public IActionResult Login(ClientLoginRequest request)
{
if (_dbService.CheckLogin(request.Login, request.Password))
{
var _token = _dbService.CreateFirstToken(request.Login);
return(Ok(_token));
}
else
{
return(Unauthorized(request.Login + ": login or password is incorrect"));
};
}
public IActionResult Login(ClientLoginRequest request)
{
var claims = new[]
{
new Claim(ClaimTypes.NameIdentifier, request.Login),
new Claim(ClaimTypes.Hash, request.Password),
};
if (_dbService.CheckLogin(request.Login, request.Password))
{
var key = new SymmetricSecurityKey(Encoding.UTF8.GetBytes(Configuration["SecretKey"]));
var creds = new SigningCredentials(key, SecurityAlgorithms.HmacSha256);
var token = new JwtSecurityToken
(
issuer: "AdvertApi",
audience: "Clients",
claims: claims,
expires: DateTime.Now.AddMinutes(10),
signingCredentials: creds
);
var refreshToken = Guid.NewGuid();
var accessToken = new JwtSecurityTokenHandler().WriteToken(token);
_dbService.SaveRefreshToken(request.Login, refreshToken.ToString());
return(Ok(new {
accessToken,
refreshToken
}));
}
else
{
return(Unauthorized(request.Login + ": login or password is incorrect"));
};
}
