public string Execute(LoginModel model) { //check model Validation if (!model.ValidationState.IsValid) { throw new ValidationException(BusinessMessages.Invalid_data, model.ValidationState.ValidationResults); } var user = databaseService.Users.Single(obj => obj.Email.ToUpper() == model.Email.ToUpper()); if (user == null) { throw new BusinessException(BusinessMessages.Incorrect_Email, "EmailNotFound"); } //Checking password else if (!hashingService.Validate(model.Password, user.Salt, user.HashPassword)) { throw new BusinessException(BusinessMessages.Incorrect_Password, "InvalidPassword"); } else { DateTime expireAt = DateTime.UtcNow.AddDays(7); var role = user.UserRole; var claims = new List <Claim>() { new Claim("UserId", user.Id.ToString()), new Claim("UserName", user.FirstName), new Claim(ClaimTypes.Role, role.ToString()) }; string AccessToken = jWTService.GenerateAccessToken(claims, expireAt); return(AccessToken); } }
public async Task <ActionResult <Person> > LoginUser(PersonLoginDTO current) { var storedPerson = _repository.GetByEmail(current.Email); if (storedPerson == null) { return(Unauthorized(UnauthorizedEmptyJsonResult)); } //TODO usunąć gdy Frontend przejdzie na używanie ról z Access Tokenu. var storedUserRoles = await _customUserRolesService.GatherAllUserRoles(storedPerson.Id); var token = await _jwtService.GenerateAccessToken(storedPerson, storedUserRoles.First()); var refreshToken = _jwtService.GenerateRefreshToken(); try { UpdateRefreshToken(storedPerson, refreshToken); return(Accepted(new { Id = storedPerson.Id, FirstName = storedPerson.Name, LastName = storedPerson.Lastname, Email = storedPerson.Email, Roles = storedUserRoles, Token = token, RefreshToken = refreshToken })); } catch (DBConcurrencyException e) { return(Conflict(ConflictJsonResult(e.Message))); } }