public async Task <IActionResult> Authenticate([FromBody] AuthenticateRequest request) { if (request == null) { return(Unauthorized()); } if (string.IsNullOrEmpty(request.Username) || string.IsNullOrEmpty(request.Password)) { return(BadRequest(new { message = "Username or password is incorrect" })); } var passwordHash = await BCryptHelper.PasswordHash(request.Password); var user = await _userService.GetUserByName(request.Username); if (user == null) { return(BadRequest(new { message = "User not found" })); } bool isVerified = await BCryptHelper.VerifyHash(request.Password, user.Password); if (!isVerified) { return(BadRequest(new { message = "Invalid username or password" })); } string tokenString = await JwtHelper.GenerateToken(user, _setting); user.RefreshTokens.Add(new RefreshToken { Expires = DateTime.UtcNow.AddHours(1), Token = tokenString, Created = DateTime.UtcNow, CreatedByIp = await HttpHelper.GetIP4Address(HttpContext) }); await _userService.Update(user); return(Ok(new UserResponse { Id = user.Id, FirstName = user.FirstName, LastName = user.LastName, Username = user.Username, Token = tokenString })); }
public async Task <IActionResult> Register([FromBody] RegisterUserRequest request) { var user = new User { Username = request.Username, Password = await BCryptHelper.PasswordHash(request.Password), FirstName = request.FirstName, LastName = request.LastName }; await _userService.Register(user); return(Ok(new UserResponse { Id = user.Id, FirstName = request.FirstName, LastName = request.LastName, Username = request.Username })); }