Added username and password hash to JWT

1 files changed, 8 insertions, 4 deletions

diff --git a/src/DevHive.Services/Services/UserService.cs b/src/DevHive.Services/Services/UserService.cs
index 7092d61..b60cc4c 100644
--- a/src/DevHive.Services/Services/UserService.cs
+++ b/src/DevHive.Services/Services/UserService.cs
@@ -40,7 +40,7 @@ namespace DevHive.Services.Services
 			if (user.PasswordHash != GeneratePasswordHash(loginModel.Password))
 				throw new ArgumentException("Incorrect password!");
 
-			return new TokenModel(WriteJWTSecurityToken(user.Roles));
+			return new TokenModel(WriteJWTSecurityToken(user.UserName, user.PasswordHash, user.Roles));
 		}
 
 		public async Task<TokenModel> RegisterUser(RegisterServiceModel registerModel)
@@ -64,7 +64,7 @@ namespace DevHive.Services.Services
 
 			await this._userRepository.AddAsync(user);
 
-			return new TokenModel(WriteJWTSecurityToken(user.Roles));
+			return new TokenModel(WriteJWTSecurityToken(user.UserName, user.PasswordHash, user.Roles));
 		}
 
 		public async Task<UserServiceModel> GetUserById(Guid id)
@@ -122,11 +122,15 @@ namespace DevHive.Services.Services
 			return string.Join(string.Empty, SHA512.HashData(Encoding.ASCII.GetBytes(password)));
 		}
 
-		private string WriteJWTSecurityToken(IList<Role> roles)
+		private string WriteJWTSecurityToken(string userName, string passwordHash, IList<Role> roles)
 		{
 			byte[] signingKey = Encoding.ASCII.GetBytes(_jwtOptions.Secret);
 
-			List<Claim> claims = new();
+			List<Claim> claims = new()
+			{
+				new Claim(ClaimTypes.Name, userName),
+				new Claim(ClaimTypes.Hash, passwordHash)
+			};
 
 			foreach(var role in roles)
 			{