public async Task <IActionResult> Register(DAL.User user)
        {
            using (var transaction = _context.Database.BeginTransaction())
            {
                var dalUser = new DAL.User()
                {
                    Email    = user.Email,
                    UserName = user.Email
                };
                var createResult = await _userManager.CreateAsync(dalUser, user.Password);

                var roleResult = await _userManager.AddToRoleAsync(dalUser, "user");

                if (createResult.Succeeded && roleResult.Succeeded)
                {
                    transaction.Commit();
                    var response = new ApiResponse <APIX.User>(new APIX.User()
                    {
                        Email = dalUser.Email
                    });

                    return(new OkObjectResult(response));
                }
                else
                {
                    return(new BadRequestResult());
                }
            }
        }
        public async Task <IActionResult> Login(DAL.User user)
        {
            var result = await ValidateLoginAsync(user);

            if (result.valid)
            {
                var dalUser  = _context.Users.FirstOrDefault(m => m.Email == user.Email);
                var response = new ApiResponse <APIX.User>(new APIX.User()
                {
                    Id    = dalUser.Id,
                    Email = user.Email,
                    Token = await GenerateJwtToken(dalUser)
                });
                return(new OkObjectResult(response));
            }
            return(new BadRequestObjectResult(result));
        }
        private async Task <ApiLoginResponse> ValidateLoginAsync(DAL.User user)
        {
            var dalUser = _context.Users.Where(m => m.Email == user.Email).FirstOrDefault();

            if (dalUser != null)
            {
                var validPassword = await this._userManager.CheckPasswordAsync(dalUser, user.Password);

                var isLockedOut = await this._userManager.IsLockedOutAsync(dalUser);

                var isConfirmed = dalUser.EmailConfirmed;
                if (!validPassword)
                {
                    return(new ApiLoginResponse(false, "Invalid password"));
                }
                else
                {
                    return(new ApiLoginResponse(true, null));
                }
            }
            return(new ApiLoginResponse(false, "User not found"));
        }
        public async Task <string> GenerateJwtToken(DAL.User user)
        {
            var claims = new ClaimsIdentity();
            var roles  = await _userManager.GetRolesAsync(user);

            var roleClaims = roles.Select(role => new Claim(ClaimTypes.Role, role));

            claims.AddClaims(roleClaims);
            claims.AddClaim(new Claim(ClaimTypes.NameIdentifier, user.Id.ToString()));
            claims.AddClaim(new Claim(ClaimTypes.Email, user.Email));

            var tokenHandler    = new JwtSecurityTokenHandler();
            var tokenDescriptor = new SecurityTokenDescriptor
            {
                Subject            = claims,
                Expires            = DateTime.UtcNow.Add(_jwtIssuerOptions.Value.ValidFor),
                SigningCredentials = _jwtIssuerOptions.Value.SigningCredentials
            };
            var securityToken = tokenHandler.CreateToken(tokenDescriptor);
            var token         = tokenHandler.WriteToken(securityToken);

            return(token);
        }
 public async Task <IActionResult> Register([FromBody] DAL.User user)
 {
     return(await _accountService.Register(user));
 }
 public async Task <IActionResult> Login([FromBody] DAL.User user)
 {
     return(await _accountService.Login(user));
 }