public IHttpActionResult Auth([FromBody] UserForAuth user)
{
if (!ModelState.IsValid)
{
return(BadRequest(ModelState));
}
var output = new ObjectParameter("ResultID", typeof(int));
db.spAuthUser(user.Username, user.Password, output);
int?userID = output.Value as int?;
if (userID != null)
{
if (db.Employees.Count(e => e.UserID == userID) > 0)
{
return(Ok(db.spGetEmployeeWithUserByID(userID)));
}
else
{
return(Ok(db.spGetUserByID(userID)));
}
}
else
{
return(NotFound());
}
}
public async Task <IActionResult> Register(UserForAuth user)
{
user.Name = user.Name.ToLower();
if (await _repo.UserCheck(user.Name))
{
return(BadRequest("User Exist"));
}
var userToCreate = new User()
{
Id = Guid.NewGuid(),
Name = user.Name,
isAdmin = false,
};
var created = await _repo.Register(userToCreate, user.Password);
return(StatusCode(201));
}
public async Task <IActionResult> Login(UserForAuth user)
{
var userToLogin = await _repo.Login(user.Name, user.Password);
if (userToLogin == null)
{
return(Unauthorized());
}
//Token
var claims = new[]
{
new Claim(ClaimTypes.NameIdentifier, userToLogin.Id.ToString()),
new Claim(ClaimTypes.Name, user.Name),
new Claim(ClaimTypes.Role, userToLogin.isAdmin.ToString())
};
var jwtSettings = new JwtSettings();
_configuration.Bind(nameof(jwtSettings), jwtSettings);
var key = new SymmetricSecurityKey(Encoding.UTF8.GetBytes(jwtSettings.Secrect));
var creds = new SigningCredentials(key, SecurityAlgorithms.HmacSha512Signature);
var tokenDescriptor = new SecurityTokenDescriptor
{
Subject = new ClaimsIdentity(claims),
Expires = DateTime.Now.AddHours(1),
SigningCredentials = creds
};
var tokenHandler = new JwtSecurityTokenHandler();
var token = tokenHandler.CreateToken(tokenDescriptor);
return(Ok(new { token = tokenHandler.WriteToken(token) }));
}
