public UserInfo Authenticate(string username, string password)
{
_logger.LogDebug($"authenticate user {username}");
var user = _dataRepository.FindUser(username, password);
//_users.SingleOrDefault(x => x.UserName == username && x.Password == password);
// return null if user not found
if (user == null)
{
return(null);
}
if (!user.IsActive)
{
_logger.LogError($"Authenticate: failed to authenticate. user({username}) is not active");
return(null);
}
// authentication successful so generate jwt token
var tokenHandler = new JwtSecurityTokenHandler();
var key = Encoding.ASCII.GetBytes(_appSettings.Secret);
var tokenDescriptor = new SecurityTokenDescriptor
{
Subject = new ClaimsIdentity(new Claim[]
{
new Claim(ClaimTypes.Name, user.UserId.ToString()),
new Claim(ClaimTypes.Email, user.Email)
}),
Expires = DateTime.UtcNow.AddDays(1),
SigningCredentials = new SigningCredentials(
new SymmetricSecurityKey(key),
SecurityAlgorithms.HmacSha256Signature)
};
var token = tokenHandler.CreateToken(tokenDescriptor);
user.Token = tokenHandler.WriteToken(token);
return(user.WithoutPassword());
}