public async Task <UserAccountDto> RegisterAsync(RegisterUserDto registerDto, CancellationToken cancellationToken) { registerDto.Email = registerDto.Email.ToLower().Trim(); registerDto.Username = registerDto.Username.ToLower().Trim(); var estate = await _estateEntityService.Queryable.FirstAsync(cancellationToken); await CheckIfUserIsValid(registerDto.Email, registerDto.Username, cancellationToken); var activationKey = _hasher.CalculateHash(registerDto.Firstname + registerDto.Lastname + registerDto.Email + registerDto.Username); var passwordHash = _passwordService.HashUserPassword(registerDto.Email, registerDto.Password); var reg = CreateUser(registerDto, UserGroup.AppClient, registerDto.Password, passwordHash, activationKey); _entityService.DbContext.SaveChanges(); var userDto = new UserAccountDto(); userDto.From(reg); return(userDto); //return await AuthenticateAsync(registerDto.Email, registerDto.Password, cancellationToken); }
public async Task <UserAccountDto> AuthenticateAsync(string email, string password, CancellationToken cancellationToken = default) { email = email.ToLower().Trim(); var userData = await _entityService.Queryable .Select(i => new { user = i, role = i.UserAccountGroup.First().UserGroup.StaticCode, groupId = i.UserAccountGroup.First().UserGroup.Id, }) .FirstOrDefaultAsync(i => (i.user.Email == email || i.user.UserName == email) && (i.user.Password == password), cancellationToken); if (userData == null) { throw new AppNotFoundException("User cannot be found"); } var user = userData.user; var role = userData.role; var groupId = userData.groupId; if (user.IsConfirmed == false) { throw new AppException("Please confirm your email"); } if (user.IsActive == false) { throw new AppException("User is deactivated"); } //if (!_passwordService.VerifyUser(user.Email, password, user.PasswordHash)) // throw new AppException("Username or password is invalid"); // authentication successful so generate jwt token var tokenHandler = new JwtSecurityTokenHandler(); var key = Encoding.ASCII.GetBytes(_authSetting.Secret); var tokenDescriptor = new SecurityTokenDescriptor { Subject = GetClaimsIdentity(user, role, groupId), Expires = DateTime.UtcNow.AddDays(_authSetting.ExpireInDays), SigningCredentials = new SigningCredentials(new SymmetricSecurityKey(key), SecurityAlgorithms.HmacSha256Signature) }; var token = tokenHandler.CreateToken(tokenDescriptor); var userDto = new UserAccountDto(); userDto.From(user); userDto.Token = tokenHandler.WriteToken(token); return(userDto); }