public (Employee, string) Authenticate(Employee employeeIn)
{
//todo brug db context her til at sammenligne employee brugere..
//var employee = employeeList.SingleOrDefault(x => x.Username == userName && x.Password == password);
var userFound = db.GetEmployeeLogin(employeeIn.Username, employeeIn.Password);
// return null if employee is not found
if (userFound == null)
{
return(null, null);
}
(Employee, string)elevatedUser;
elevatedUser.Item1 = userFound;
var tokenHandler = new JwtSecurityTokenHandler();
var key = Encoding.ASCII.GetBytes(_appSettings.SecretKey);
var tokenDescriptor = new SecurityTokenDescriptor
{
Subject = new ClaimsIdentity(new Claim[] {
new Claim(ClaimTypes.Name, elevatedUser.Item1.Id.ToString()),
new Claim(ClaimTypes.Role, "Admin"),
new Claim(ClaimTypes.Version, "V3.1")
}),
Expires = DateTime.UtcNow.AddDays(2),
SigningCredentials = new SigningCredentials(new SymmetricSecurityKey(key), SecurityAlgorithms.HmacSha256Signature),
};
var token = tokenHandler.CreateToken(tokenDescriptor);
elevatedUser.Item2 = tokenHandler.WriteToken(token);
elevatedUser.Item1.Password = "******";
return(elevatedUser);
}
public IActionResult Login(string username, string password)
{
var userFound = db.GetEmployeeLogin(username, password);
return(Json(userFound));
}