public IActionResult Login(LoginRequestDto login)
{
//db check existing profile
if (!_dbService.AccountExist(login))
{
return(StatusCode(401));
}
var claims = new[]
{
new Claim(ClaimTypes.NameIdentifier, login.User + "0101"),
new Claim(ClaimTypes.Name, login.User),
new Claim(ClaimTypes.Role, "employee")
};
var key = new SymmetricSecurityKey(Encoding.UTF8.GetBytes(_configuration["SecretKey"]));
var creds = new SigningCredentials(key, SecurityAlgorithms.HmacSha256);
var token = new JwtSecurityToken
(
issuer: "Gakko",
audience: "Students",
claims: claims,
expires: DateTime.Now.AddMinutes(10),
signingCredentials: creds
);
var refreshToken = Guid.NewGuid();
login.Token = refreshToken;
_dbService.SaveToken(login);
return(Ok(new
{
token = new JwtSecurityTokenHandler().WriteToken(token),
refreshToken = refreshToken
}));
}