public IActionResult Authenticate([FromBody] Dto.User userDto) { var user = UserSvc.Authenticate(userDto.Username, userDto.Password); if (user == null) { return(Unauthorized()); } var tokenHandler = new JwtSecurityTokenHandler(); var key = Encoding.ASCII.GetBytes(WebServicesSettings.Secret); var tokenDescriptor = new SecurityTokenDescriptor { Subject = new ClaimsIdentity(new Claim[] { new Claim(ClaimTypes.Name, user.UserId.ToString()) }), Expires = DateTime.UtcNow.AddDays(7), SigningCredentials = new SigningCredentials(new SymmetricSecurityKey(key), SecurityAlgorithms.HmacSha256Signature) }; var token = tokenHandler.CreateToken(tokenDescriptor); var tokenString = tokenHandler.WriteToken(token); // return basic user info (without password) and token to store client side return(Ok(new { Id = user.UserId, Username = user.Username, Email = user.Email, Token = tokenString })); }
public IActionResult Update(int id, [FromBody] Dto.User userDto) { // map dto to entity and set id var user = _mapper.Map <DAL.User>(userDto); user.UserId = id; try { // save UserSvc.Update(user, userDto.Password); return(Ok()); } catch (AppException ex) { // return error message if there was an exception return(BadRequest(ex.Message)); } }