MAJ avec l'authentifiation

PyroFetes/Endpoints/Login/UserLoginEndpoint.cs

@@ -0,0 +1,48 @@
+using FastEndpoints;
+using FastEndpoints.Security;
+using Microsoft.EntityFrameworkCore;
+using PyroFetes.DTO.Login.Request;
+using PyroFetes.DTO.Login.Response;
+
+namespace PyroFetes.Endpoints.Login;
+
+public class UserLoginEndpoint(PyroFetesDbContext database) : Endpoint<ConnectLoginDto, GetLoginConnectDto>
+{
+    public override void Configure()
+    {
+        Post("/login");
+        AllowAnonymous();
+    }
+
+    public override async Task HandleAsync(ConnectLoginDto req, CancellationToken ct)
+    {
+        Models.User? login = await database.Users.SingleOrDefaultAsync(x => x.Name == req.Name, ct);
+
+        if (login == null)
+        {
+            await Send.UnauthorizedAsync(ct);
+            return;
+        }
+        
+        if (BCrypt.Net.BCrypt.Verify(req.Password + login.Salt, login.Password))
+        {
+            string jwtToken = JwtBearer.CreateToken(
+                o =>
+                {
+                    o.SigningKey = "ThisIsASuperSecretJwtKeyThatIsAtLeast32CharsLong";
+                    o.ExpireAt = DateTime.UtcNow.AddMinutes(15);
+                    if (login.Fonction != null) o.User.Roles.Add(login.Fonction);
+                    o.User.Claims.Add(("Username", login.Name)!);
+                    o.User["UserId"] = "001";
+                });
+
+            GetLoginConnectDto responseDto = new()
+            {
+                Token = jwtToken
+            };
+            
+            await Send.OkAsync(responseDto, ct);
+        }
+        else await Send.UnauthorizedAsync(ct);
+    }
+}