public ActionResult <OneDataTransfer <User> > Post([FromBody] UserInsert user) { OneDataTransfer <User> response = new OneDataTransfer <User>(); try { int errorCode = 0; string errorMessage = "OK"; UserManager userManager = new UserManager(); //encrypt password SecurityRSA rSA = new SecurityRSA(); string pubKey = rSA.GeneratePublicKey(); string encryptedPassword = rSA.Encrypt(pubKey, user.password); user.password = encryptedPassword; string IdUser = userManager.InsertUser(user, ref errorCode, ref errorMessage); if (errorCode != 0) { response.code = errorCode; response.message = errorMessage; return(BadRequest(response)); } response.code = errorCode; response.message = "OK"; return(CreatedAtRoute("getuser", new { id = IdUser }, response)); } catch (Exception ex) { response.code = -100; response.message = ex.Message; return(BadRequest(response)); } }
public ActionResult <OneDataTransfer <object> > userLogin([FromBody] UserLogin userLogin) { OneDataTransfer <object> response = new OneDataTransfer <object>(); try { int errorCode = 0; string errorMessage = "OK"; UserManager userManager = new UserManager(); User user = userManager.GetUserByLogin(userLogin.UserName, ref errorCode, ref errorMessage); SecurityRSA rSA = new SecurityRSA(); string pubKey = rSA.GeneratePublicKey(); string decryptedPass = rSA.Decrypt(user.Password); if (decryptedPass == userLogin.Password) { //Get JWT var claim = new[] { new Claim(JwtRegisteredClaimNames.Sub, user.NickName) }; var signinKey = new SymmetricSecurityKey(Encoding.UTF8.GetBytes("Aquivaunallaveconlaquequieroencriptar")); int expiryInMinutes = 5; //Minutes to expired var token = new JwtSecurityToken( issuer: "http://www.ordersjsp.com.co", audience: "http://www.ordersjsp.com.co", expires: DateTime.UtcNow.AddMinutes(expiryInMinutes), signingCredentials: new SigningCredentials(signinKey, SecurityAlgorithms.HmacSha256) ); response.data = new { token = new JwtSecurityTokenHandler().WriteToken(token), expiration = token.ValidTo }; response.code = errorCode; response.message = "OK"; return(Ok(response)); } else { response.code = errorCode; response.message = errorMessage; return(Unauthorized()); } } catch (Exception ex) { response.code = -100; response.message = ex.Message; return(BadRequest(response)); } }