public IActionResult Authenticate([FromBody] LoginForm login)
{
if (!ModelState.IsValid)
{
return(BadRequest(ModelState));
}
if (!_jWTService.CheckAccount(new LoginForm(login.email, _userService.EncodePassword(login.password))))
{
return(NotFound(new Response("404", "Email or password is not correct!")));
}
var id = _userService.GetIdByEmail(login.email);
var AccessToken = _jWTService.GenerateToken(id, login.email);
var RefreshToken = _jWTService.GenerateRefreshToken();
_userService.UpdateRefreshToken(_userService.GetIdByEmail(login.email), RefreshToken);
return(Ok(new LoginRespone(AccessToken, RefreshToken)));
}
public async Task <ActionResult <Person> > LoginUser(PersonLoginDTO current)
{
var storedPerson = _repository.GetByEmail(current.Email);
if (storedPerson == null)
{
return(Unauthorized(UnauthorizedEmptyJsonResult));
}
//TODO usunąć gdy Frontend przejdzie na używanie ról z Access Tokenu.
var storedUserRoles = await _customUserRolesService.GatherAllUserRoles(storedPerson.Id);
var token = await _jwtService.GenerateAccessToken(storedPerson, storedUserRoles.First());
var refreshToken = _jwtService.GenerateRefreshToken();
try
{
UpdateRefreshToken(storedPerson, refreshToken);
return(Accepted(new
{
Id = storedPerson.Id,
FirstName = storedPerson.Name,
LastName = storedPerson.Lastname,
Email = storedPerson.Email,
Roles = storedUserRoles,
Token = token,
RefreshToken = refreshToken
}));
}
catch (DBConcurrencyException e)
{
return(Conflict(ConflictJsonResult(e.Message)));
}
}
