public IActionResult RestoreLogin(LoginCredential login)
{
IActionResult response = Unauthorized();
bool isTokenValid = ValidateCurrentToken(login.Token);
User user = _userRepository.getUserById(login.UserId);
if (isTokenValid)
{
response = Ok(new { token = login.Token, user });
}
return(response);
}
public IActionResult Register(User user)
{
byte[] salt = new byte[128 / 8];
using (var rng = RandomNumberGenerator.Create())
{
rng.GetBytes(salt);
}
user.Salt = salt;
user.Password = LoginCredential.GetHashedPassword(user.Password, salt);
var resposne = _userRepository.Create(user);
return(Ok(resposne));
}
public IActionResult Login(LoginCredential credentials)
{
LoginCredential login = new LoginCredential();
login.EmailOrUsername = credentials.EmailOrUsername;
login.Password = credentials.Password;
IActionResult response = Unauthorized();
var user = AuthenticateUser(login);
if (user != null)
{
var tokenStr = GenerateJSONWebToken(user);
response = Ok(new { token = tokenStr, user });
}
return(CreatedAtAction(nameof(Login), response));
}
private User AuthenticateUser(LoginCredential login)
{
User user = null;
user = _userRepository.getUserByEmail(login.EmailOrUsername);
if (user == null)
{
user = _userRepository.getUserByUsername(login.EmailOrUsername);
}
if (user != null && user.Password == LoginCredential.GetHashedPassword(login.Password, user.Salt))
{
return(user);
}
else
{
return(null);
}
}