public async Task <SessionResponseViewModel> Authenticate(SessionRequestViewModel user) { var data = await _userManager.FindByEmailAsync(user.Email); if (data == null) { throw new Exception("Invalid e-mail/password combination"); } var valid = _userManager.PasswordHasher.VerifyHashedPassword(data, data.PasswordHash, user.Password); if (valid != PasswordVerificationResult.Success) { throw new Exception("Invalid e-mail/password combination"); } var tokenHandler = new JwtSecurityTokenHandler(); var key = Encoding.ASCII.GetBytes(_config["JWTSecret"]); var tokenDescriptor = new SecurityTokenDescriptor { Expires = DateTime.UtcNow.AddHours(2), SigningCredentials = new SigningCredentials( new SymmetricSecurityKey(key), SecurityAlgorithms.HmacSha256Signature ) }; var token = tokenHandler.CreateToken(tokenDescriptor); return(new SessionResponseViewModel(user.Email, tokenHandler.WriteToken(token))); }
public async Task <ActionResult <SessionResponseViewModel> > logIn([FromBody] SessionRequestViewModel user) { var session = await _user.Authenticate(user); return(Ok(session)); }