public UserDTO GetUserByEmailAndPass(string email, string password)
{
var pass = PasswordHashService.Hash(password);
var res = PasswordHashService.Check(pass, password);
var user = _database.Users.GetUserByEmail(email);
return(_mapper.Map <User, UserDTO>(user));
}
private string GetAccessToken(int tokenId, string username, string password, out int userId)
{
var user = _database.Users.GetUserByEmail(username);
userId = user.Id;
//var userHashPass = PasswordHashService.Hash(password);
if (!PasswordHashService.Check(user.Password, password).Verified)
{
throw new SecurityException("Invalid email or password");
}
var identity = GetIdentity(user.Name, user.Email, user.Role, tokenId, userId);
return(identity == null ?
"Invalid username or password." :
GenerateToken(identity));
}
