public async Task <IActionResult> Authenticate([FromBody] User user)
{
var us = await _userService.Authenticate(user.UserName, user.Password);
if (us == null)
{
return(BadRequest(new { message = "Username or password is incorrect" }));
}
var tokenHandler = new JwtSecurityTokenHandler();
var key = Encoding.ASCII.GetBytes(Startup.SecretCode);
var tokenDescriptor = new SecurityTokenDescriptor
{
Subject = new ClaimsIdentity(new Claim[]
{
new Claim(ClaimTypes.Name, us.UserId.ToString())
}),
Expires = DateTime.UtcNow.AddDays(7),
SigningCredentials = new SigningCredentials(new SymmetricSecurityKey(key), SecurityAlgorithms.HmacSha256Signature)
};
var token = tokenHandler.CreateToken(tokenDescriptor);
var tokenString = tokenHandler.WriteToken(token);
// return basic user info (without password) and token to store client side
return(Ok(new
{
Name = us.Name,
UserId = us.UserId,
PositionId = us.PositionId,
UserName = us.UserName,
PositionName = us.PositionName,
UnitCode = us.UnitCode,
UnitName = us.UnitName,
Grade = us.Grade,
Token = tokenString
}));
}