public async Task <AuthResponse> LoginAsync(TokenExchangeRequest request)
{
var user = await _userManager.FindByEmailAsync(request.Email);
if (user == null)
{
return(new AuthResponse()
{
Message = $"No Accounts Registered with {request.Email}.",
});
}
// Only allow login if email is confirmed
if (!user.EmailConfirmed)
{
return(new AuthResponse()
{
Message = $"Current email {request.Email} is not confirmed.",
});
}
// Used as user lock
if (user.LockoutEnd != null && user.LockoutEnd >= DateTimeOffset.UtcNow)
{
return(new AuthResponse()
{
Message = $"This account has been locked.",
});
}
if (!await _userManager.CheckPasswordAsync(user, request.Password))
{
return(new AuthResponse()
{
Message = $"Incorrect Credentials for user {user.Email}.",
});
}
var jwtSecurityToken = await _jwtFactory.GenerateEncodedAccessToken(user);
var activeRefreshToken = user.RefreshTokens.FirstOrDefault(e => e.IsActive);
if (activeRefreshToken != null)
{
return(new AuthResponse()
{
RefreshToken = activeRefreshToken !.Token,
ExpiredAt = (activeRefreshToken.Expires - DateTimeOffset.UtcNow).Seconds,
Token = jwtSecurityToken.Token,
});
