public AuthenticatedResponse Authenticate(AuthenticateRequest request)
{
var username = request.Username;
var password = request.Password;
if (string.IsNullOrEmpty(username) || string.IsNullOrEmpty(password))
{
return(null);
}
var user = _userops.GetByUsername(username);
// check if username exists TODO: add exception
if (user == null)
{
return(null);
}
// check if password is correct
if (!VerifyPasswordHash(password, user.PasswordHash, user.PasswordSalt))
{
return(null);
}
// generate jwt
var jwt = _tokenService.GenerateJWT(user);
// map to suitable user response object
var userResponse = _mapper.Map <UserResponse>(user);
// create user session and insert in redis
_userSessionService.CreateSession(user, jwt);
return(new AuthenticatedResponse {
Jwt = jwt, User = userResponse
});
}
