public async Task <IActionResult> Login([FromBody] LoginDto customer)
{
var customerEntity = await _repository.Customer.GetCustomerByEmail(customer.email);
if (customerEntity == null)
{
return(NotFound());
}
if (!AuthExtensions.VerifyPasswordHash(customer.password, customerEntity.passwordHash, customerEntity.passwordSalt))
{
return(NotFound("Invalid email or password"));
}
var claims = new List <Claim>
{
new Claim(ClaimTypes.NameIdentifier, customerEntity.id.ToString()),
new Claim(ClaimTypes.Email, customerEntity.email),
new Claim(ClaimTypes.Name, customerEntity.name)
};
var customerResult = _mapper.Map <CustomerDto>(customerEntity);
return(Ok(new {
customer = customerResult,
token = AuthExtensions.TokenGeneration(claims, _config)
}));
}
private void CreateUserResponse(User userEntity, out UserDto userResult, out string token)
{
var claims = new List <Claim>
{
new Claim(ClaimTypes.NameIdentifier, userEntity.id.ToString()),
new Claim(ClaimTypes.Email, userEntity.email),
new Claim(ClaimTypes.Name, userEntity.name),
new Claim(ClaimTypes.Role, userEntity.rolId == 1 ? "Administrador" : "Capturista")
};
userResult = _mapper.Map <UserDto>(userEntity);
token = AuthExtensions.TokenGeneration(claims, _config);
}
public IActionResult RefreshToken([FromBody] TokenDto model)
{
var validatedClaims = (AuthExtensions.VerifyToken(model.token, _config));
if (validatedClaims == null)
{
return(Unauthorized());
}
var user = new UserDto
{
userId = int.Parse(validatedClaims.First(c => c.Type == ClaimTypes.NameIdentifier).Value),
email = validatedClaims.First(c => c.Type == ClaimTypes.Email).Value,
name = validatedClaims.First(c => c.Type == ClaimTypes.Name).Value
};
return(Ok(new {
user,
token = AuthExtensions.TokenGeneration(validatedClaims.ToList(), _config)
}));
}