public IActionResult Login(LoginReguestDTO login) { if (!_service.CheckValidation(login).Read()) { return(new BadRequestResult()); } var claims = new[] { new Claim(ClaimTypes.NameIdentifier, login.Login), new Claim(ClaimTypes.Name, "Admin") }; var key = new SymmetricSecurityKey(Encoding.UTF8.GetBytes(Configuration["SecretKey"])); var creds = new SigningCredentials(key, SecurityAlgorithms.HmacSha256); var token = new JwtSecurityToken( issuer: "Domds", audience: "Students", claims: claims, expires: DateTime.Now.AddMinutes(10), signingCredentials: creds ); return(new OkObjectResult(new { token = new JwtSecurityTokenHandler().WriteToken(token), refreshToken = Guid.NewGuid() })); }
public SqlDataReader CheckValidation(LoginReguestDTO login) { using (var connection = new SqlConnection()) using (var command = new SqlCommand()) { connection.ConnectionString = databaseURL; command.Connection = connection; connection.Open(); command.CommandText = "SELECT 1 FROM Student WHERE Student.IndexNumber = @index AND Student.Password = @password"; command.Parameters.AddWithValue("index", login.Login); command.Parameters.AddWithValue("password", login.Password); return(command.ExecuteReader()); } }