public async Task <ActionResult <AccountResponse> > PostLogin([FromBody] LoginRequest request)
{
if (!ModelState.IsValid)
{
return(BadRequest());
}
var account = await AccountAccessor.Find(request.Username);
if (account == null)
{
return(BadRequest(new { message = "Incorrect username/email" }));
}
if (!BCrypt.Net.BCrypt.Verify(Sha512Hmac.HashPassword(request.Password), account.Password))
{
return(BadRequest(new { message = "Incorrect password" }));
}
// issue cookie
var claims = new Claim[]
{
new Claim(ClaimTypes.Name, account.Id.ToString()),
new Claim(ClaimTypes.Role, account.Role.ToString()),
};
var claimsIdentity = new ClaimsIdentity(claims, CookieAuthenticationDefaults.AuthenticationScheme);
await HttpContext.SignInAsync(CookieAuthenticationDefaults.AuthenticationScheme, new ClaimsPrincipal(claimsIdentity), authProperties);
return(Ok(_mapper.Map <AccountResponse>(account)));
}
public async Task <ActionResult <AccountResponse> > PostRegister([FromBody] RegisterRequest request)
{
if (!ModelState.IsValid)
{
return(BadRequest());
}
var account = _mapper.Map <AccountEntity>(request);
account.Password = BCrypt.Net.BCrypt.HashPassword(Sha512Hmac.HashPassword(request.Password), 10);
account.Id = await AccountAccessor.Create(account);
// issue cookie
var claims = new Claim[]
{
new Claim(ClaimTypes.Name, account.Id.ToString()),
new Claim(ClaimTypes.Role, account.Role.ToString()),
};
var claimsIdentity = new ClaimsIdentity(claims, CookieAuthenticationDefaults.AuthenticationScheme);
await HttpContext.SignInAsync(CookieAuthenticationDefaults.AuthenticationScheme, new ClaimsPrincipal(claimsIdentity), authProperties);
return(Ok(_mapper.Map <AccountResponse>(account)));
}
public async Task <ActionResult <AccountResponse> > PostRegister([FromBody] RegisterRequest request)
{
if (!ModelState.IsValid)
{
return(BadRequest());
}
var account = _mapper.Map <AccountEntity>(request);
account.Password = BCrypt.Net.BCrypt.HashPassword(Sha512Hmac.HashPassword(request.Password), 10);
account.Id = await AccountAccessor.Create(account);
await UserAccessor.Create(account); // Create user at the same time
if (request.Role == Constants.Role.Student)
{
var resume = new ResumeEntity();
resume.student_id = account.Id;
await ResumeAccessor.Create(resume);
}
await AnnounceAccessor.SetNewSend(account.Id);//create user's announce
// issue cookie
var claims = new Claim[]
{
new Claim(ClaimTypes.Name, account.Id.ToString()),
new Claim(ClaimTypes.Role, account.Role.ToString()),
};
var claimsIdentity = new ClaimsIdentity(claims, CookieAuthenticationDefaults.AuthenticationScheme);
await HttpContext.SignInAsync(CookieAuthenticationDefaults.AuthenticationScheme, new ClaimsPrincipal(claimsIdentity), authProperties);
return(Ok(_mapper.Map <AccountResponse>(account)));
}
