/// <summary>
/// Authenticate a user.
/// </summary>
/// <param name="dto"></param>
/// <returns></returns>
public TokenGetDto Authenticate(UserAuthenticationGetDto dto)
{
TokenGetDto tokenDto = new TokenGetDto();
User u = _userRepo.GetUser(dto.Mail);
if (!u.Password.Equals(dto.Password, StringComparison.OrdinalIgnoreCase))
{
throw new IncorrectPasswordException();
}
var tokenHandler = new System.IdentityModel.Tokens.Jwt.JwtSecurityTokenHandler();
var now = DateTime.UtcNow;
var tokenDescriptor = new SecurityTokenDescriptor
{
Subject = new ClaimsIdentity(new[]
{
new Claim("email", u.Mail),
new Claim("userId", u.Id.ToString()),
new Claim("personId", u.PersonId.ToString())
}),
Expires = now.AddMinutes(2000),
SigningCredentials = new SigningCredentials(new SymmetricSecurityKey(Encoding.UTF8.GetBytes(_config.JwtToken.SecretKey)), SecurityAlgorithms.HmacSha256),
};
var token = tokenHandler.CreateToken(tokenDescriptor);
tokenDto = new TokenGetDto()
{
Token = tokenHandler.WriteToken(token),
ValidTo = token.ValidTo
};
return(tokenDto);
}
public ActionResult <TokenGetDto> Authenticate(UserAuthenticationGetDto dto)
{
TokenGetDto token = _userManager.Authenticate(dto);
return(Ok(token));
}