private User AuthenticateUser(User login)
{
//Query user
User user = _context.Users
.Where(u => u.Username == login.Username)
.FirstOrDefault();
// Run hash even if user doesn't exist
bool isValidPassword = Equals(AuthUtils.GeneratePasswordHash(login.Password), user.Password);
if (!isValidPassword)
{
user = null;
return(user);
}
return(user);
}
public async Task <IActionResult> PostUser([FromBody] User user)
{
if (!ModelState.IsValid)
{
return(BadRequest(ModelState));
}
if (!AuthUtils.IsValidEmail(user.Email))
{
return(BadRequest("Invalid email"));
}
user.Password = AuthUtils.GeneratePasswordHash(user.Password);
_context.Users.Add(user);
await _context.SaveChangesAsync();
return(CreatedAtAction("GetUser", new { id = user.UserId }, user));
}
