106 lines
3.4 KiB
C#
106 lines
3.4 KiB
C#
using System.IdentityModel.Tokens.Jwt;
|
|
using System.Security.Claims;
|
|
using System.Text;
|
|
using line_gestao_api.Data;
|
|
using line_gestao_api.Dtos;
|
|
using line_gestao_api.Models;
|
|
using Microsoft.AspNetCore.Identity;
|
|
using Microsoft.AspNetCore.Mvc;
|
|
using Microsoft.EntityFrameworkCore;
|
|
using Microsoft.IdentityModel.Tokens;
|
|
|
|
namespace line_gestao_api.Controllers;
|
|
|
|
[ApiController]
|
|
[Route("auth")]
|
|
public class AuthController : ControllerBase
|
|
{
|
|
private readonly AppDbContext _db;
|
|
private readonly IConfiguration _config;
|
|
|
|
public AuthController(AppDbContext db, IConfiguration config)
|
|
{
|
|
_db = db;
|
|
_config = config;
|
|
}
|
|
|
|
[HttpPost("register")]
|
|
public async Task<IActionResult> Register(RegisterRequest req)
|
|
{
|
|
// ✅ NOVO: valida confirmação de senha (não vai pro banco, só valida)
|
|
if (req.Password != req.ConfirmPassword)
|
|
return BadRequest("As senhas não conferem.");
|
|
|
|
var email = req.Email.Trim().ToLower();
|
|
|
|
var exists = await _db.Users.AnyAsync(u => u.Email.ToLower() == email);
|
|
if (exists) return BadRequest("E-mail já cadastrado.");
|
|
|
|
// ✅ NOVO: normaliza telefone (salva somente dígitos)
|
|
var phoneDigits = new string((req.Phone ?? string.Empty).Where(char.IsDigit).ToArray());
|
|
|
|
var user = new User
|
|
{
|
|
Name = req.Name.Trim(),
|
|
Email = email,
|
|
Phone = phoneDigits // ✅ NOVO
|
|
};
|
|
|
|
var hasher = new PasswordHasher<User>();
|
|
user.PasswordHash = hasher.HashPassword(user, req.Password);
|
|
|
|
_db.Users.Add(user);
|
|
await _db.SaveChangesAsync();
|
|
|
|
var token = GenerateJwt(user);
|
|
return Ok(new AuthResponse(token));
|
|
}
|
|
|
|
[HttpPost("login")]
|
|
public async Task<IActionResult> Login(LoginRequest req)
|
|
{
|
|
var email = req.Email.Trim().ToLower();
|
|
|
|
var user = await _db.Users.FirstOrDefaultAsync(u => u.Email.ToLower() == email);
|
|
if (user is null) return Unauthorized("Credenciais inválidas.");
|
|
|
|
var hasher = new PasswordHasher<User>();
|
|
var result = hasher.VerifyHashedPassword(user, user.PasswordHash, req.Password);
|
|
|
|
if (result == PasswordVerificationResult.Failed)
|
|
return Unauthorized("Credenciais inválidas.");
|
|
|
|
var token = GenerateJwt(user);
|
|
return Ok(new AuthResponse(token));
|
|
}
|
|
|
|
private string GenerateJwt(User user)
|
|
{
|
|
var key = _config["Jwt:Key"]!;
|
|
var issuer = _config["Jwt:Issuer"]!;
|
|
var audience = _config["Jwt:Audience"]!;
|
|
var expiresMinutes = int.Parse(_config["Jwt:ExpiresMinutes"]!);
|
|
|
|
var claims = new List<Claim>
|
|
{
|
|
new(JwtRegisteredClaimNames.Sub, user.Id.ToString()),
|
|
new(JwtRegisteredClaimNames.Email, user.Email),
|
|
new("name", user.Name),
|
|
new("phone", user.Phone ?? string.Empty) // ✅ NOVO (opcional, mas útil)
|
|
};
|
|
|
|
var signingKey = new SymmetricSecurityKey(Encoding.UTF8.GetBytes(key));
|
|
var creds = new SigningCredentials(signingKey, SecurityAlgorithms.HmacSha256);
|
|
|
|
var token = new JwtSecurityToken(
|
|
issuer: issuer,
|
|
audience: audience,
|
|
claims: claims,
|
|
expires: DateTime.UtcNow.AddMinutes(expiresMinutes),
|
|
signingCredentials: creds
|
|
);
|
|
|
|
return new JwtSecurityTokenHandler().WriteToken(token);
|
|
}
|
|
}
|