internal User Login(UserLoginCreds creds) { User user = _repo.GetUserByEmail(creds.Email); if (user == null || !BCrypt.Net.BCrypt.Verify(creds.Password, user.Hash)) { throw new Exception("Invalid Email or Password"); } user.Hash = null; return(user); }
public async Task <ActionResult <User> > Login([FromBody] UserLoginCreds creds) { try { User user = _as.Login(creds); user.SetClaims(); await HttpContext.SignInAsync(user._principal); return(Ok(user)); } catch (Exception e) { return(Unauthorized(e.Message)); } }