public User Authenticate(string email, string password)
{
try {
string hashedPassword = PasswordEncryption.ComputeSha256Hash(password);
var user = _context.User.SingleOrDefault(u => u.Email == email && u.Password == hashedPassword);
if (user == null)
{
return(null);
}
var tokenHandler = new JwtSecurityTokenHandler();
var key = Encoding.ASCII.GetBytes(_appSettings.Secret);
var tokenDescriptor = new SecurityTokenDescriptor
{
Subject = new ClaimsIdentity(new Claim[]
{
new Claim("Id", user.Id.ToString())
}),
Expires = DateTime.UtcNow.AddDays(7),
SigningCredentials = new SigningCredentials(new SymmetricSecurityKey(key), SecurityAlgorithms.HmacSha256Signature)
};
var token = tokenHandler.CreateToken(tokenDescriptor);
user.Token = tokenHandler.WriteToken(token);
user.Password = null;
return(user);
} catch (Exception e)
{
throw new DatabaseException("Database Error");
}
}
public User CreateUser(User user)
{
user.Role = "user";
try
{
user.Password = PasswordEncryption.ComputeSha256Hash(user.Password);
_dbContext.Add(user);
_dbContext.SaveChanges();
}
catch (Exception e)
{
if (e is DbUpdateException || e is DbUpdateConcurrencyException)
{
throw new UserServiceException();
}
}
return(user);
}
