async public Task <IActionResult> Authenticate([FromBody] AuthenticateDataModel model)
{
//Get values from request, sent by client.
string username = model.Email;
string password = model.Password;
//Client validation passed. Validate credentials.
//Does the user have a valid account and did they provide a valid username/password.
User user = default(User);
//Does user have valid credentials
var validated = UserHelper.ValidateUserIdentity(username, password, ref user, null);
if (validated == UserValidationResponse.Invalid)
{
return(BadRequest("Invalid Username or Password"));
}
else if (validated == UserValidationResponse.LockedOut)
{
return(BadRequest("Account is Locked. Wait 30 minutes."));
}
else if (validated == UserValidationResponse.Invalidated)
{
return(BadRequest("Email has not been validated"));
}
SymmetricSecurityKey key = new SymmetricSecurityKey(Encoding.ASCII.GetBytes(ApplicationSettings.SigningKey));
TokenProviderOptions options = new TokenProviderOptions()
{
Issuer = this.Request.Host.Value,
SigningCredentials = new SigningCredentials(key, SecurityAlgorithms.HmacSha256)
};
//Client, Tokens, and User validation have all passed. Build the tokens and response object
string encodedJwt = await TokenHelper.BuildJwtAuthorizationToken(user, options);
UserSlim response = UserHelper.UserToUserSlim(user);
var lastSignIn = Builders <User> .Update.Set(u => u.LastSignin, DateTime.Now);
User updatedUser = db.Users.Where(u => u.Id == user.Id).FirstOrDefault();
updatedUser.LastSignin = DateTime.Now;
db.Update(updatedUser);
TokenHelper.BuildResponseCookie(Request.HttpContext, encodedJwt);
return(Ok(response));
}
