public ActionResult <ResponseLogin> Login(RequestLogin requestLogin)
{
var responseLogin = new ResponseLogin();
using (var db = new NetCoreAuthJwtMySqlContext())
{
var existingUser = db.User.SingleOrDefault(x => x.Email == requestLogin.Email);
if (existingUser != null)
{
var isPasswordVerified = CryptoUtil.VerifyPassword(requestLogin.Password, existingUser.Salt, existingUser.Password);
if (isPasswordVerified)
{
var claimList = new List <Claim>();
claimList.Add(new Claim(ClaimTypes.Name, existingUser.Email));
claimList.Add(new Claim(ClaimTypes.Role, existingUser.Role));
var key = new SymmetricSecurityKey(Encoding.UTF8.GetBytes(_configuration["SecretKey"]));
var creds = new SigningCredentials(key, SecurityAlgorithms.HmacSha256);
var expireDate = DateTime.UtcNow.AddDays(1);
var timeStamp = DateUtil.ConvertToTimeStamp(expireDate);
var token = new JwtSecurityToken(
claims: claimList,
notBefore: DateTime.UtcNow,
expires: expireDate,
signingCredentials: creds);
responseLogin.Success = true;
responseLogin.Token = new JwtSecurityTokenHandler().WriteToken(token);
responseLogin.ExpireDate = timeStamp;
}
else
{
responseLogin.MessageList.Add("Password is wrong");
}
}
else
{
responseLogin.MessageList.Add("Email is wrong");
}
}
return(responseLogin);
}