public async Task <IActionResult> Login([FromBody] LoginRequest loginRequest)
{
var user = await _userRepository.GetUserByEmailAsync(loginRequest.Email);
if (user == null)
{
return(Unauthorized());
}
if (!_passwordHelper.IsPasswordValid(loginRequest.Password, user.Hash, user.Salt))
{
return(Unauthorized());
}
var claims = new List <Claim>
{
new(ClaimTypes.Name, user.DisplayName),
new(ClaimTypes.NameIdentifier, $"{user.UserId}")
};
var claimsIdentity = new ClaimsIdentity(claims, CookieAuthenticationDefaults.AuthenticationScheme);
var claimsPrincipal = new ClaimsPrincipal(claimsIdentity);
var authenticationProperties = new AuthenticationProperties
{
AllowRefresh = true,
IsPersistent = loginRequest.RememberMe,
IssuedUtc = DateTimeOffset.UtcNow,
ExpiresUtc = DateTimeOffset.UtcNow.AddMinutes(60)
};
await HttpContext.SignInAsync(
CookieAuthenticationDefaults.AuthenticationScheme,
claimsPrincipal,
authenticationProperties);
return(Ok());
}
