public async Task <ActionResult <AuthenticationResponse> > AuthenticateAsync(AuthenticationRequest request)
{
var user = await _users.GetByNameAsync(request.Username);
if (!_hash.Test(request.Password, user?.Secret))
{
return(Unauthorized($"Invalid login for user '{request.Username}'."));
}
// access token can live extremely long since we have an on-demand invalidation mechanism
var expiry = DateTime.UtcNow.AddMonths(1);
return(new AuthenticationResponse
{
AccessToken = await _tokens.GenerateTokenAsync(user, expiry),
User = EraseConfidential(user),
Expiry = expiry
});
}
