public async Task <UserAccountDto> RegisterAsync(RegisterUserDto registerDto, CancellationToken cancellationToken)
{
registerDto.Email = registerDto.Email.ToLower().Trim();
registerDto.Username = registerDto.Username.ToLower().Trim();
var estate = await _estateEntityService.Queryable.FirstAsync(cancellationToken);
await CheckIfUserIsValid(registerDto.Email, registerDto.Username, cancellationToken);
var activationKey = _hasher.CalculateHash(registerDto.Firstname
+ registerDto.Lastname
+ registerDto.Email
+ registerDto.Username);
var passwordHash = _passwordService.HashUserPassword(registerDto.Email, registerDto.Password);
var reg = CreateUser(registerDto, UserGroup.AppClient, registerDto.Password, passwordHash, activationKey);
_entityService.DbContext.SaveChanges();
var userDto = new UserAccountDto();
userDto.From(reg);
return(userDto);
//return await AuthenticateAsync(registerDto.Email, registerDto.Password, cancellationToken);
}
public async Task <UserAccountDto> AuthenticateAsync(string email, string password, CancellationToken cancellationToken = default)
{
email = email.ToLower().Trim();
var userData = await _entityService.Queryable
.Select(i => new
{
user = i,
role = i.UserAccountGroup.First().UserGroup.StaticCode,
groupId = i.UserAccountGroup.First().UserGroup.Id,
})
.FirstOrDefaultAsync(i => (i.user.Email == email || i.user.UserName == email) && (i.user.Password == password), cancellationToken);
if (userData == null)
{
throw new AppNotFoundException("User cannot be found");
}
var user = userData.user;
var role = userData.role;
var groupId = userData.groupId;
if (user.IsConfirmed == false)
{
throw new AppException("Please confirm your email");
}
if (user.IsActive == false)
{
throw new AppException("User is deactivated");
}
//if (!_passwordService.VerifyUser(user.Email, password, user.PasswordHash))
// throw new AppException("Username or password is invalid");
// authentication successful so generate jwt token
var tokenHandler = new JwtSecurityTokenHandler();
var key = Encoding.ASCII.GetBytes(_authSetting.Secret);
var tokenDescriptor = new SecurityTokenDescriptor
{
Subject = GetClaimsIdentity(user, role, groupId),
Expires = DateTime.UtcNow.AddDays(_authSetting.ExpireInDays),
SigningCredentials = new SigningCredentials(new SymmetricSecurityKey(key), SecurityAlgorithms.HmacSha256Signature)
};
var token = tokenHandler.CreateToken(tokenDescriptor);
var userDto = new UserAccountDto();
userDto.From(user);
userDto.Token = tokenHandler.WriteToken(token);
return(userDto);
}
