/// <summary>
/// Authenticate method
/// </summary>
/// <param name="model">model</param>
/// <returns>AuthenticateResponseViewModel</returns>
public async Task <AuthenticateResponseViewModel> Authenticate(AuthenticateRequestViewModel model)
{
User userResponse = await _userRepositoryService.Authenticate(model.Username.ToLower(), model.Password);
UserViewModel mappedUser = _mapper.Map <UserViewModel>(userResponse);
// return null if user not found
if (mappedUser == null)
{
return(null);
}
AuthenticateResponseViewModel authenticateResponse = new AuthenticateResponseViewModel(mappedUser, string.Empty);
// authentication successful so generate jwt token
string token = GenerateJwtToken(authenticateResponse);
return(new AuthenticateResponseViewModel(mappedUser, token));
}
public async Task <IActionResult> Authenticate([FromBody] AuthenticateRequestViewModel model)
{
if (model == null)
{
throw new ArgumentNullException("model");
}
if (ModelState.IsValid)
{
AuthenticateResponseViewModel response = await _mappedUserRepositoryService.Authenticate(model);
if (response == null)
{
return(BadRequest(new { message = "Username or password is incorrect" }));
}
return(Ok(response));
}
return(BadRequest(new { message = "Username or password is incorrect" }));
}
/// <summary>
/// GenerateJwtToken method
/// </summary>
/// <param name="user">user</param>
/// <returns>string</returns>
private string GenerateJwtToken(AuthenticateResponseViewModel user)
{
// generate token that is valid for 7 days
var tokenHandler = new JwtSecurityTokenHandler();
var claims = new[] {
new Claim(JwtRegisteredClaimNames.Sub, _jwtSettings.Subject),
new Claim(JwtRegisteredClaimNames.Jti, Guid.NewGuid().ToString()),
new Claim(JwtRegisteredClaimNames.Iat, DateTime.UtcNow.ToString()),
new Claim("UserId", user.UserId.ToString()),
new Claim("FirstName", user.FirstName),
new Claim("LastName", user.LastName),
new Claim("UserName", user.UserName),
new Claim("Email", user.Email)
};
var key = new SymmetricSecurityKey(Encoding.UTF8.GetBytes(_jwtSettings.Key));
var signIn = new SigningCredentials(key, SecurityAlgorithms.HmacSha256Signature);
var token = new JwtSecurityToken(_jwtSettings.Issuer, _jwtSettings.Audience, claims, expires: DateTime.UtcNow.AddDays(1), signingCredentials: signIn);
return(tokenHandler.WriteToken(token));
}
