public async Task <ActionResult> CreateUser(User user)
{
try
{
user.Password = _aesHelper.DecryptStringAES(user.Password);
user.Password = BCrypt.Net.BCrypt.HashPassword(user.Password);
//user.Password = _serEncryptVerify.EncryptPassword(user.Password);
var find = await _serUser.AddUser(user);
if (find == false)
{
return(Conflict("Email already exists"));
}
else
{
return(CreatedAtAction("GetUser", new { id = user.Id }, user));
}
}
catch (DbUpdateException)
{
return(StatusCode(500));
}
}
public string Authenticate(string email, string password)
{
var pass = _aesHelper.DecryptStringAES(password);
User user = _serUser.GetInfoUserByEmail(email);
if (user == null)
{
return(null);
}
//var resp = _serEncryptVerify.VerifyPassword(pass, user.Password);
var resp = BCrypt.Net.BCrypt.Verify(pass, user.Password);
if (resp == false)
{
return(null);
}
var tokenHandler = new JwtSecurityTokenHandler();
var key = Encoding.ASCII.GetBytes(_appSettings.JWT_SecretKey);
var tokenDescriptor = new SecurityTokenDescriptor
{
Subject = new ClaimsIdentity(new Claim[]
{
new Claim("Id", user.Id),
new Claim("LastName", user.LastName),
new Claim("FirstName", user.FirstName),
new Claim(ClaimTypes.Email, user.Email),
new Claim("Gender", user.Gender.ToString()),
new Claim("Phone", user.Phone),
new Claim("Address", user.Address),
}),
Expires = DateTime.UtcNow.AddDays(1),
SigningCredentials = new SigningCredentials(new SymmetricSecurityKey(key), SecurityAlgorithms.HmacSha256Signature)
};
var securityToken = tokenHandler.CreateToken(tokenDescriptor);
var token = tokenHandler.WriteToken(securityToken);
return(token);
}