public async Task <ActionResult <CustomerViewModel> > Login([FromBody] CustomerLoginViewModel customerLoginViewModel)
{
var customer = await _context.Customers
.Where(u => u.Email == customerLoginViewModel.Email &&
u.PassWord == customerLoginViewModel.PassWord)
.FirstOrDefaultAsync();
CustomerViewModel customerViewModel = null;
if (customer == null)
{
return(Ok("Email hoặc mật khẩu không chính xác."));
}
if (customer.IsBlocked)
{
return(Ok("Tài khoản đang tạm khóa."));
}
if (customer != null)
{
RefreshTokenCustomer refreshToken = GenerateRefreshToken();
customer.RefreshTokenCustomers.Add(refreshToken);
await _context.SaveChangesAsync();
customerViewModel = new CustomerViewModel(customer);
customerViewModel.RefreshToken = refreshToken.Token;
}
//sign token here
customerViewModel.AccessToken = GenerateAccessToken(customer.CustomerId);
return(customerViewModel);
}
private bool ValidateRefresh(Customer customer, string refreshToken)
{
RefreshTokenCustomer refreshTokenCustomer = _context.RefreshTokenCustomers.Where(rt => rt.Token == refreshToken)
.OrderByDescending(rt => rt.ExpiryDate)
.FirstOrDefault();
if (refreshTokenCustomer != null && refreshTokenCustomer.CustomerId == customer.CustomerId &&
refreshTokenCustomer.ExpiryDate > DateTime.UtcNow)
{
return(true);
}
return(false);
}
private RefreshTokenCustomer GenerateRefreshToken()
{
RefreshTokenCustomer refreshToken = new RefreshTokenCustomer();
var randomNumber = new byte[32];
using (var rng = RandomNumberGenerator.Create())
{
rng.GetBytes(randomNumber);
refreshToken.Token = Convert.ToBase64String(randomNumber);
}
refreshToken.ExpiryDate = DateTime.UtcNow.AddDays(1);
return(refreshToken);
}
