public IActionResult Login(LoginRequest request)
{
request.Password = CreateEncodedPassword(request.Login, _dbService.getSaltFromDB(request.Login));
if (!_dbService.IsLoginCorrect(request))
{
return(NotFound("No user found with this login and password"));
}
var stud = _dbService.GetStudent(request.Login);
var claims = new[]
{
new Claim(ClaimTypes.NameIdentifier, stud.Index),
new Claim(ClaimTypes.Name, stud.FirstName),
new Claim(ClaimTypes.Role, "employee") // test
};
var key = new SymmetricSecurityKey(Encoding.UTF8.GetBytes(Configuration["SecretKey"]));
var creds = new SigningCredentials(key, SecurityAlgorithms.HmacSha256);
var token = new JwtSecurityToken
(
issuer: "Gakko",
audience: "Students",
claims: claims,
expires: DateTime.Now.AddMinutes(10),
signingCredentials: creds
);
_dbService.AddTokenToDB(token.ToString(), request.Login);
return(Ok(new
{
token = new JwtSecurityTokenHandler().WriteToken(token),
refreshToken = Guid.NewGuid()
}));
}