namespace Diligent.WebAPI.Business.Services { public class UserService : IUserService { private readonly AuthorizationSettings _authSettings; public UserService(IOptions authSettings) { _authSettings = authSettings.Value; } // User list for testing private readonly List _users = new List { new User { Id = 1, FirstName = "Test", LastName = "User", Username = "test", Password = "test" } }; public AuthenticateResponseDto? Authenticate(AuthenticateRequestDto model) { var user = _users.SingleOrDefault(x => x.Username == model.Username && x.Password == model.Password); // return null if user not found if (user == null) return null; // authentication successful so generate jwt token var token = GenerateJwtToken(user); return new AuthenticateResponseDto { Id = user.Id, Username = user.Username, FirstName = user.FirstName, LastName = user.LastName, Token = token }; } public IEnumerable GetAll() { return _users; } public User? GetById(int id) { return _users.FirstOrDefault(x => x.Id == id); } private string GenerateJwtToken(User user) { // generate token that is valid for 7 days var tokenHandler = new JwtSecurityTokenHandler(); var key = Encoding.ASCII.GetBytes(_authSettings.Secret); var tokenDescriptor = new SecurityTokenDescriptor { Subject = new ClaimsIdentity(new[] { new Claim("id", user.Id.ToString()) }), Expires = DateTime.UtcNow.AddMinutes(2), SigningCredentials = new SigningCredentials(new SymmetricSecurityKey(key), SecurityAlgorithms.HmacSha256Signature) }; var token = tokenHandler.CreateToken(tokenDescriptor); return tokenHandler.WriteToken(token); } } }