public IActionResult Login([FromBody] LoginUserDTO loginUser)
{
if (loginUser == null)
{
return(BadRequest("Invalid client request"));
}
var emp = dbm.FindEmployeeByUsername(loginUser.Username);
var pass = hasher.HashPassword(loginUser.Password);
if (emp != null && emp.Password == pass)
{
//user authenticated
var handler = new JwtSecurityTokenHandler();
string role = emp.Role.Title;
ClaimsIdentity identity = new ClaimsIdentity(
new Claim[] {
new Claim(ClaimTypes.NameIdentifier, emp.Username),
new Claim(ClaimTypes.Role, role)
}
);
var jwtAuthentication = configuration.GetSection("JwtAuthentication");
var keyByteArray = System.Text.Encoding.UTF8.GetBytes(
jwtAuthentication.GetValue <string>("SecurityKey"));
var signinKey = new SymmetricSecurityKey(keyByteArray);
var securityToken = handler.CreateToken(new SecurityTokenDescriptor
{
Issuer = jwtAuthentication.GetValue <string>("ValidIssuer"),
Audience = jwtAuthentication.GetValue <string>("ValidAudience"),
SigningCredentials = new SigningCredentials(
signinKey,
SecurityAlgorithms.HmacSha256),
Subject = identity,
Expires = DateTime.Now.AddHours(1),
NotBefore = DateTime.Now
});
return(Ok(new { Token = handler.WriteToken(securityToken) }));
}
return(Unauthorized());
}