public async Task <Guid> Handle(ChangePasswordCommand command, CancellationToken cancellationToken)
{
if (PasswordHelper.Compare(command.OldPassword, command.NewPassword))
{
throw new Exception("The new password must be different from the old one");
}
var newPassword = PasswordHelper.Encrypt(command.NewPassword);
var user = await _userRepository.Get(command.Id);
user.SetPassword(newPassword);
await _userRepository.Update(command.Id, user);
return(user.Id);
}
public IActionResult Login(string username, string password)
{
if (string.IsNullOrEmpty(username) || string.IsNullOrEmpty(password))
{
return(BadRequest());
}
var user = m_UserRepository.GetByUserName(username);
if (user == null)
{
return(NotFound(ResponseFactory.CreateResponse("User Not Found")));
}
else
{
if (PasswordHelper.Compare(user.Password, password))
{
//TODO: move secret key to config
var token = new JwtTokenBuilder()
.AddSecurityKey(JwtSecurityKey.Create("armut.sample.messaging.secret"))
.AddSubject(user.UserName)
.AddIssuer("Armut.Sample.Messaging")
.AddAudience("Armut.Sample.Messaging")
.AddClaim("Username", user.UserName)
.AddExpiry(10)
.Build();
m_Logger.LogInformation("User Logged in with Id: {0}", user.UserID);
return(Ok(token.Value));
}
else
{
m_Logger.LogInformation("Invalid Log in with Id: {0}", user.UserID);
return(Unauthorized());
}
}
}
