public IActionResult RequestToken(string userName, string password)
{
var userId = _profileRepository.GetUserIdByUserName(userName);
if (userId == null || userId == Guid.Empty)
{
return(NotFound());
}
//hash pasword
var salt = _profileRepository.GetSaltByUserName(userName);
var passwordHash = _authorizationManager.GeneratePasswordHash(password, salt);
if (!_validateRepository.ValidateLogin(userName, passwordHash))
{
return(BadRequest("Could not verify username and password"));
}
var refreshToken = Convert.ToBase64String(Guid.NewGuid().ToByteArray());
_validateRepository.SaveRefreshToken(userName, refreshToken);
if (!_validateRepository.Save())
{
return(StatusCode(500, "There was a problem while handling your request."));
}
var token = _authorizationManager.GenerateToken(_key, userName, userId);
return(Ok(new
{
token = new JwtSecurityTokenHandler().WriteToken(token),
refreshToken
}));
}