public async Task <IActionResult> Login([FromBody] DtoIncomingUserLogin dto)
{
// note the user is allowed to use username or email to login
// check to see if entered field is username or password
// we do that by checking if it contains the @ character
// since we do not allow this character in username
User user;
if (dto.UserNameOrEmail.Contains("@"))
{
user = await _userManager.FindByEmailAsync(dto.UserNameOrEmail);
}
else
{
user = await _userManager.FindByNameAsync(dto.UserNameOrEmail);
}
// check to see if username / email exist
if (user == null)
{
return(Unauthorized());
}
// now check password
var result = await _signInManager.CheckPasswordSignInAsync(user, dto.Password, false);
if (result.Succeeded)
{
return(Ok(new { token = GenerateJwtToken(user).Result }));
}
//password check failed
return(Unauthorized());
}
public async Task <IActionResult> Login([FromBody] DtoIncomingUserLogin dto)
{
// check if user exists
var user = await _userManager.FindByEmailAsync(dto.Email);
if (user == null)
{
return(Unauthorized());
}
// now check password
var result = await _signInManager.CheckPasswordSignInAsync(user, dto.Password, false);
if (result.Succeeded)
{
return(Ok(new { token = GenerateJwtToken(user).Result }));
}
// we got here, therefore password check failed
return(Unauthorized());
}
