using AuthorizationService.Models; using AuthorizationService.Persistence.Repositories; using Microsoft.AspNetCore.Mvc; using Microsoft.EntityFrameworkCore; using Microsoft.IdentityModel.Tokens; using Microsoft.VisualStudio.Web.CodeGenerators.Mvc.Templates.BlazorIdentity.Pages; using System.Configuration; using System.IdentityModel.Tokens.Jwt; using System.Security.Claims; using System.Text; namespace AuthorizationService.Application.Users.Commands { public class LoginUser { private readonly IUserRepository _repository; private readonly IConfiguration _configuration; public LoginUser(IUserRepository repository, IConfiguration configuration) { _repository = repository; _configuration = configuration; } public async Task Handle(LoginDTO loginDTO) { User user = await _repository.QueryUserByEmailAsync(loginDTO.Email); if (user == null || !BCrypt.Net.BCrypt.Verify(loginDTO.Password, user.HashedPassword)) { return new UnauthorizedObjectResult(new { message = "Invalid email or password." }); } var token = GenerateJwtToken(user); return new OkObjectResult(token); } private string GenerateJwtToken(User user) { var claims = new[] { new Claim(JwtRegisteredClaimNames.Sub, user.Id), new Claim(JwtRegisteredClaimNames.Jti, Guid.NewGuid().ToString()), new Claim(ClaimTypes.Name, user.Username) }; var key = new SymmetricSecurityKey(Encoding.UTF8.GetBytes (_configuration["JwtSettings:Key"])); var creds = new SigningCredentials(key, SecurityAlgorithms.HmacSha256); var token = new JwtSecurityToken( _configuration["JwtSettings:Issuer"], _configuration["JwtSettings:Audience"], claims, expires: DateTime.Now.AddMinutes(30), signingCredentials: creds); return new JwtSecurityTokenHandler().WriteToken(token); } } }