public ActionResult <User> AuthenticateUser(User user)
{
var myUser = _userLogic.AuthenticateUser(user);
if (myUser != null)
{
var tokenHandler = new JwtSecurityTokenHandler();
var tokenDescriptor = new SecurityTokenDescriptor
{
Subject = new ClaimsIdentity(new Claim[] {
new Claim(ClaimTypes.NameIdentifier, myUser.Id.ToString()),
new Claim(ClaimTypes.Name, myUser.Username)
}),
Issuer = "https://localhost:44339",
Audience = "https://localhost:44339",
Expires = DateTime.Now.AddMinutes(60),
SigningCredentials = new SigningCredentials(new SymmetricSecurityKey(Encoding.UTF8.GetBytes("A-VERY-STRONG-KEY-HERE")), SecurityAlgorithms.HmacSha512Signature),
};
var token = tokenHandler.CreateToken(tokenDescriptor);
return(Ok(new
{
token = tokenHandler.WriteToken(token),
expiration = token.ValidTo
}));
}
else
{
return(StatusCode(401));
}
}
public IActionResult AuthenticateUser([FromBody] AuthenticateModel model)
{
var jwtToken = _userLogic.AuthenticateUser(model);
if (jwtToken == string.Empty)
{
return(BadRequest(ErrorDetails.SetError(StatusCodes.Status400BadRequest, "Username or password is incorrect")));
}
return(Ok(new { jwtToken }));
}