public IActionResult Login(UserToLoinDto userToLogin)
{
var loggedInUser = _repo.Login(userToLogin);
if (loggedInUser == null)
{
return(Unauthorized());
}
var claims = new[]
{
new Claim(ClaimTypes.NameIdentifier, loggedInUser.id.ToString()),
new Claim(ClaimTypes.Name, loggedInUser.username)
};
// ensure tokens are valid by signing the created token with a key
var key = new SymmetricSecurityKey(Encoding.UTF8.GetBytes(_config.GetSection("AppSettings:Token").Value));
var credentials = new SigningCredentials(key, SecurityAlgorithms.HmacSha512Signature);
// create a token descriptor
var tokenDescriptor = new SecurityTokenDescriptor
{
Subject = new ClaimsIdentity(claims),
SigningCredentials = credentials,
Expires = DateTime.Now.AddDays(1)
};
var tokenHander = new JwtSecurityTokenHandler();
var token = tokenHander.CreateToken(tokenDescriptor);
return(Ok(new
{
token = tokenHander.WriteToken(token)
}));
}
public User Login(UserToLoinDto userToLogin)
{
var existingUser = context.Users.FirstOrDefault(m => m.username.Equals(userToLogin.username));
if (existingUser == null || !VerifyPasswordHash(userToLogin.password, existingUser.passwordSalt, existingUser.passwordHash))
{
return(null);
}
return(existingUser);
}
