public ActionResult <User> Authenticate([FromBody] User_Authenticate authenticate) { User user = new User(); user = _AuthService.Authenticate(authenticate); if (user == null) { return(BadRequest()); } return(Ok(user)); }
public User Authenticate(User_Authenticate authenticate) { var username = authenticate.Username; var password = authenticate.Password; if (string.IsNullOrEmpty(username) || string.IsNullOrEmpty(password)) { return(null); } var auth = _auths.Find <AuthUser>(x => x.Username == username).FirstOrDefault(); if (auth == null) { return(null); } if (!VerifyPasswordHash(password, auth.PasswordHash, auth.PasswordSalt)) { return(null); } var user = _users.Find <User>(x => x.uID == auth.uID).FirstOrDefault(); // autrhoization token var tokenHandler = new JwtSecurityTokenHandler(); var key = Encoding.ASCII.GetBytes(secret.Value.Secret); SecurityTokenDescriptor tokenDescriptor = new SecurityTokenDescriptor { Subject = new ClaimsIdentity(new Claim[] { new Claim(ClaimTypes.Name, auth.Username.ToString()), new Claim(ClaimTypes.Role, user.Role) }), Expires = DateTime.UtcNow.AddDays(7), SigningCredentials = new SigningCredentials(new SymmetricSecurityKey(key), SecurityAlgorithms.HmacSha256Signature) }; var token = tokenHandler.CreateToken(tokenDescriptor); var tokenString = tokenHandler.WriteToken(token); // token user.Token = tokenString; return(user); }