internal User Login(UserLoginCreds creds)
{
User user = _repo.GetUserByEmail(creds.Email);
if (user == null || !BCrypt.Net.BCrypt.Verify(creds.Password, user.Hash))
{
throw new Exception("Invalid Email or Password");
}
user.Hash = null;
return(user);
}
public async Task <ActionResult <User> > Login([FromBody] UserLoginCreds creds)
{
try
{
User user = _as.Login(creds);
user.SetClaims();
await HttpContext.SignInAsync(user._principal);
return(Ok(user));
}
catch (Exception e)
{
return(Unauthorized(e.Message));
}
}
