public async Task <IActionResult> Login([Required][FromHeader(Name = Constants.HeaderUserLogin)] string login,
[Required][FromHeader(Name = Constants.HeaderUserPassword)] string password)
{
var user = await _userRepository.Query()
.FirstOrDefaultAsync(e => e.Login == login);
var auth = _passwordHelper.VerifyHashedPassword(user, password);
if (!auth)
{
return(BadRequest("Неправильный логин/пароль"));
}
var tokenHandler = new JwtSecurityTokenHandler();
var key = AuthOptions.GetSymmetricSecurityKey();
var tokenDescriptor = new SecurityTokenDescriptor
{
Subject = new ClaimsIdentity(new Claim[]
{
new Claim(ClaimTypes.Name, user.Id.ToString())
}),
Expires = AuthOptions.Lifetime,
SigningCredentials = new SigningCredentials(key, SecurityAlgorithms.HmacSha256),
Issuer = AuthOptions.Issuer
};
var token = tokenHandler.CreateToken(tokenDescriptor);
var encodedJwt = tokenHandler.WriteToken(token);
return(Ok(encodedJwt));
}
