public IActionResult Login(CredentialsModel credentials) { UserModel user = usersLogic.GetUserByCredentials(credentials); if (user == null) { return(Unauthorized("incorrect username or password")); } user.JwtToken = jwtHelper.GetWjtToken(user.Username, user.Role); user = (UserModel)user.Clone(); user.Password = null; return(Ok(user)); }
public UserModel GetUserByCredentials(CredentialsModel credentialsModel) { UserModel userToCheck = new UserModel(DB.Users.SingleOrDefault(p => p.Username == credentialsModel.Username)); if (credentialsModel.Password == userToCheck.Password) { return(userToCheck); } credentialsModel.Password = Convert.ToBase64String(KeyDerivation.Pbkdf2( password: credentialsModel.Password, salt: Convert.FromBase64String(userToCheck.Salt), prf: KeyDerivationPrf.HMACSHA1, iterationCount: 10000, numBytesRequested: 256 / 8)); if (credentialsModel.Password == userToCheck.Password) { return(userToCheck); } return(null); }