public async Task <IResponseDTO> Login(LoginParamsDto loginParams) { try { var appUser = await _userManager.FindByEmailAsync(loginParams.Email); if (appUser == null) { _response.Errors.Add("Email is not found"); _response.IsPassed = false; return(_response); } else if (appUser.Status == UserStatusEnum.Locked.ToString()) { _response.Errors.Add("Your Account is locked. Please contact your administration"); _response.IsPassed = false; return(_response); } else if (appUser.Status == UserStatusEnum.NotActive.ToString()) { _response.Errors.Add("Your Account is disabled. Please contact your administration"); _response.IsPassed = false; return(_response); } if (appUser != null && _passwordHasher.VerifyHashedPassword(appUser, appUser.PasswordHash, loginParams.Password) != PasswordVerificationResult.Success) { appUser.AccessFailedCount += 1; await _userManager.UpdateAsync(appUser); _response.Errors.Add("Invalid password"); _response.IsPassed = false; return(_response); } // in case user logged in successfully, reset AccessFailedCount if (appUser.AccessFailedCount > 0) { appUser.AccessFailedCount = 0; await _userManager.UpdateAsync(appUser); } var token = GenerateJSONWebToken(appUser.Id, appUser.UserName, appUser.CompanyId ?? 0); _response.IsPassed = true; _response.Message = "You are logged in successfully."; _response.Data = token; } catch (Exception ex) { _response.IsPassed = false; _response.Message = $"Error: {ex.Message} Details: {ex.InnerException?.Message}"; return(_response); } return(_response); }
public async Task <IResponseDTO> Login([FromBody] LoginParamsDto loginParams) { _response = await _accountService.Login(loginParams); return(_response); }