1 files changed, 59 insertions, 5 deletions

diff --git a/API/Service/UserService.cs b/API/Service/UserService.cs
index 3c3b390..797a924 100644
--- a/API/Service/UserService.cs
+++ b/API/Service/UserService.cs
@@ -4,6 +4,13 @@ using AutoMapper;
 using Data.Models.Classes;
 using Data.Models.DTOs;
 using Microsoft.AspNetCore.Mvc;
+using Data.Models.Options;
+using System.IdentityModel.Tokens.Jwt;
+using Microsoft.IdentityModel.Tokens;
+using System.Security.Claims;
+using System;
+using System.Text;
+using Microsoft.Extensions.Configuration;
 
 namespace API.Service
 {
@@ -11,24 +18,71 @@ namespace API.Service
 	{
 		private readonly UserDbRepository _userDbRepository;
 		private readonly IMapper _userMapper;
+        private readonly JWTOptions _jwtOptions;
 
-		public UserService(DevHiveContext context, IMapper mapper)
+		public UserService(DevHiveContext context, IMapper mapper, JWTOptions jwtOptions)
 		{
 			this._userDbRepository = new UserDbRepository(context);
 			this._userMapper = mapper;
+			this._jwtOptions = jwtOptions;
 		}
-	
-		public async Task<IActionResult> CreateUser(UserDTO userDTO)
+
+		public async Task<IActionResult> LoginUser(LoginDTO loginDTO)
 		{
-			if (this._userDbRepository.DoesUsernameExist(userDTO.UserName))
+			User user = this._userDbRepository.FindByUsername(loginDTO.UserName);
+
+			if (user == null)
+				return new NotFoundObjectResult("User does not exist!");
+
+			// Get key from appsettings.json
+			var key = Encoding.ASCII.GetBytes(_jwtOptions.Secret);  
+
+			if (user.PasswordHash != GeneratePasswordHash(loginDTO.Password))
+				return new BadRequestObjectResult("Incorrect password!");
+
+			// Create Jwt Token configuration
+			var tokenHandler = new JwtSecurityTokenHandler();
+            var tokenDescriptor = new SecurityTokenDescriptor
+            {
+                Subject = new ClaimsIdentity(new Claim[]
+                {
+                    new Claim(ClaimTypes.Role, user.Role) // Authorize user by role
+                }),
+                Expires = DateTime.UtcNow.AddDays(7),
+                SigningCredentials = new SigningCredentials(new SymmetricSecurityKey(key), SecurityAlgorithms.HmacSha256Signature)
+            };
+
+			// Create Jwt Token
+            var token = tokenHandler.CreateToken(tokenDescriptor);
+            var tokenString = tokenHandler.WriteToken(token);
+
+			return new OkObjectResult(new 
+				{
+					Token = tokenString
+				});
+		}
+
+		public async Task<IActionResult> RegisterUser(RegisterDTO registerDTO)
+		{
+
+			if (this._userDbRepository.DoesUsernameExist(registerDTO.UserName))
 				return new BadRequestObjectResult("Username already exists!");
 
-			User user = this._userMapper.Map<User>(userDTO);
+			User user = this._userMapper.Map<User>(registerDTO);
+
+			user.Role = UserRoles.User;
+			user.PasswordHash = GeneratePasswordHash(registerDTO.Password);
+
 			await this._userDbRepository.AddAsync(user);
 
 			return new CreatedResult("CreateUser", user);
 		}
 
+		private string GeneratePasswordHash(string password)
+		{
+			return password; // TEMPORARY!
+		}
+
 		public async Task<IActionResult> GetUserById(int id) 
 		{
 			User user = await this._userDbRepository.FindByIdAsync(id);