public IActionResult Login(LoginRequestDto request)
{
// TODO: Move all this logic to DBService
var student = _studentsDbService.GetStudent(request.Login);
if (_studentsDbService.CheckUserPassword(student, request.Password))
{
Console.WriteLine("Password confirmed");
}
else
{
return(BadRequest("Password dont match"));
}
var token = _studentsDbService.GetJwtToken();
var refreshToken = Guid.NewGuid(); // is unique and has no information
_studentsDbService.SaveRefreshTokenInDb(refreshToken, student);
return(Ok(new
{
accessToken = new JwtSecurityTokenHandler().WriteToken(token),
refreshToken
}));
}
