private User AuthenticateUser(User login) { //Query user User user = _context.Users .Where(u => u.Username == login.Username) .FirstOrDefault(); // Run hash even if user doesn't exist bool isValidPassword = Equals(AuthUtils.GeneratePasswordHash(login.Password), user.Password); if (!isValidPassword) { user = null; return(user); } return(user); }
public async Task <IActionResult> PostUser([FromBody] User user) { if (!ModelState.IsValid) { return(BadRequest(ModelState)); } if (!AuthUtils.IsValidEmail(user.Email)) { return(BadRequest("Invalid email")); } user.Password = AuthUtils.GeneratePasswordHash(user.Password); _context.Users.Add(user); await _context.SaveChangesAsync(); return(CreatedAtAction("GetUser", new { id = user.UserId }, user)); }