public async Task <string> ValidateUserPassword(string user)
{
var userRabbitMq = Newtonsoft.Json.JsonConvert.DeserializeObject <UserDto>(user);
UserDto dbUser = await _userDal.Find(userRabbitMq.Uuid);
bool passwordCorrect = _securityLogic.VerifyPassword(userRabbitMq.Password, dbUser?.Password);
return(Newtonsoft.Json.JsonConvert.SerializeObject(passwordCorrect));
}
/// <summary>
/// Checks if the credentials are correct and returns an jwt and refresh token if password is correct
/// </summary>
/// <param name="login">The username and password</param>
/// <returns>An jwt and refresh token if password is correct, if not correct null is returned</returns>
public async Task <LoginResultViewmodel> Login(Login login)
{
UserDto dbUser = await _userDal.Find(login.Username);
if (dbUser == null)
{
throw new UnauthorizedAccessException();
}
bool userIsDisabled = _rpcClient.Call <bool>(dbUser.Uuid, RabbitMqQueues.DisabledExistsUserQueue);
if (userIsDisabled)
{
throw new DisabledUserException();
}
bool passwordCorrect = _securityLogic.VerifyPassword(login.Password, dbUser.Password);
if (!passwordCorrect)
{
throw new UnauthorizedAccessException();
}
if (login.LoginCode > 99999 && login.LoginCode < 1000000 && login.SelectedAccountRole != AccountRole.Undefined)
{
return(await LoginWithSelectedAccount(login, dbUser));
}
if (dbUser.AccountRole > AccountRole.User)
{
return(await HandleMultipleAccountRolesLogin(dbUser));
}
AuthorizationTokensViewmodel tokens = await _jwtLogic.CreateJwt(dbUser);
return(new LoginResultViewmodel
{
Jwt = tokens.Jwt,
RefreshToken = tokens.RefreshToken
});
}