public async Task <ActionResult> Authenticate([FromBody] AuthenticationRequest request)
{
var authenticationSuccess = await _authorizationService.AuthenticateUser(request.Username, request.Password);
if (authenticationSuccess)
{
var user = await _userService.GetUser(request.Username);
return(Ok(new
{
user,
//JWT
jwt = new AspireJwt
{
Username = user.Username,
Expiration = DateTime.UtcNow.AddHours(4)
},
success = true
}));
}
return(BadRequest(new
{
success = false
}));
}
public async Task <bool> UpdateUserLoginInfo(UpdateLoginInfo newLoginInfo)
{
//validate that the current password is correct
if (!newLoginInfo.NewPassword.IsNullOrEmpty())
{
var oldCredentialsValid = await _authorizationService.AuthenticateUser(newLoginInfo.OldUsername, newLoginInfo.OldPassword);
if (!oldCredentialsValid)
{
throw new UpdateLoginInfoException("Current Password is incorrect");
}
var newPasswordHashBytes = _authorizationService.EncryptPassword(newLoginInfo.NewPassword);
var passwordUpdateSuccess = await UpdatePassword(newPasswordHashBytes, newLoginInfo.OldUsername);
if (!passwordUpdateSuccess)
{
throw new UpdateLoginInfoException();
}
}
//Validate that the new username is available
if (!newLoginInfo.NewUsername.IsNullOrEmpty())
{
var usernameAvailable = await GetUsernameAvailability(newLoginInfo.NewUsername);
if (!usernameAvailable)
{
throw new UpdateLoginInfoException("New username is not available");
}
var usernameUpdateSuccess = await UpdateUsername(newLoginInfo.NewUsername, newLoginInfo.OldUsername);
if (!usernameUpdateSuccess)
{
throw new UpdateLoginInfoException();
}
}
return(true);
}
