private Api.Models.UserModel CreateUserToken(Repository.Models.UserModel dbUser)
{
var user = new Api.Models.UserModel()
{
Id = dbUser.id,
Email = dbUser.email,
Role = RoleModel.User
};
var key = Encoding.ASCII.GetBytes(_secret);
var tokenHandler = new JwtSecurityTokenHandler();
SecurityTokenDescriptor tokenDescriptor = new SecurityTokenDescriptor
{
Subject = new ClaimsIdentity(new Claim[]
{
new Claim(ClaimTypes.Name, user.Id.ToString()),
}),
Expires = DateTime.UtcNow.AddMinutes(15),
SigningCredentials = new SigningCredentials(new SymmetricSecurityKey(key), SecurityAlgorithms.HmacSha256Signature)
};
SecurityToken token = tokenHandler.CreateToken(tokenDescriptor);
user.Token = tokenHandler.WriteToken(token);
//insert RefreshToken into db
user.RefreshToken = Guid.NewGuid();
return(user);
}
public IActionResult RefreshToken(int id, [FromBody] Guid refreshToken)
{
Api.Models.UserModel user = new Api.Models.UserModel();
try
{
user = _authenticateService.Refreshtoken(id, refreshToken);
if (user == null)
{
return(BadRequest(new { message = ("Invalid refresh token") }));
}
}
catch (Exception ex)
{
return(BadRequest(ex.Message));
}
return(Ok(user));
}
public IActionResult Login([FromBody] UserDto userDto)
{
Api.Models.UserModel user = new Api.Models.UserModel();
try
{
user = _authenticateService.Authenticate(userDto.Email, userDto.Password);
if (user == null)
{
return(BadRequest(new { message = "Username or password is incorrect" }));
}
}
catch (Exception ex)
{
return(BadRequest(ex.Message));
}
return(Ok(user));
}
