public AuthenticateAccountResponse Register(RegisterAccountRequest request)
{
if (_context.Accounts.Any(x => x.EmailAddress == request.EmailAddress))
{
// There is already an account with given email address
throw new AccountAlreadyExistsException();
}
// Create new account object from the request model
var account = new Account()
{
UserFullName = request.UserFullName,
EmailAddress = request.EmailAddress,
PasswordHash = BC.HashPassword(request.Password)
};
// Save account
_context.Accounts.Add(account);
_context.SaveChanges();
// Create a response that includes the access token
var response = new AuthenticateAccountResponse
{
AccountId = account.AccountId,
UserFullName = account.UserFullName,
EmailAddress = account.EmailAddress,
AccessToken = GenerateJsonWebToken(account)
};
return(response);
}
public AuthenticateAccountResponse Authenticate(AuthenticateAccountRequest request)
{
// Get the account if it exists
var account = _context.Accounts.SingleOrDefault(x => x.EmailAddress == request.EmailAddress);
// Gernerate password hash and test. Throw exception if email doesn't exists or password incorrect
if (account == null || !BC.Verify(request.Password, account.PasswordHash))
{
throw new AuthenticationFailedException();
}
// Create a response that includes the access token
var response = new AuthenticateAccountResponse
{
AccountId = account.AccountId,
UserFullName = account.UserFullName,
EmailAddress = account.EmailAddress,
AccessToken = GenerateJsonWebToken(account)
};
return(response);
}
