public async Task <User> SignInAsync(SignInUserForm form)
{
var user = await _userManager.FindByEmailAsync(form.Email);
if (user == null)
{
throw new RestException(HttpStatusCode.Unauthorized, new { message = "Invalid UserName or Password" });
}
var result = await _signInManager.CheckPasswordSignInAsync(user, form.Password, false);
if (result.Succeeded)
{
Profile profile = await _dbContext.Profiles.Where(x => x.Id == user.ProfileId).FirstOrDefaultAsync();
var newRefreshToken = _jwt.GenerateRefreshToken();
user.RefreshTokens.Add(newRefreshToken);
await _userManager.UpdateAsync(user);
return(new User
{
Avatar = profile.Avatar,
Email = user.Email,
UserName = user.UserName,
Token = _jwt.CreateToken(user.UserName, profile.Id),
RefreshToken = newRefreshToken.Token
});
}
throw new RestException(HttpStatusCode.Unauthorized, new { message = "Invalid UserName or Password" });
}
public async Task <ActionResult> Login(LoginDTO loginDto)
{
if (loginDto == null)
{
return(BadRequest());
}
await _authService.Login(loginDto.Email, loginDto.Password);
var user = await _userService.GetUser(loginDto.Email);
var jwt = _jwtService.CreateToken(user.UserId, user.Role);
return(Ok(jwt));
}