public User Authenticate(string userName, string password)
{
int tokenExpiryInDays = 1;
User user = new User
{
UserId = Guid.NewGuid()
};
try
{
// Note: Passwords should really be encrypted at rest (doing this for simplicity)
user = _context.Users
.FirstOrDefault(u => u.UserName == userName && u.Password == password);
// return null if user not found
if (user == null)
{
return(null);
}
// generate an JWT for this user (it will be stored in a domain specific cookie)
user.JwtToken = JwtTokenizer.CreateJWT(_appSettings.SecretKey, user.UserId.ToString(), tokenExpiryInDays, _logger);
// remove password before returning
user.Password = null;
}
catch (Exception ex)
{
_logger.LogError(ex);
}
return(user);
}
public User Authenticate(string userName, string password, ref bool noDatabaseConnection)
{
User user = new User();
user.UserId = Guid.NewGuid();
int tokenExpiryInDays = 1;
try
{
// Always ensure the user has a valid connection string before attempting to log in
noDatabaseConnection = TestInvalidDatabaseConnection();
// Note: Passwords should really be hashed when stored (doing this for simplicity)
// To Do: Encrypt user passwords/tokens?
user = _context.Users
.FirstOrDefault(u => u.Username == userName && u.Password == password);
if (user != null)
{
// generate an JWT for this user (it will be stored in a domain specific cookie)
user.AccessToken = JwtTokenizer.CreateJWT(_appSettings.SecretKey, user.UserId.ToString(), tokenExpiryInDays);
// remove password before returning
user.Password = null;
}
}
catch (Exception ex)
{
Console.WriteLine(ex);
}
return(user);
}