public ActionResult <AuthResultModel> Post([FromBody] AuthRequestModel model) { User user = _userRepository.GetUserByLogin(model.Login); if (user == null) { return(Unauthorized("User does not exist")); } if (_userRepository.Login(model.Login, model.Password)) { var result = new AuthResultModel() { Success = true }; var token = TokenSecurity.GenerateJwt(model.Login); result.Token = new JwtSecurityTokenHandler().WriteToken(token); result.Expiration = token.ValidTo; result.Name = $"{user.Firstname} {user.Lastname}"; result.Roles = user.Roles.Select(o => o.RoleId.ToString()).ToArray(); result.UserId = user.Id; return(Created("", result)); } return(Unauthorized("Wrong login or password")); }
public ActionResult <AuthResultModel> Post([FromBody] AuthRequestModel model) { // NEVER DO THIS, JUST SHOWING THE EXAMPLE if (model.Username == "*****@*****.**" && model.Password == "P@ssw0rd!") { var result = new AuthResultModel() { Success = true }; // Never do this either, hardcoded strings var token = TokenSecurity.GenerateJwt(model.Username); result.Token = new JwtSecurityTokenHandler().WriteToken(token); result.Expiration = token.ValidTo; return(Created("", result)); } return(BadRequest("Unknown failure")); }