public async Task <ActionResult <UserDto> > Register(RegisterDto registerDto)
{
if (await UserExists(registerDto.Username))
{
return(BadRequest("User name is already taken"));
}
// Using the hash algorithm for secure saving the pet username (identity) and password into database.
using var hmac = new HMACSHA512();
var petUser = new PetUserEntity
{
Name = registerDto.Username.ToLower(),
PasswordHash = hmac.ComputeHash(Encoding.UTF8.GetBytes(registerDto.Password)),
PasswordSault = hmac.Key,
};
dbContext.PetUsers.Add(petUser);
await dbContext.SaveChangesAsync();
return(new UserDto
{
Username = petUser.Name,
Token = tokenService.CreateToken(petUser),
});
}
/// <inheritdoc />
public string CreateToken(PetUserEntity user)
{
var claims = new List <Claim>
{
new Claim(JwtRegisteredClaimNames.NameId, user.Name),
};
var credentials = new SigningCredentials(key, SecurityAlgorithms.HmacSha512Signature);
var tokenDescriptor = new SecurityTokenDescriptor
{
Subject = new ClaimsIdentity(claims),
Expires = DateTime.UtcNow.AddDays(7),
SigningCredentials = credentials,
};
var tokenHandler = new JwtSecurityTokenHandler();
var token = tokenHandler.CreateToken(tokenDescriptor);
return(tokenHandler.WriteToken(token));
}
