public IActionResult Login([FromBody] LoginUserResource loginUserResource) { var user = mapper.Map <LoginUserResource, User>(loginUserResource); var userEmail = unitOfWork.Accounts.FindUserByEmail(user.Email); if (userEmail == null) { return(NotFound(new ApiResponse(404, "User not found"))); } var hashedPassword = userEmail.Password; if (!SecurePasswordHasherHelper.Verify(user.Password, hashedPassword)) { return(Unauthorized(new ApiResponse(401, "Username or password don't match"))); } var token = unitOfWork.Accounts.Login(user, _auth); return(new ObjectResult(new { access_token = token.AccessToken, expires_in = token.ExpiresIn, token_type = token.TokenType, creation_Time = token.ValidFrom, expiration_Time = token.ValidTo, user_Id = userEmail.Id, user_name = userEmail.Name, user_image = userEmail.ImageUrl })); }
public ActionResult Login(UserDTO userDTO, string ReturnUrl) { UserDTO userDetails = utilisateurLogic.GetUserByMail(userDTO.Email); if (userDetails == null) { userDTO.LoginErrorMessage = "Aucun compte n'a été trouvé avec cette addresse"; return(View("Login", userDTO)); } else if (SecurePasswordHasherHelper.Verify(userDTO.Password, userDetails.Password) == false) { userDTO.LoginErrorMessage = "Vérifiez vos identifiants"; return(View("Login", userDTO)); } else { Session["userID"] = userDetails.Id; Session["firstname"] = userDetails.Firstname; Session["lastName"] = userDetails.Lastname; Session["userJob"] = userDetails.Job; Session["notifs"] = notifLogic.ListAllForUser(userDetails.Id).FindAll(n => n.IsRead == 0).Count; FormsAuthentication.SetAuthCookie(userDetails.Email, false); return(Redirect("/")); } }
public void SecurePasswordHasherHelper_Verify_NotSupportedExceptionWasThrown_Fail() { Assert.Throws <NotSupportedException>(() => { SecurePasswordHasherHelper.Verify("test", "test"); }); }
public IActionResult Login([FromBody] Usuario usuario) { var usuarioEmail = _dashboardDbContext.Usuarios.FirstOrDefault(u => u.Email == usuario.Email); if (usuarioEmail == null) { return(NotFound()); } if (!SecurePasswordHasherHelper.Verify(usuario.Senha, usuarioEmail.Senha)) { return(Unauthorized()); } var claims = new[] { new Claim(JwtRegisteredClaimNames.Sub, usuario.Email), new Claim(JwtRegisteredClaimNames.Jti, Guid.NewGuid().ToString()), new Claim(JwtRegisteredClaimNames.Email, usuario.Email), new Claim(ClaimTypes.Name, usuario.Email), }; var token = _auth.GenerateAccessToken(claims); return(new ObjectResult(new { access_token = token.AccessToken, expires_in = token.ExpiresIn, token_type = token.TokenType, creation_Time = token.ValidFrom, expiration_Time = token.ValidTo, user_id = usuarioEmail.Id, user_name = usuarioEmail.Nome, user_email = usuario.Email, })); }
public IActionResult Login([FromBody] Usuario usuario) { //usando o LINQ para fazer a consulta no email do usuário var userEmail = _svtaDbContext.Usuarios.FirstOrDefault(u => u.Email == usuario.Email); if (userEmail == null) { return(NotFound()); } //verifica se o hash na senha do usuario é falso if (!SecurePasswordHasherHelper.Verify(usuario.Senha, userEmail.Senha)) { return(Unauthorized()); } var claims = new[] { new Claim(JwtRegisteredClaimNames.Email, usuario.Email), new Claim(JwtRegisteredClaimNames.Jti, Guid.NewGuid().ToString()), new Claim(ClaimTypes.Email, usuario.Email), }; var token = _auth.GenerateAccessToken(claims); //conteúdo que será retorno ao fazermos nossa requisição da API, essa requisições serão utilizadas no projeto do app para exibir nome do usuário return(new ObjectResult(new { access_token = token.AccessToken, expires_in = token.ExpiresIn, token_type = token.TokenType, creation_Time = token.ValidFrom, expiration_Time = token.ValidTo, user_id = userEmail.Id, user_nome = userEmail.Nome, user_email = userEmail.Email })); }
public async Task <IActionResult> Login(User user) { var userEmail = _dbContext.Users.FirstOrDefault(u => u.Email == user.Email); if (userEmail == null) { return(StatusCode(StatusCodes.Status404NotFound)); } var hashedPassword = userEmail.Password; if (!SecurePasswordHasherHelper.Verify(user.Password, hashedPassword)) { return(Unauthorized()); } var claims = new[] { new Claim(JwtRegisteredClaimNames.Sub, user.Email), new Claim(JwtRegisteredClaimNames.Jti, Guid.NewGuid().ToString()), new Claim(JwtRegisteredClaimNames.Email, user.Email), new Claim(ClaimTypes.Name, user.Email) }; var token = _auth.GenerateAccessToken(claims); return(new ObjectResult(new { access_token = token.AccessToken, expires_in = token.ExpiresIn, token_type = token.TokenType, creation_Time = token.ValidFrom, expiration_Time = token.ValidTo, user_Id = userEmail.Id })); }
public /*async Task<IActionResult>*/ IActionResult Login(User objUser) { User user = null; if (ModelState.IsValid) { // var obj = _context.Where(a => a.UserName.Equals(objUser.UserName) && a.Password.Equals(objUser.Password)).FirstOrDefault(); if (use_test_repository) { foreach (User item in _repository.GetAllItems()) { if (item.username == objUser.username) { user = item; } } } else { user = /*await*/ _context.User.FirstOrDefault/*Async*/ (m => m.username == objUser.username); } if (user != null) { if (SecurePasswordHasherHelper.Verify(objUser.encrypted_password, user.encrypted_password)) { logged_user = user; return(RedirectToAction("Dashboard", logged_user));// new User(user.name,user.username,user.encrypted_password)); } } } return(View("Login", objUser)); }
public IActionResult ChangePassword(ChangePasswordModel model) { if (!ModelState.IsValid) { return(BadRequest(ModelState)); } var userEmail = User.Claims.FirstOrDefault(c => c.Type == ClaimTypes.NameIdentifier).Value; var user = _dbContext.Users.FirstOrDefault(u => u.Email == userEmail); if (user == null) { return(NotFound()); } var hashedPassword = user.Password; if (!SecurePasswordHasherHelper.Verify(model.OldPassword, hashedPassword)) { return(BadRequest("You can't change the password")); } user.Password = SecurePasswordHasherHelper.Hash(model.NewPassword); _dbContext.SaveChanges(); return(Ok("Your password has been changed")); }
public IActionResult Login([Bind("UserId", "Email", "Password")] UserModel login) { if (login.Email == null || login.Password == null) { return(View()); } string Email = login.Email; //find user in database var user = new_db.findUser(Email); if (user == null) { return(View("Register")); } string userPassword = user.Password; if (SecurePasswordHasherHelper.Verify(login.Password, userPassword)) { HttpContext.Session.SetInt32("ID", user.UserId); sessionState = true; admin = user.Admin; userId = user.UserId; //Console.WriteLine("id" + user.UserId); return(Redirect("../Home/")); } return(View()); }
public IActionResult AdminLogin(ADMINMast ADMINMast) { var UserName = _dbContext.ADMINMast.FirstOrDefault(a => a.UserName == a.UserName); if (UserName == null) { return(StatusCode(StatusCodes.Status404NotFound)); } var hashedPassword = UserName.Password; if (!SecurePasswordHasherHelper.Verify(ADMINMast.Password, hashedPassword)) { return(Unauthorized()); } var claims = new[] { new Claim(JwtRegisteredClaimNames.Sub, ADMINMast.UserName), new Claim(JwtRegisteredClaimNames.Jti, Guid.NewGuid().ToString()), new Claim(ClaimTypes.Name, ADMINMast.UserName), }; var token = _auth.GenerateAccessToken(claims); return(new ObjectResult(new { access_token = token.AccessToken, token_type = token.TokenType, Admin_Id = ADMINMast.AdminID, user_name = ADMINMast.UserName, expires_in = token.ExpiresIn, creation_Time = token.ValidFrom, expiration_Time = token.ValidTo, })); }
public IActionResult Login([FromBody] User user) { var userEmail = _dbContext.Users.FirstOrDefault(u => u.Email == user.Email); if (userEmail == null) { return(NotFound()); } if (!SecurePasswordHasherHelper.Verify(user.Password, userEmail.Password)) { return(Unauthorized()); } var claims = new[] { new Claim(JwtRegisteredClaimNames.Email, user.Email), new Claim(ClaimTypes.Email, user.Email), new Claim(ClaimTypes.Role, userEmail.Role) }; var token = _auth.GenerateAccessToken(claims); return(new ObjectResult(new { access_token = token.AccessToken, expires_in = token.ExpiresIn, token_type = token.TokenType, creation_Time = token.ValidFrom, expiration_Time = token.ValidTo, user_id = userEmail.Id })); }
public static bool PasswordMatch(string DBPass, string Pass) { if (SecurePasswordHasherHelper.Verify(Pass, DBPass)) { return(true); } return(false); }
public async Task <bool> Login(LoginDto input) { var user = await _userRepository.GetAll() .FirstOrDefaultAsync(x => x.Username == input.Username); if (user == null) { return(false); } var decodedPassword = SecurePasswordHasherHelper.Verify(input.Password, user.Password); return(decodedPassword); }
public IActionResult TrocarSenha([FromBody] ChangePasswordModel changepasswordModel) { var userEmail = User.Claims.FirstOrDefault(c => c.Type == ClaimTypes.Email).Value; var user = _dashboardDbContext.Usuarios.FirstOrDefault(u => u.Email == userEmail); if (user == null) { return(NotFound()); } if (!SecurePasswordHasherHelper.Verify(changepasswordModel.OldPassword, user.Senha)) { return(Unauthorized("Me desculpe você não pode alterar sua senha")); } user.Senha = SecurePasswordHasherHelper.Hash(changepasswordModel.NewPassword); _dashboardDbContext.SaveChanges(); return(Ok("Sua senha foi alterada com sucesso!")); }
public IActionResult ChangePassword([FromBody] ChangePasswordModel changePasswordModel) { var userEmail = User.Claims.FirstOrDefault(c => c.Type == ClaimTypes.Email).Value; var user = _cWheelsDbContext.Users.FirstOrDefault(u => u.Email == userEmail); if (user == null) { return(NotFound()); } if (!SecurePasswordHasherHelper.Verify(changePasswordModel.OldPassword, user.Password)) { return(Unauthorized("Sorry you can't change the password")); } user.Password = SecurePasswordHasherHelper.Hash(changePasswordModel.NewPassword); _cWheelsDbContext.SaveChanges(); return(Ok("Your password has been changed")); }
public async Task <IActionResult> Login(User objUser) { if (ModelState.IsValid) { var user = await _context.User.FirstOrDefaultAsync(m => m.username == objUser.username); if (user != null) { if (SecurePasswordHasherHelper.Verify(objUser.encrypted_password, user.encrypted_password)) { logged_user = user; } return(RedirectToAction("Dashboard", logged_user)); } } ViewBag.Message = string.Format("Incorrect username or password"); return(View("Login", objUser)); }
public IActionResult TrocarSenha([FromBody] TrocarSenha trocarSenha) { var usuarioEmail = User.Claims.FirstOrDefault(c => c.Type == ClaimTypes.Email).Value; var usuario = _svtaDbContext.Usuarios.FirstOrDefault(u => u.Email == usuarioEmail); if (usuario == null) { return(NotFound("Usuario não encontrado")); } if (!SecurePasswordHasherHelper.Verify(trocarSenha.SenhaAntiga, usuario.Senha)) { return(Unauthorized("Desculpe, mas você não pode trocar sua senha")); } usuario.Senha = SecurePasswordHasherHelper.Hash(trocarSenha.NovaSenha); _svtaDbContext.SaveChanges(); return(Ok("Sua senha foi alterada com sucesso")); }
public IActionResult Login([FromBody] User user) { // get the user from the db var userEmail = _dbContext.User.Where(u => u.Email == user.Email).SingleOrDefault(); // if user was not found, return notFound if (userEmail == null) { return(NotFound()); } // if plaintext password doesn't match hashed password, return unauthorized if (!SecurePasswordHasherHelper.Verify(user.Password, userEmail.Password)) { return(Unauthorized()); } // otherwise, generate JWT Token var claims = new[] { new Claim(JwtRegisteredClaimNames.Email, user.Email), new Claim(ClaimTypes.Email, user.Email), // add role metadata to claim so it can be used for authorization for each request new Claim(ClaimTypes.Role, userEmail.Role) }; var token = _auth.GenerateAccessToken(claims); // return token to the client return(new ObjectResult(new { access_token = token.AccessToken, expires_in = token.ExpiresIn, token_type = token.TokenType, creation_time = token.ValidFrom, expiration_time = token.ValidTo, user_id = userEmail.Id })); }
public async Task <IActionResult> Validate(Staff staff) { if (staff == null) { return(NotFound()); } Staff _staff = await UserManager.FindByEmailAsync(staff.Email).ConfigureAwait(false); if (_staff != null) { if (SecurePasswordHasherHelper.Verify(staff.Password, _staff.Password)) { try { await SignInManager.PasswordSignInAsync(_staff, _staff.Password, false, false).ConfigureAwait(false); return(Json(new { status = true, message = "Login Successful!", isAdmin = await UserManager.IsInRoleAsync(_staff, "Admin").ConfigureAwait(false) })); } catch (Exception e) { return(Json(new { status = false, message = "Error: " + e.Message })); throw; } } else { return(Json(new { status = false, message = "Invalid Password!" })); } } else { return(Json(new { status = false, message = "Invalid Email!\n" })); } }
public async Task <(bool, string, object)> Login(UserLoginDto userLoginDto) { try { var userExists = await _cinemaDbContext.User.Where(user => user.Email.Equals(userLoginDto.Email)).SingleOrDefaultAsync(); if (userExists == null) { return(false, "User Not Found !!", null); } if (!SecurePasswordHasherHelper.Verify(userLoginDto.Password, userExists.Password)) { return(false, "UnAuthenticated User !!", null); } var claims = new[] { new Claim(JwtRegisteredClaimNames.Email, userExists.Email), new Claim(ClaimTypes.Email, userExists.Email), new Claim(ClaimTypes.Role, userExists.Role) }; var token = _auth.GenerateAccessToken(claims); var result = new { access_token = token.AccessToken, expires_in = token.ExpiresIn, token_type = token.TokenType, creation_Time = token.ValidFrom, expiration_Time = token.ValidTo, user_id = userExists.Id }; return(true, string.Empty, result); } catch (Exception x) { return(false, x.InnerException?.Message ?? x.Message, null); } }
public async Task <bool> ChangePassword(ChangePasswordDto input) { var user = await _userRepository.GetByIdAsync(input.UserId); if (user == null) { throw new Exception("Kullanici bulunamadi"); } var decodedPassword = SecurePasswordHasherHelper.Verify(input.OldPassword, user.Password); if (!decodedPassword) { throw new Exception("Eski sifre yanlis"); } var hashedPassword = SecurePasswordHasherHelper.Hash(input.NewPassword); user.Password = hashedPassword; await _userRepository.UpdateAsync(user); return(true); }
public async Task <IActionResult> ChangePassword([FromBody] ChangePasswordResource changePasswordResource) { var userEmail = User.Claims.FirstOrDefault(c => c.Type == ClaimTypes.Email).Value; var user = unitOfWork.Accounts.FindUserByEmail(userEmail); if (user == null) { return(NotFound(new ApiResponse(404, "User not found"))); } var hashedPassword = user.Password; if (!SecurePasswordHasherHelper.Verify(changePasswordResource.OldPassword, hashedPassword)) { return(BadRequest(new ApiResponse(400, "Enter correct old password"))); } user.Password = SecurePasswordHasherHelper.Hash(changePasswordResource.NewPassword); await unitOfWork.CompleteAsync(); return(Ok(new ApiResponse(200, "Password changed successfully"))); }
public IActionResult ChangePassword([FromBody] ChangePassword changePassword) { var userEmail = User.Claims.FirstOrDefault(c => c.Type == ClaimTypes.Email).Value; var user = _dataContext.UserTbl.FirstOrDefault(u => u.Email == userEmail); if (user == null) { return(NotFound()); } //ita passe dena old password ekai user eke tina password eki same da kiyala balanawa. if (!SecurePasswordHasherHelper.Verify(changePassword.OldPassword, user.Password)) { return(Unauthorized("Sorry you can't change the password")); //login wenakota tinan ekama change karala ganna puluwan } //ita passe body eke tina new password eka user ge password eka witdihata add wenna one. user.Password = SecurePasswordHasherHelper.Hash(changePassword.NewPassword); _dataContext.SaveChanges(); return(Ok("your password has been changed!")); }
public IActionResult Login(User user) { var userEmail = _dbContext.Users.FirstOrDefault(u => u.Email == user.Email); //Verifica se existe o email no banco de dados if (userEmail == null) { return(StatusCode(StatusCodes.Status401Unauthorized)); } var hashedPassword = userEmail.Password; if (!SecurePasswordHasherHelper.Verify(user.Password, hashedPassword)) //Verifica se a senha informada é igual a senha do banco de dados protegida por hash { return(StatusCode(StatusCodes.Status401Unauthorized)); // retorna Status401Unauthorized quando a senha for diferente } //Cria uma objeto claim para transmitir as informações com segurança. var claims = new[] { new Claim(JwtRegisteredClaimNames.Sub, user.Email), new Claim(JwtRegisteredClaimNames.Jti, Guid.NewGuid().ToString()), new Claim(JwtRegisteredClaimNames.Email, user.Email), new Claim(ClaimTypes.Name, user.Email), new Claim(ClaimTypes.Role, userEmail.Role) }; //Retorna o objeto que contém o acesso token e todas as outras informações para o usuário. var token = _auth.GenerateAccessToken(claims); return(new ObjectResult(new { access_token = token.AccessToken, token_type = token.TokenType, user_Id = userEmail.Id, user_name = userEmail.Name, expires_in = token.ExpiresIn, creation_Time = token.ValidFrom, expiration_Time = token.ValidTo, roles_user = userEmail.Role, })); }
public IActionResult Login([Bind("UserId", "Email", "Password")]UserModel login) { if (login.Email == null || login.Password == null) return View(); string Email = login.Email; var user = _db.Users.FirstOrDefault(p => p.Email == Email); if (user == null) return View("Register"); string userPassword = user.Password; if(SecurePasswordHasherHelper.Verify(login.Password,userPassword)) { HttpContext.Session.SetInt32("ID", user.UserId); sessionState = true; role = user.Role; userId = user.UserId; return Redirect("../Home/"); } return View(); }
public async Task <TenantLoginDto> Login(TenantOrEducatorLoginDto input) { var user = await _tenantRepository.GetAll() .FirstOrDefaultAsync(x => x.Email == input.Email); if (user == null) { throw new Exception("There is no user!"); } var decodedPassword = SecurePasswordHasherHelper.Verify(input.Password, user.Password); if (!decodedPassword) { return(null); } var result = new TenantLoginDto { Id = user.Id, EntityType = EntityType.Tenant, TenantName = user.TenantName }; return(result); }
public IActionResult Login([FromBody] User user) { var userEmail = _dbContext.Users.FirstOrDefault(u => u.Email == user.Email); if (userEmail == null) { return(NotFound()); } //And to validate the password you need to add the following line of code. //first parameter is the password provided by user in plain text //second parameter is the hashed password retrieved from the db if (!SecurePasswordHasherHelper.Verify(user.Password, userEmail.Password)) { return(Unauthorized()); } //if login a user with admin role, will return admin token var claims = new[] { new Claim(JwtRegisteredClaimNames.Email, user.Email), new Claim(ClaimTypes.Email, user.Email), new Claim(ClaimTypes.Role, userEmail.Role),//get the role value from db }; //this line will generate access token var token = _auth.GenerateAccessToken(claims); return(new ObjectResult(new { access_token = token.AccessToken, expires_in = token.ExpiresIn,//you can remove the remaining if you only want to return token type token_type = token.TokenType, creation_Time = token.ValidFrom, expiration_Time = token.ValidTo, user_id = userEmail.Id })); }
public IActionResult Login([FromBody] User user) { var userEmail = _dataContext.UserTbl.FirstOrDefault(u => u.Email == user.Email); if (userEmail == null) { return(NotFound()); } //password eka check karana eka if (!SecurePasswordHasherHelper.Verify(user.Password, userEmail.Password)) { return(Unauthorized()); //methanadi not found newe unauthorized danna one mokada password wadradi kiyanne //unauthorized kenek thami log wenne hinda. } //jwt token eka thama danna one var claims = new[] { new Claim(JwtRegisteredClaimNames.Email, user.Email), new Claim(ClaimTypes.Email, user.Email), }; var token = _auth.GenerateAccessToken(claims); //json eke pennanna one tika pennanne meke me widihata return(new ObjectResult(new { access_token = token.AccessToken, expires_in = token.ExpiresIn, token_type = token.TokenType, creation_Time = token.ValidFrom, expiration_Time = token.ValidTo, user_id = userEmail.Id })); }
public static async Task <object> Run( [HttpTrigger(AuthorizationLevel.Anonymous, "put", Route = null)] HttpRequestMessage req, ILogger log) { log.LogInformation("C# HTTP trigger function processed a request."); string token = req.Headers.Authorization.ToString(); if (!AuthorizationHelper.Authorized(token, new string[] { Role.Employee, Role.Manager, Role.Owner })) { return(req.CreateResponse(HttpStatusCode.BadRequest, "Unauthorized!")); } //We retrieve the userName field, which comes as a parameter to the function, by deserializing req.Content. string jsonContent = await req.Content.ReadAsStringAsync(); dynamic data = JsonConvert.DeserializeObject(jsonContent); string email = data.email; string oldPass = data.oldPassword; string newPass = data.newPassword; newPass = SecurePasswordHasherHelper.Hash(newPass); try { //We get the Connection String in the Function App Settings section we defined. var str = Environment.GetEnvironmentVariable("sqldb_connection"); using (SqlConnection connection = new SqlConnection(str)) { connection.Open(); SqlTransaction sqlTran = connection.BeginTransaction(); SqlCommand command = connection.CreateCommand(); command.Transaction = sqlTran; try { command.CommandText = @"SELECT PasswordHash FROM Users WHERE email = @email"; command.Parameters.AddWithValue("@email", email); string verifyPass = ""; using (SqlDataReader oReader = command.ExecuteReader()) { while (oReader.Read()) { verifyPass = oReader["PasswordHash"].ToString(); } } if (!SecurePasswordHasherHelper.Verify(oldPass, verifyPass)) { return(req.CreateResponse(HttpStatusCode.NotAcceptable, "Incorrect Password!")); } command.CommandText = @"UPDATE Users " + "SET PasswordHash = @NewPassword " + "WHERE email = @email"; command.Parameters.AddWithValue("@email", email); command.Parameters.AddWithValue("@NewPassword", newPass); command.ExecuteNonQuery(); sqlTran.Commit(); connection.Close(); } catch (Exception ex) { Console.WriteLine(ex.Message); try { // Attempt to roll back the transaction. sqlTran.Rollback(); return(req.CreateResponse(HttpStatusCode.BadRequest, "Rollback!")); } catch (Exception exRollback) { // Throws an InvalidOperationException if the connection // is closed or the transaction has already been rolled // back on the server. Console.WriteLine(exRollback.Message); return(req.CreateResponse(HttpStatusCode.BadRequest, "Rollback exception!")); } } } return(req.CreateResponse(HttpStatusCode.OK, "Success")); } catch { return(req.CreateResponse(HttpStatusCode.BadRequest, "Something went wrong!")); } }
public static async Task <object> Run( [HttpTrigger(AuthorizationLevel.Anonymous, "post", Route = null)] HttpRequestMessage req, ILogger log) { log.LogInformation("C# HTTP trigger function processed a request."); User userInfo = new User(); //We retrieve the userName field, which comes as a parameter to the function, by deserializing req.Content. string jsonContent = await req.Content.ReadAsStringAsync(); dynamic data = JsonConvert.DeserializeObject(jsonContent); string email = data.email; string Password = data.Password; //If there is no username, we return the error message try { //We get the Connection String in the Function App Settings section we defined. var str = Environment.GetEnvironmentVariable("sqldb_connection"); string holdPass = null; using (SqlConnection connection = new SqlConnection(str)) { string text = @"SELECT U.*, B.roomId FROM Users U " + "INNER JOIN BranchTable B ON U.branchID = B.branchID " + "WHERE U.email = @email"; SqlCommand command = new SqlCommand(text, connection); command.Parameters.AddWithValue("@email", email); connection.Open(); using (SqlDataReader oReader = command.ExecuteReader()) { while (oReader.Read()) { userInfo.UserID = oReader["UserID"].ToString(); userInfo.roles = oReader["Role"].ToString(); userInfo.email = oReader["email"].ToString(); userInfo.Firstname = oReader["Firstname"].ToString(); userInfo.Lastname = oReader["Lastname"].ToString(); userInfo.Position = oReader["Position"].ToString(); userInfo.branchID = oReader["branchID"].ToString(); userInfo.CompanyID = oReader["CompanyID"].ToString(); userInfo.roomId = oReader["roomId"].ToString(); holdPass = oReader["PasswordHash"].ToString(); } connection.Close(); } } if (holdPass != null && SecurePasswordHasherHelper.Verify(Password, holdPass)) { log.LogInformation("MATCH"); var token = new JwtBuilder() .WithAlgorithm(new HMACSHA256Algorithm()) .WithSecret(Environment.GetEnvironmentVariable("Secret")) .AddClaim("exp", DateTimeOffset.UtcNow.AddDays(7).ToUnixTimeSeconds()) .AddClaim("UserID", userInfo.UserID) .AddClaim("email", userInfo.email) .AddClaim("Firstname", userInfo.Firstname) .AddClaim("Lastname", userInfo.Lastname) .AddClaim("Position", userInfo.Position) .AddClaim("branchID", userInfo.branchID) .AddClaim("CompanyID", userInfo.CompanyID) .AddClaim("roomId", userInfo.roomId) .AddClaim("roles", userInfo.roles) .Build(); userInfo.Token = token; return(req.CreateResponse(HttpStatusCode.OK, userInfo)); } else { log.LogInformation("NO MATCH"); return(req.CreateResponse(HttpStatusCode.NotAcceptable, "Invalid Credentials")); } } catch { return(req.CreateResponse(HttpStatusCode.BadRequest, "Something went wrong!")); } }