Beispiel #1
0
        public AuthenticatedResponse Authenticate(AuthenticateRequest request)
        {
            var username = request.Username;
            var password = request.Password;

            if (string.IsNullOrEmpty(username) || string.IsNullOrEmpty(password))
            {
                return(null);
            }

            var user = _userops.GetByUsername(username);


            // check if username exists TODO: add exception
            if (user == null)
            {
                return(null);
            }

            // check if password is correct
            if (!VerifyPasswordHash(password, user.PasswordHash, user.PasswordSalt))
            {
                return(null);
            }

            // generate jwt
            var jwt = _tokenService.GenerateJWT(user);

            // map to suitable user response object
            var userResponse = _mapper.Map <UserResponse>(user);

            // create user session and insert in redis
            _userSessionService.CreateSession(user, jwt);

            return(new AuthenticatedResponse {
                Jwt = jwt, User = userResponse
            });
        }