server/src/Endpoints/Internal/Account/LoginRoute.cs


1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37

namespace IOL.GreatOffice.Api.Endpoints.Internal.Account;

public class LoginRoute : RouteBaseAsync
		.WithRequest<LoginPayload>
		.WithActionResult
{
	private readonly AppDbContext _context;
	private readonly UserService _userService;

	/// <inheritdoc />
	public LoginRoute(AppDbContext context, UserService userService) {
		_context = context;
		_userService = userService;
	}

	/// <summary>
	/// Login a user.
	/// </summary>
	/// <param name="request"></param>
	/// <param name="cancellationToken"></param>
	/// <returns></returns>
	[AllowAnonymous]
	[HttpPost("~/_/account/login")]
	public override async Task<ActionResult> HandleAsync(LoginPayload request, CancellationToken cancellationToken = default) {
		if (!ModelState.IsValid) {
			return BadRequest(ModelState);
		}

		var user = _context.Users.SingleOrDefault(u => u.Username == request.Username);
		if (user == default || !user.VerifyPassword(request.Password)) {
			return BadRequest(new ErrorResult("Invalid username or password"));
		}

		await _userService.LogInUser(HttpContext, user, request.Persist);
		return Ok();
	}
}