public IActionResult Login(ClientLoginRequest request) { if (_dbService.CheckLogin(request.Login, request.Password)) { var _token = _dbService.CreateFirstToken(request.Login); return(Ok(_token)); } else { return(Unauthorized(request.Login + ": login or password is incorrect")); }; }
public IActionResult Login(ClientLoginRequest request) { var claims = new[] { new Claim(ClaimTypes.NameIdentifier, request.Login), new Claim(ClaimTypes.Hash, request.Password), }; if (_dbService.CheckLogin(request.Login, request.Password)) { var key = new SymmetricSecurityKey(Encoding.UTF8.GetBytes(Configuration["SecretKey"])); var creds = new SigningCredentials(key, SecurityAlgorithms.HmacSha256); var token = new JwtSecurityToken ( issuer: "AdvertApi", audience: "Clients", claims: claims, expires: DateTime.Now.AddMinutes(10), signingCredentials: creds ); var refreshToken = Guid.NewGuid(); var accessToken = new JwtSecurityTokenHandler().WriteToken(token); _dbService.SaveRefreshToken(request.Login, refreshToken.ToString()); return(Ok(new { accessToken, refreshToken })); } else { return(Unauthorized(request.Login + ": login or password is incorrect")); }; }