public async Task <IActionResult> Login(LoginRequest request)
{
if (!ModelState.IsValid)
{
foreach (var modelState in ViewData.ModelState.Values)
{
foreach (ModelError error in modelState.Errors)
{
ViewBag.Message = error.ErrorMessage;
break;
}
}
return(View());
}
var user = await _userManager.FindByNameAsync(request.UserName);
if (user != null)
{
var signInResult = await _signInManager.CheckPasswordSignInAsync(user, request.Password, false);
if (signInResult.Succeeded)
{
var claims = new List <Claim> {
new Claim(ClaimTypes.Name, user.UserName),
new Claim(ClaimTypes.NameIdentifier, user.Id)
};
var claimsIdentity = new ClaimsIdentity(claims, CookieAuthenticationDefaults.AuthenticationScheme);
await HttpContext.SignInAsync(CookieAuthenticationDefaults.AuthenticationScheme, new ClaimsPrincipal(claimsIdentity));
//await _signInManager.SignInAsync(user, false);
if (user.UserName != HackMeDbContextSeed.poorGuyUserName)
{
var flag = new FlagTrack
{
Source = $"login:{user.UserName} and password = {request.Password}",
Flag = Guid.NewGuid().ToString(),
CreatedByUserName = user.UserName,
CreatedDate = DateTimeOffset.UtcNow
};
await _db.FlagTracks.AddAsync(flag);
await _db.SaveChangesAsync();
return(View("_LoginSuccessWithFlag", flag.Flag));
}
return(Redirect("/Profile"));
}
}
ViewBag.Message = "User name or password does not match";
return(View());
}
public async Task <IActionResult> AddToCard(AddToCardRequest request)
{
string flagId;
using (var tx = _db.Database.BeginTransaction())
{
var userId = GetUserId();
var userName = GetUserName();
var productRequest = await _db.Products.Where(p => p.Id == request.ProductId).Select(p => new AddToCardRequest
{
ProductId = p.Id,
ProductName = p.Name,
Price = p.Price
}).FirstOrDefaultAsync();
var userDebitAccount = await _db.DebitAccounts.FirstAsync(p => p.UserId == userId);
if (productRequest == null)
{
ViewBag.ErrorMessage = "Requested product doesn't exist.";
}
else
{
ViewBag.ErrorMessage = productRequest.Validate(GetMyAccountBalance());
}
if (!string.IsNullOrEmpty(ViewBag.ErrorMessage))
{
return(View(productRequest));
}
productRequest.Note = request.Note;
userDebitAccount.Balance = userDebitAccount.Balance - productRequest.Price;
await _db.Orders.AddAsync(new Order
{
ProductId = productRequest.ProductId,
Price = productRequest.Price,
UserId = userId,
CreatedDate = DateTimeOffset.UtcNow,
Note = productRequest.Note
});
var flag = new FlagTrack
{
Source = $"order:{productRequest.ProductName} with price = {productRequest.Price}",
Flag = Guid.NewGuid().ToString(),
CreatedByUserName = userName,
CreatedDate = DateTimeOffset.UtcNow
};
flagId = flag.Flag;
await _db.FlagTracks.AddAsync(flag);
await _db.SaveChangesAsync();
tx.Commit();
}
return(View("_OrderSuccessWithFlag", flagId));
}
