public IActionResult Login(UserToLoinDto userToLogin) { var loggedInUser = _repo.Login(userToLogin); if (loggedInUser == null) { return(Unauthorized()); } var claims = new[] { new Claim(ClaimTypes.NameIdentifier, loggedInUser.id.ToString()), new Claim(ClaimTypes.Name, loggedInUser.username) }; // ensure tokens are valid by signing the created token with a key var key = new SymmetricSecurityKey(Encoding.UTF8.GetBytes(_config.GetSection("AppSettings:Token").Value)); var credentials = new SigningCredentials(key, SecurityAlgorithms.HmacSha512Signature); // create a token descriptor var tokenDescriptor = new SecurityTokenDescriptor { Subject = new ClaimsIdentity(claims), SigningCredentials = credentials, Expires = DateTime.Now.AddDays(1) }; var tokenHander = new JwtSecurityTokenHandler(); var token = tokenHander.CreateToken(tokenDescriptor); return(Ok(new { token = tokenHander.WriteToken(token) })); }
public User Login(UserToLoinDto userToLogin) { var existingUser = context.Users.FirstOrDefault(m => m.username.Equals(userToLogin.username)); if (existingUser == null || !VerifyPasswordHash(userToLogin.password, existingUser.passwordSalt, existingUser.passwordHash)) { return(null); } return(existingUser); }