public async Task <ActionResult <UserLoginOutputDTO> > Authenticate([FromBody] UserLoginInputDTO userLoginInput) { if (!ModelState.IsValid) { return(StatusCode(400, Helper.FormatErrorResponse(ModelState))); } try { UserLoginOutputDTO user = await this.accountService.Authenticate(userLoginInput); if (user == null) { return(BadRequest(new { message = new List <string> { "Username or Password is incorrect" } })); } return(user); } catch (Exception ex) { return(BadRequest(new { message = new List <string> { ex.Message } })); } }
/// <summary> /// Handle User Authentication /// </summary> /// <param name="userLoginInput"></param> /// <returns></returns> public async Task <UserLoginOutputDTO> Authenticate(UserLoginInputDTO userLoginInput) { if (string.IsNullOrWhiteSpace(userLoginInput.EmailAddress) || string.IsNullOrWhiteSpace(userLoginInput.Password)) { return(null); } //Get user by given email id UserEntity foundUser = await this.accountRepository.FindUserByEmail(userLoginInput.EmailAddress); if (foundUser == null) { return(null); } bool isValid = this.authService.VerifyPasswordHash(userLoginInput.Password, foundUser.passwordHash, foundUser.passwordSalt); if (isValid == false) { return(null); } //Generate new token string token = this.authService.IssueNewToken(foundUser.Role); return(new UserLoginOutputDTO() { userId = foundUser.UserId, EmailAddress = foundUser.EmailAddress, FirstName = foundUser.FirstName, LastName = foundUser.LastName, EmailVerified = foundUser.EmailVerified, Expire = DateTime.UtcNow.AddDays(2), token = token, Role = foundUser.Role, PasswordChanged = foundUser.PasswordChanged, MaxUsers = foundUser.MaxUsers, AddedUsers = foundUser.AddedUsers }); }