Beispiel #1
0
		public async Task<IActionResult> OnPostAsync(string returnUrl = null)
		{
			returnUrl = returnUrl ?? Url.Content("~/");

			if (!ModelState.IsValid)
			{
				return Page();
			}

			var passwordCheck = await _HIBPClient.GetHitsPlainAsync(Input.Password);
			if (passwordCheck > 0)
			{
				ModelState.AddModelError(nameof(Input.Password), "This password is known to hackers, and can lead to your account being compromised, please try another password. For more info goto https://haveibeenpwned.com/Passwords");
				return Page();
			}

			var user = new CoreWikiUser
			{
				UserName = Input.UserName,
				DisplayName = Input.DisplayName,
				Email = Input.Email,
				CanNotify = Input.CanNotify
			};

			var result = await _userManager.CreateAsync(user, Input.Password);
			if (result.Succeeded)
			{
				_logger.LogInformation("User created a new account with password.");

				var code = await _userManager.GenerateEmailConfirmationTokenAsync(user);
				await _notificationService.SendConfirmationEmail(Input.Email, user.Id, code);

				await _signInManager.SignInAsync(user, isPersistent: false);
				return LocalRedirect(returnUrl);
			}
			foreach (var error in result.Errors)
			{
				ModelState.AddModelError(string.Empty, error.Description);
			}

			// If we got this far, something failed, redisplay form
			return Page();
		}
        public async Task <IActionResult> OnPostAsync()
        {
            if (!ModelState.IsValid)
            {
                return(Page());
            }

            var user = await _userManager.GetUserAsync(User);

            if (user == null)
            {
                return(NotFound($"Unable to load user with ID '{_userManager.GetUserId(User)}'."));
            }

            var passwordCheck = await _HIBPClient.GetHitsPlainAsync(Input.NewPassword);

            if (passwordCheck > 0)
            {
                ModelState.AddModelError(nameof(Input.NewPassword), "This password is known to hackers, and can lead to your account being compromised, please try another password. For more info goto https://haveibeenpwned.com/passwords");
                return(Page());
            }

            var changePasswordResult = await _userManager.ChangePasswordAsync(user, Input.OldPassword, Input.NewPassword);

            if (!changePasswordResult.Succeeded)
            {
                foreach (var error in changePasswordResult.Errors)
                {
                    ModelState.AddModelError(string.Empty, error.Description);
                }
                return(Page());
            }

            await _signInManager.RefreshSignInAsync(user);

            _logger.LogInformation("User changed their password successfully.");
            StatusMessage = "Your password has been changed.";

            return(RedirectToPage());
        }
Beispiel #3
0
        public async Task <IActionResult> OnPostAsync()
        {
            if (!ModelState.IsValid)
            {
                return(Page());
            }

            var user = await _userManager.FindByEmailAsync(Input.Email);

            if (user == null)
            {
                // Don't reveal that the user does not exist
                return(RedirectToPage("./ResetPasswordConfirmation"));
            }

            var passwordCheck = await _HIBPClient.GetHitsPlainAsync(Input.Password);

            if (passwordCheck > 0)
            {
                ModelState.AddModelError(nameof(Input.Password), "This password is known to hackers, and can lead to your account being compromised, please try another password. For more info goto https://haveibeenpwned.com/Passwords");
                return(RedirectToPage("./ResetPasswordConfirmation"));
            }

            var result = await _userManager.ResetPasswordAsync(user, Input.Code, Input.Password);

            if (result.Succeeded)
            {
                return(RedirectToPage("./ResetPasswordConfirmation"));
            }

            foreach (var error in result.Errors)
            {
                ModelState.AddModelError(string.Empty, error.Description);
            }
            return(Page());
        }