public async Task <IActionResult> Register(DAL.User user)
{
using (var transaction = _context.Database.BeginTransaction())
{
var dalUser = new DAL.User()
{
Email = user.Email,
UserName = user.Email
};
var createResult = await _userManager.CreateAsync(dalUser, user.Password);
var roleResult = await _userManager.AddToRoleAsync(dalUser, "user");
if (createResult.Succeeded && roleResult.Succeeded)
{
transaction.Commit();
var response = new ApiResponse <APIX.User>(new APIX.User()
{
Email = dalUser.Email
});
return(new OkObjectResult(response));
}
else
{
return(new BadRequestResult());
}
}
}
public async Task <IActionResult> Login(DAL.User user)
{
var result = await ValidateLoginAsync(user);
if (result.valid)
{
var dalUser = _context.Users.FirstOrDefault(m => m.Email == user.Email);
var response = new ApiResponse <APIX.User>(new APIX.User()
{
Id = dalUser.Id,
Email = user.Email,
Token = await GenerateJwtToken(dalUser)
});
return(new OkObjectResult(response));
}
return(new BadRequestObjectResult(result));
}
private async Task <ApiLoginResponse> ValidateLoginAsync(DAL.User user)
{
var dalUser = _context.Users.Where(m => m.Email == user.Email).FirstOrDefault();
if (dalUser != null)
{
var validPassword = await this._userManager.CheckPasswordAsync(dalUser, user.Password);
var isLockedOut = await this._userManager.IsLockedOutAsync(dalUser);
var isConfirmed = dalUser.EmailConfirmed;
if (!validPassword)
{
return(new ApiLoginResponse(false, "Invalid password"));
}
else
{
return(new ApiLoginResponse(true, null));
}
}
return(new ApiLoginResponse(false, "User not found"));
}
public async Task <string> GenerateJwtToken(DAL.User user)
{
var claims = new ClaimsIdentity();
var roles = await _userManager.GetRolesAsync(user);
var roleClaims = roles.Select(role => new Claim(ClaimTypes.Role, role));
claims.AddClaims(roleClaims);
claims.AddClaim(new Claim(ClaimTypes.NameIdentifier, user.Id.ToString()));
claims.AddClaim(new Claim(ClaimTypes.Email, user.Email));
var tokenHandler = new JwtSecurityTokenHandler();
var tokenDescriptor = new SecurityTokenDescriptor
{
Subject = claims,
Expires = DateTime.UtcNow.Add(_jwtIssuerOptions.Value.ValidFor),
SigningCredentials = _jwtIssuerOptions.Value.SigningCredentials
};
var securityToken = tokenHandler.CreateToken(tokenDescriptor);
var token = tokenHandler.WriteToken(securityToken);
return(token);
}
public async Task <IActionResult> Register([FromBody] DAL.User user)
{
return(await _accountService.Register(user));
}
public async Task <IActionResult> Login([FromBody] DAL.User user)
{
return(await _accountService.Login(user));
}