public ActionResult <User> Authenticate([FromBody] User_Authenticate authenticate)
{
User user = new User();
user = _AuthService.Authenticate(authenticate);
if (user == null)
{
return(BadRequest());
}
return(Ok(user));
}
public User Authenticate(User_Authenticate authenticate)
{
var username = authenticate.Username;
var password = authenticate.Password;
if (string.IsNullOrEmpty(username) || string.IsNullOrEmpty(password))
{
return(null);
}
var auth = _auths.Find <AuthUser>(x => x.Username == username).FirstOrDefault();
if (auth == null)
{
return(null);
}
if (!VerifyPasswordHash(password, auth.PasswordHash, auth.PasswordSalt))
{
return(null);
}
var user = _users.Find <User>(x => x.uID == auth.uID).FirstOrDefault();
// autrhoization token
var tokenHandler = new JwtSecurityTokenHandler();
var key = Encoding.ASCII.GetBytes(secret.Value.Secret);
SecurityTokenDescriptor tokenDescriptor = new SecurityTokenDescriptor
{
Subject = new ClaimsIdentity(new Claim[]
{
new Claim(ClaimTypes.Name, auth.Username.ToString()),
new Claim(ClaimTypes.Role, user.Role)
}),
Expires = DateTime.UtcNow.AddDays(7),
SigningCredentials = new SigningCredentials(new SymmetricSecurityKey(key), SecurityAlgorithms.HmacSha256Signature)
};
var token = tokenHandler.CreateToken(tokenDescriptor);
var tokenString = tokenHandler.WriteToken(token);
// token
user.Token = tokenString;
return(user);
}
