public string Execute(LoginModel model)
{
//check model Validation
if (!model.ValidationState.IsValid)
{
throw new ValidationException(BusinessMessages.Invalid_data, model.ValidationState.ValidationResults);
}
var user = databaseService.Users.Single(obj => obj.Email.ToUpper() == model.Email.ToUpper());
if (user == null)
{
throw new BusinessException(BusinessMessages.Incorrect_Email, "EmailNotFound");
}
//Checking password
else if (!hashingService.Validate(model.Password, user.Salt, user.HashPassword))
{
throw new BusinessException(BusinessMessages.Incorrect_Password, "InvalidPassword");
}
else
{
DateTime expireAt = DateTime.UtcNow.AddDays(7);
var role = user.UserRole;
var claims = new List <Claim>()
{
new Claim("UserId", user.Id.ToString()),
new Claim("UserName", user.FirstName),
new Claim(ClaimTypes.Role, role.ToString())
};
string AccessToken = jWTService.GenerateAccessToken(claims, expireAt);
return(AccessToken);
}
}
public async Task <ActionResult <Person> > LoginUser(PersonLoginDTO current)
{
var storedPerson = _repository.GetByEmail(current.Email);
if (storedPerson == null)
{
return(Unauthorized(UnauthorizedEmptyJsonResult));
}
//TODO usunąć gdy Frontend przejdzie na używanie ról z Access Tokenu.
var storedUserRoles = await _customUserRolesService.GatherAllUserRoles(storedPerson.Id);
var token = await _jwtService.GenerateAccessToken(storedPerson, storedUserRoles.First());
var refreshToken = _jwtService.GenerateRefreshToken();
try
{
UpdateRefreshToken(storedPerson, refreshToken);
return(Accepted(new
{
Id = storedPerson.Id,
FirstName = storedPerson.Name,
LastName = storedPerson.Lastname,
Email = storedPerson.Email,
Roles = storedUserRoles,
Token = token,
RefreshToken = refreshToken
}));
}
catch (DBConcurrencyException e)
{
return(Conflict(ConflictJsonResult(e.Message)));
}
}