Example #1
0
        public async Task <Authentication.OutModel> Authentication([FromBody] Authentication.InModel inModel)
        {
            AuthValidator validationRules = new AuthValidator();
            await validationRules.ValidateAndThrowAsync(inModel);

            return(await _iAccessControlService.Authentication(inModel));
        }
        public async Task <Authentication.Models.OutModel> Authentication(Authentication.Models.InModel inModel,
                                                                          CancellationToken cancellationToken = default)
        {
            AuthValidator authValidator = new AuthValidator();
            await authValidator.ValidateAndThrowAsync(inModel);

            var user = await _dbContext.Users.SingleOrDefaultAsync(x => x.Email == inModel.Email, cancellationToken);

            if (user == null)
            {
                throw new InvalidOperationException("User with email not exist.");
            }
            if (!Cryptor.VerifyPasswordHash(inModel.PasswordHash, user.PasswordHash))
            {
                throw new InvalidOperationException("Email or password is incorrect.");
            }

            var tokenHandler    = new JwtSecurityTokenHandler();
            var key             = Encoding.ASCII.GetBytes(_appSettings.Secret);
            var tokenDescriptor = new SecurityTokenDescriptor
            {
                Subject = new ClaimsIdentity(new Claim[]
                {
                    new Claim(ClaimTypes.Name, user.Id.ToString())
                }),
                Expires            = DateTime.UtcNow.AddDays(7),
                SigningCredentials = new SigningCredentials(new SymmetricSecurityKey(key),
                                                            SecurityAlgorithms.HmacSha256Signature)
            };
            var token = tokenHandler.CreateToken(tokenDescriptor);

            user.Token = tokenHandler.WriteToken(token);
            return(new Authentication.Models.OutModel {
                IdUser = user.Id,
                UserName = user.Username, Token = user.Token
            });
        }