//scenario 1 : get the access-token by username and password
private ResponseModel ResponseByPassword(AuthModel parameters)
{
var user = _apicontext.Users.FirstOrDefault(x => x.ClientId == parameters.ClientId &&
x.ClientSecret == parameters.ClientSecret &&
x.UserName == parameters.UserName &&
x.Password == parameters.Password);
if (user == null)
{
return(new ResponseModel
{
Code = "902",
Message = "invalid user information",
Data = null
});
}
var refreshToken = Guid.NewGuid().ToString().Replace("-", "");
var rToken = new RefreshTokenModel
{
ClientId = parameters.ClientId,
RefreshToken = refreshToken,
Id = Guid.NewGuid().ToString(),
IsStop = 0
};
//store the refreshToken
return(_apicontext.AddToken(rToken)
? new ResponseModel
{
Code = "999",
Message = "OK",
Data = GetJwt(user, refreshToken)
}
: new ResponseModel
{
Code = "909",
Message = "can not add token to database",
Data = null
});
}