public async Task <User> Authenticate(string username, string password)
{
if (string.IsNullOrEmpty(username) || string.IsNullOrEmpty(password))
{
return(null);
}
var user = await _users.Find(x => x.Username == username)
.FirstOrDefaultAsync();
// return null if user not found
if (user == null)
{
return(null);
}
// check if password is correct
if (!SecurePasswordHash.Verify(password, user.Password))
{
return(null);
}
// authentication successful so generate jwt token
var tokenHandler = new JwtSecurityTokenHandler();
var key = Encoding.ASCII.GetBytes(_appSettings.Secret);
var tokenDescriptor = new SecurityTokenDescriptor
{
Subject = new ClaimsIdentity(new Claim[]
{
new Claim(ClaimTypes.Name, user.Id)
}),
Expires = DateTime.UtcNow.AddDays(7),
SigningCredentials = new SigningCredentials(
new SymmetricSecurityKey(key),
SecurityAlgorithms.HmacSha256)
};
var token = tokenHandler.CreateToken(tokenDescriptor);
user.Token = tokenHandler.WriteToken(token);
user.Password = null;
return(user);
}
public async Task <User> Create(User user, string password)
{
// validation
if (string.IsNullOrWhiteSpace(password))
{
throw new AppException("Password is required");
}
if (_users.Find(x => x.Username == user.Username).Any())
{
throw new AppException("Username \"" + user.Username + "\" is already taken");
}
string passwordHash = SecurePasswordHash.Hash(password);
user.Password = passwordHash;
await _users.InsertOneAsync(user);
return(user);
}
