namespace Diligent.WebAPI.Business.Services { public class UserService : IUserService { private readonly AuthorizationSettings _authSettings; private readonly DatabaseContext _context; public UserService(IOptions authSettings, DatabaseContext context) { _authSettings = authSettings.Value; _context = context; } public AuthenticateResponseDto? Authenticate(AuthenticateRequestDto model) { var user = _context.User.SingleOrDefault(x => x.Username == model.Username && x.Password == model.Password); // return null if user not found if (user == null) return null; // authentication successful so generate jwt token var token = GenerateJwtToken(user); return new AuthenticateResponseDto { Id = user.Id, Username = user.Username, FirstName = user.FirstName, LastName = user.LastName, Token = token }; } public async Task> GetAll() { return await _context.User.ToListAsync(); } public async Task GetById(int id) { return await _context.User.FirstOrDefaultAsync(x => x.Id == id); } private string GenerateJwtToken(User user) { // generate token that is valid for 7 days var tokenHandler = new JwtSecurityTokenHandler(); var key = Encoding.ASCII.GetBytes(_authSettings.Secret); var tokenDescriptor = new SecurityTokenDescriptor { Subject = new ClaimsIdentity(new[] { new Claim("id", user.Id.ToString()) }), Expires = DateTime.UtcNow.AddMinutes(2), SigningCredentials = new SigningCredentials(new SymmetricSecurityKey(key), SecurityAlgorithms.HmacSha256Signature) }; var token = tokenHandler.CreateToken(tokenDescriptor); return tokenHandler.WriteToken(token); } } }