/// <summary>
/// Check if an authentication request is valid
/// </summary>
/// <param name="postInfo">Json object representing client credentials</param>
/// <returns>Json response object</returns>
public TeamLoginResp TeamLogin(TeamLoginPost postInfo)
{
// Check if the username exists.
var userNameExist = _teamLoginService.CheckUsernameExistence(postInfo.Username);
var passwordValid = false;
// If the userNameExist then we grab the password.
if (userNameExist)
{
passwordValid = _teamLoginService.ValidatePassword(postInfo.Username, postInfo.Password, Constants.HashIteration, KeyDerivationPrf.HMACSHA256);
}
// If authentication passes return the corresponding json response.
if (userNameExist && passwordValid)
{
// Grab ClientId to return to frontend.
var clientId = _teamLoginService.GetClientIdFromUsername(postInfo.Username);
return(new TeamLoginResp()
{
Status = true,
// Access token to authorize protected resources.
AccessToken = _JWTService.GenerateHmacSignedJWTToken(Constants.Issuer, clientId, Constants.Issuer, DateTime.Now.ToUniversalTime(),
DateTime.Now.AddMinutes(Constants.AuthenticationValidMinutes).ToUniversalTime(), Constants.SigningKey),
Username = postInfo.Username,
ClientId = clientId
});
}
else
{
return(new TeamLoginResp()
{
Status = false, AccessToken = null, Username = null, ClientId = null
});
}
}
