- If the authentication succeeds, this property contains the ClaimsPrincipal (a collection of statements about the authenticated user) returned by the Security System.
Error- If the authentication fails, this property contains the resulting Exception.
Example
The code sample below demonstrates how you can use the AuthenticateByLogonParameters method to implement a Backend Web API Service controller for JSON Web Token (JWT)-based authentication. The Template Kit generates equivalent code for Blazor projects with integrated Web API.
File: MySolution.Blazor\API\Security\AuthenticationController.cs
using DevExpress.ExpressApp.Security;
using Microsoft.AspNetCore.Mvc;
using Microsoft.IdentityModel.Tokens;
using Swashbuckle.AspNetCore.Annotations;
using System.IdentityModel.Tokens.Jwt;
using System.Text;
namespace MySolution.WebApi.Jwt;
[ApiController]
[Route("api/[controller]")]
public class AuthenticationController : ControllerBase {
readonly SignInManager signInManager;
readonly IConfiguration configuration;
public AuthenticationController(SignInManager signInManager, IConfiguration configuration) {
this.signInManager = signInManager;
this.configuration = configuration;
}
[HttpPost("Authenticate")]
public IActionResult Authenticate(
[FromBody]
[SwaggerRequestBody(@"For example: <br /> { ""userName"": ""Sam"", ""password"": """" }")]
AuthenticationStandardLogonParameters logonParameters
) {
var authenticationResult = signInManager.AuthenticateByLogonParameters(logonParameters);
if(authenticationResult.Succeeded) {
var issuerSigningKey = new SymmetricSecurityKey(Encoding.UTF8.GetBytes(configuration["Authentication:Jwt:IssuerSigningKey"]!));
var token = new JwtSecurityToken(
issuer: configuration["Authentication:Jwt:ValidIssuer"],
audience: configuration["Authentication:Jwt:ValidAudience"],
claims: authenticationResult.Principal.Claims,
expires: DateTime.Now.AddHours(2),
signingCredentials: new SigningCredentials(issuerSigningKey, SecurityAlgorithms.HmacSha256)
);
return Ok(new JwtSecurityTokenHandler().WriteToken(token));
}
return Unauthorized("User name or password is incorrect.");
}
}
Usage Considerations
- The
AuthenticateByLogonParametersmethod differs from the SignInByLogonParameters method in the following ways:- The
AuthenticateByLogonParametersmethod only uses the passed logon parameters to find a user. This method does not affect the currently logged in user. - The
SignInByLogonParametersmethod implicitly calls theAuthenticateByLogonParametersmethod to find a user. If the user is found,SignInByLogonParameterssigns in this user.
- The
Related GitHub Examples
The following code snippets (auto-collected from DevExpress Examples) contain references to the AuthenticateByLogonParameters(Object) method.
Note
The algorithm used to collect these code examples remains a work in progress. Accordingly, the links and snippets below may produce inaccurate results. If you encounter an issue with code examples below, please use the feedback form on this page to report the issue.