public async Task <ServiceResult> CreateNewAccountAsync(UserLoginRegisterDto user)
{
if (string.IsNullOrWhiteSpace(user.Password))
{
return(new ServiceResult(false, "Password is required"));
}
if (await _unitOfWork.UserRepository.FindByUsernameAsync(user.Username) != null)
{
return(new ServiceResult(false, "That username is already taken"));
}
var hashes = GeneratePasswordHash(user.Password);
var newUser = new User()
{
PasswordHash = hashes["PasswordHash"],
PasswordSalt = hashes["PasswordSalt"],
Username = user.Username
};
await _unitOfWork.UserRepository.AddUserAsync(newUser);
await _unitOfWork.CompleteTransactionAsync();
return(new ServiceResult(true, "Successfully created new account"));
}
public async Task <IActionResult> Authenticate([FromBody] UserLoginRegisterDto userDto)
{
var result = await _userService.AuthenticateAsync(userDto);
if (result.Success)
{
return(Ok(new { token = result.Data }));
}
else
{
return(Unauthorized(result.Data));
}
}
public async Task <IActionResult> CreateAccount([FromBody] UserLoginRegisterDto userDto)
{
var result = await _userService.CreateNewAccountAsync(userDto);
if (result.Success)
{
return(Ok(new { result.Message }));
}
else
{
return(BadRequest(result.Message));
}
}
public async Task <ServiceResult <string> > AuthenticateAsync(UserLoginRegisterDto user)
{
if (string.IsNullOrWhiteSpace(user.Password) || string.IsNullOrWhiteSpace(user.Username))
{
return(new ServiceResult <string>(false, "Invalid credentials"));
}
var userEntity = await _unitOfWork.UserRepository.FindByUsernameAsync(user.Username);
if (userEntity == null)
{
return(new ServiceResult <string>(false, "Invalid credentials"));
}
var result = ValidatePassword(user.Password, userEntity.PasswordHash, userEntity.PasswordSalt);
if (!result)
{
return(new ServiceResult <string>(false, "Invalid credentials"));
}
var key = new SymmetricSecurityKey(Encoding.UTF8.GetBytes(_settings.SecretKey));
var credentials = new SigningCredentials(key, SecurityAlgorithms.HmacSha512);
var jwtToken = new JwtSecurityToken(
claims: new[]
{
new Claim(ClaimTypes.Name, user.Username),
new Claim(ClaimTypes.NameIdentifier, userEntity.Id.ToString())
},
expires: DateTime.Now.AddMinutes(10),
signingCredentials: credentials);
var tokenAsString = new JwtSecurityTokenHandler().WriteToken(jwtToken);
return(new ServiceResult <string>(true, "Authentication successful", tokenAsString));
}
