public async Task <IActionResult> Authenticate([FromBody] AuthenticateRequest request) { if (request == null) { return(Unauthorized()); } if (string.IsNullOrEmpty(request.Username) || string.IsNullOrEmpty(request.Password)) { return(BadRequest(new { message = "Username or password is incorrect" })); } var passwordHash = await BCryptHelper.PasswordHash(request.Password); var user = await _userService.GetUserByName(request.Username); if (user == null) { return(BadRequest(new { message = "User not found" })); } bool isVerified = await BCryptHelper.VerifyHash(request.Password, user.Password); if (!isVerified) { return(BadRequest(new { message = "Invalid username or password" })); } string tokenString = await JwtHelper.GenerateToken(user, _setting); user.RefreshTokens.Add(new RefreshToken { Expires = DateTime.UtcNow.AddHours(1), Token = tokenString, Created = DateTime.UtcNow, CreatedByIp = await HttpHelper.GetIP4Address(HttpContext) }); await _userService.Update(user); return(Ok(new UserResponse { Id = user.Id, FirstName = user.FirstName, LastName = user.LastName, Username = user.Username, Token = tokenString })); }