public T Authenticate <T>(string username, string password) where T : class, new()
//public User Authenticate(string username, string password)
{
//var user = _users.SingleOrDefault(x => x.Username == username && x.Password == password);
var user = _context.Users.SingleOrDefault(x => x.Username == username && x.Password == password);
APIResponse <User> data = null;
//APIResponse<ResponseEntity<User>> response = null;
// return null if user not found
if (user == null)
{
data = APIResponse <User> .ReturnValidResponse(null, System.Reflection.MethodBase.GetCurrentMethod().Name, "V1", new ErrorEntity { code = "1000", message = "Invalid Login information" }, false, "");
//response = new APIResponse<ResponseEntity<User>>(data);
return(data as T);
//return null;
}
// authentication successful so generate jwt token
var tokenHandler = new JwtSecurityTokenHandler();
var key = Encoding.ASCII.GetBytes(_appSettings.Secret);
var tokenDescriptor = new SecurityTokenDescriptor
{
Subject = new ClaimsIdentity(new Claim[]
{
new Claim(ClaimTypes.Name, user.Id.ToString()),
new Claim(ClaimTypes.Role, user.Role)
}),
Expires = DateTime.UtcNow.AddDays(7),
SigningCredentials = new SigningCredentials(new SymmetricSecurityKey(key), SecurityAlgorithms.HmacSha256Signature)
};
var token = tokenHandler.CreateToken(tokenDescriptor);
user.Token = tokenHandler.WriteToken(token);
data = APIResponse <User> .ReturnValidResponse(user.WithoutPassword(), System.Reflection.MethodBase.GetCurrentMethod().Name, "V1", null, true, "");
//response = new APIResponse<ResponseEntity<User>>(data);
return(data as T);
//return user.WithoutPassword();
}
