private UserToken Authenticate(LoginModel login)
{
// get account from database to check if email exists
var user = context.Users.FirstOrDefault(x => x.Email == login.Email);
if (user == null || user.Active != true)
{
return(null);
}
// verify password
passwordHasher = new BCryptPasswordHasher <User>();
var result = passwordHasher.VerifyHashedPassword(user, login.Password, user.Password);
if (result == PasswordVerificationResult.Failed)
{
return(null);
}
// get user role from database
var userRole = context.UserRoles.Find(user.UserRoleId);
var userToken = new UserToken
{
UserId = user.Id,
Username = user.Username,
Email = user.Email,
ConnectId = user.ConnectId,
UserRole = userRole.Name
};
return(userToken);
}
private User InitUser(RegisterModel model, int userRoleId)
{
var passwordHasher = new BCryptPasswordHasher <User>();
return(new User
{
Username = model.Username,
Email = model.Email,
UserRoleId = userRoleId,
Password = passwordHasher.HashPassword(null, model.Password)
});
}
public async Task <IActionResult> UpdatePassword([FromBody] PasswordModel model, [FromServices] UserService userService)
{
var user = await userService.GetUserPrincipal(User);
var passwordHasher = new BCryptPasswordHasher <User>();
var compare = passwordHasher.VerifyHashedPassword(null, model.CurrentPassword, user.Password);
if (compare != PasswordVerificationResult.Success)
{
return(Unauthorized());
}
var hashedPassword = passwordHasher.HashPassword(null, model.UpdatePassword);
user = await userService.Update(user.Id, hashedPassword);
if (user != null)
{
return(Ok(model));
}
return(BadRequest(HttpStatus.SERVER_ERROR));
}