namespace Diligent.WebAPI.Business.Services { public class UserService : IUserService { private readonly AuthorizationSettings _authSettings; private readonly UserManager _userManager; private readonly IMapper _mapper; public UserService(IOptions authSettings, UserManager userManager, IMapper mapper) { _authSettings = authSettings.Value; _userManager = userManager; _mapper = mapper; } public async Task> GetAll() => await _userManager.Users.ToListAsync(); public async Task GetById(int id) => await _userManager.FindByIdAsync(id.ToString()); public async Task CreateUser(CreateUserRequestDto model) { var user = _mapper.Map(model); await _userManager.CreateAsync(user, model.Password); } public async Task Authenticate(AuthenticateRequestDto model) { var user = await _userManager.Users.Where(x => x.UserName == model.Username).FirstOrDefaultAsync(); // return null if user not found if (user == null) return null; // authentication successful so generate jwt token var token = GenerateJwtToken(user); return new AuthenticateResponseDto { Id = user.Id, Username = user.UserName, FirstName = user.FirstName, LastName = user.LastName, Token = token }; } private string GenerateJwtToken(User user) { // generate token that is valid for 7 days var tokenHandler = new JwtSecurityTokenHandler(); var key = Encoding.ASCII.GetBytes(_authSettings.Secret); var tokenDescriptor = new SecurityTokenDescriptor { Subject = new ClaimsIdentity(new[] { new Claim("id", user.Id.ToString()) }), Expires = DateTime.UtcNow.AddMinutes(2), SigningCredentials = new SigningCredentials(new SymmetricSecurityKey(key), SecurityAlgorithms.HmacSha256Signature) }; var token = tokenHandler.CreateToken(tokenDescriptor); return tokenHandler.WriteToken(token); } } }