public async Task <IActionResult> Register([FromBody] RegisterRequest model)
{
if (!ModelState.IsValid)
{
return(BadRequest(ModelState));
}
var user = new UserAccount
{
UserName = model.Username,
Email = model.Email,
IsBlocked = false,
Firstname = model.FirstName,
Lastname = model.LastName,
PhoneNumber = model.PhoneNumber
};
var result = await _userManager.CreateAsync(user, model.Password);
if (result.Succeeded)
{
await _userManager.AddToRoleAsync(user, UserRoleString.User);
await _signInManager.SignInAsync(user, false);
return(Ok(JWTtoken.Generate(_configuration, model.Username, user)));
}
return(BadRequest(result.Errors.First().Description));
}
public async Task <IActionResult> Login([FromBody] LoginRequest model)
{
if (!ModelState.IsValid)
{
return(BadRequest(ModelState));
}
var result = await _signInManager.PasswordSignInAsync(model.Username, model.Password, false, false);
if (result.Succeeded)
{
var appUser = _userManager.Users.SingleOrDefault(r => r.UserName == model.Username);
if (appUser.IsBlocked)
{
return(StatusCode((int)HttpStatusCode.Unauthorized, new ErrorResponse
{
Message = "Your account is blocked for indefinite ammount of time"
}));
}
var userRoles = await _userManager.GetRolesAsync(appUser);
var role = userRoles.Contains(UserRoles.Admin.ToString())
? UserRoles.Admin
: UserRoles.User;
return(Ok(JWTtoken.Generate(_configuration, model.Username, appUser, role)));
}
return(StatusCode((int)HttpStatusCode.Unauthorized, new ErrorResponse
{
Message = "Username and password doesn't match"
}));
}
