public async Task <IHttpActionResult> Login([FromBody] LoginRequestDto model)
{
if (!ModelState.IsValid)
{
return(Response(AppMessage.InvalidModel));
}
var courier = await _authService.GetCourierByPhoneAsync(model.Username);
//
if (courier == null)
{
return(Response(AppMessage.InvalidLoginOrPassword));
}
//
if (string.IsNullOrEmpty(courier.PasswordHash) || string.IsNullOrEmpty(model.Password.Trim()))
{
throw new Exception("Courier password is empty");
}
//
var hasher = new PasswordHasher();
if (hasher.VerifyHashedPassword(courier.PasswordHash, model.Password.Trim()) != PasswordVerificationResult.Success)
{
return(Response(AppMessage.InvalidLoginOrPassword));
}
var newRefreshToken = GenerateTokenByRandomNumber();
var refreshTokenDto = new RefreshTokenDto
{
IsActive = true,
Token = newRefreshToken,
Expires = DateTime.Now.AddDays(1),
RemoteIp = GetRemoteIp()
};
await _refreshTokenService.SetAsync(refreshTokenDto, courier.Id);
var jwToken = await _jwTokenService.GetTokenAsync(courier.Id);
var newJWToken = await _authService.GenerateJWTokenAsync(courier.Id);
var memCacher = new CustomMemoryCacher();
if (jwToken != null)
{
if (memCacher.GetValue(jwToken) != null)
{
memCacher.Delete(jwToken);
}
}
memCacher.Add(newJWToken, courier.Id, DateTimeOffset.UtcNow.AddHours(12));
await _jwTokenService.SetAsync(courier.Id, newJWToken);
_logger.Information($"Courier {model.Username} logged in.");
var response = new LoginResponseDto()
{
AccessToken = newJWToken,
RefreshToken = newRefreshToken
};
return(Ok(response));
}
