public IActionResult Login([FromBody] LoginModel user) { if (user == null) { return(BadRequest("Invalid Request")); } PmoUser userDto = _userEngine.AuthenticateUser(user.UserName, user.Password); if (userDto != null) { var secretKey = new SymmetricSecurityKey(Encoding.UTF8.GetBytes("KeyForSignInSecret@1234")); var signinCredentials = new SigningCredentials(secretKey, SecurityAlgorithms.HmacSha256); var tokenOptions = new JwtSecurityToken( issuer: "http://localhost:49614", audience: "http://localhost:49614", claims: new List <Claim>(), expires: DateTime.Now.AddMinutes(30), signingCredentials: signinCredentials ); var tokenString = new JwtSecurityTokenHandler().WriteToken(tokenOptions); return(Ok(new { Token = tokenString, UserDetails = userDto })); } else { return(Unauthorized()); } }
public PmoUser AuthenticateUser(string empId, string passkey) { string sql = "AuthenticateUser"; PmoUser user = null; using (var connection = new SqlConnection(this.connectionString)) { var sqlCommand = new SqlCommand(sql, connection); sqlCommand.Parameters.Add(new SqlParameter("@UserName", empId)); sqlCommand.Parameters.Add(new SqlParameter("@Passkey", passkey)); sqlCommand.CommandType = CommandType.StoredProcedure; try { connection.Open(); var reader = sqlCommand.ExecuteReader(); while (reader.Read()) { user = new PmoUser(); user.EmpName = reader["EmpName"].ToString(); user.EmpNo = reader["Emp_No"].ToString(); user.Designation = reader["Designation"].ToString(); user.Department = reader["Department"].ToString(); user.Location = reader["Location"].ToString(); user.IsAdmin = reader["AdminID"].ToString() == "N" ? false : true; } connection.Close(); } catch (Exception ex) { throw; } return(user); } }