public async Task <AuthenticatedUser> Handle(LoginData message, CancellationToken cancellationToken)
{
LoginDataValidator validator = new LoginDataValidator();
var results = validator.Validate(message);
// null or empty fields
if (results.IsValid == false)
{
throw new RestException(HttpStatusCode.BadRequest, results.Errors);
}
User user = await _context.Users.Where(u => u.EmailAddress == message.EmailAddress).SingleOrDefaultAsync();
// not found
if (user == null)
{
throw new RestException(HttpStatusCode.NotFound, "User with email address not found");
}
// wrong password
if (!user.Password.Equals(message.Password))
{
throw new RestException(HttpStatusCode.Forbidden, "Password or email does not match");
}
return(new AuthenticatedUser
{
Token = await _jwtTokenGenerator.CreateToken(user.EmailAddress),
Username = user.Username
});
}
public ActionResult <AccountData> Login(LoginData loginData)
{
ActionResult <AccountData> actionResult;
var validationResult = loginDataValidator.Validate(loginData);
if (validationResult.IsValid)
{
var email = loginData.Email;
var password = loginData.Password;
var account = loginService.FindAccount(email);
if (account != null)
{
var isVerified =
BCrypt.Net.BCrypt.Verify(password, account.Password);
if (isVerified)
{
actionResult = Ok(new AccountData()
{
Id = account.Id
});
}
else
{
actionResult = BadRequest(new ErrorData()
{
ErrorMessages = new string[] { ErrorMessages.WrongPassword }
});
}
}
else
{
actionResult = NotFound(new ErrorData()
{
ErrorMessages = new string[] { ErrorMessages.AccountNotFound }
});
}
}
else
{
actionResult = BadRequest(new ErrorData()
{
ErrorMessages = validationResult.Errors.ConvertToErrorMessages()
});
}
return(actionResult);
}