public IActionResult Authenticate(SystemUsersModel userDto)
{
var user = _userService.Authenticate(userDto.Username, userDto.Password);
if (user == null)
{
return(BadRequest(new { message = "Username or password is incorrect" }));
}
var tokenHandler = new JwtSecurityTokenHandler();
var key = Encoding.ASCII.GetBytes(_appSettings.Secret);
var tokenDescriptor = new SecurityTokenDescriptor
{
Subject = new ClaimsIdentity(new Claim[]
{
new Claim(ClaimTypes.Name, user.Id.ToString())
}),
Expires = DateTime.UtcNow.AddDays(7),
SigningCredentials = new SigningCredentials(new SymmetricSecurityKey(key), SecurityAlgorithms.HmacSha256Signature)
};
var token = tokenHandler.CreateToken(tokenDescriptor);
var tokenString = tokenHandler.WriteToken(token);
// return basic user info (without password) and token to store client side
SystemUsersModel SystemUsersModel = new SystemUsersModel();
SystemUsersModel.Username = user.Username;
SystemUsersModel.Token = tokenString;
SystemUsersModel.Id = user.Id;
return(Ok(SystemUsersModel));
}
public IActionResult Register([FromBody] SystemUsersModel systemUsersModel)
{
// map dto to entity
var user = _mapper.Map <SystemUsers>(systemUsersModel);
try
{
// save
_userService.Create(user, systemUsersModel.Password);
return(Ok());
}
catch (AppException ex)
{
// return error message if there was an exception
return(BadRequest(new { message = ex.Message }));
}
}
