Beispiel #1
0
        public async Task <IActionResult> Login(LoginRequest request)
        {
            if (!ModelState.IsValid)
            {
                foreach (var modelState in ViewData.ModelState.Values)
                {
                    foreach (ModelError error in modelState.Errors)
                    {
                        ViewBag.Message = error.ErrorMessage;
                        break;
                    }
                }

                return(View());
            }

            var user = await _userManager.FindByNameAsync(request.UserName);

            if (user != null)
            {
                var signInResult = await _signInManager.CheckPasswordSignInAsync(user, request.Password, false);

                if (signInResult.Succeeded)
                {
                    var claims = new List <Claim> {
                        new Claim(ClaimTypes.Name, user.UserName),
                        new Claim(ClaimTypes.NameIdentifier, user.Id)
                    };

                    var claimsIdentity = new ClaimsIdentity(claims, CookieAuthenticationDefaults.AuthenticationScheme);

                    await HttpContext.SignInAsync(CookieAuthenticationDefaults.AuthenticationScheme, new ClaimsPrincipal(claimsIdentity));

                    //await _signInManager.SignInAsync(user, false);
                    if (user.UserName != HackMeDbContextSeed.poorGuyUserName)
                    {
                        var flag = new FlagTrack
                        {
                            Source            = $"login:{user.UserName} and password = {request.Password}",
                            Flag              = Guid.NewGuid().ToString(),
                            CreatedByUserName = user.UserName,
                            CreatedDate       = DateTimeOffset.UtcNow
                        };
                        await _db.FlagTracks.AddAsync(flag);

                        await _db.SaveChangesAsync();

                        return(View("_LoginSuccessWithFlag", flag.Flag));
                    }
                    return(Redirect("/Profile"));
                }
            }


            ViewBag.Message = "User name or password does not match";
            return(View());
        }
Beispiel #2
0
        public async Task <IActionResult> AddToCard(AddToCardRequest request)
        {
            string flagId;

            using (var tx = _db.Database.BeginTransaction())
            {
                var userId         = GetUserId();
                var userName       = GetUserName();
                var productRequest = await _db.Products.Where(p => p.Id == request.ProductId).Select(p => new AddToCardRequest
                {
                    ProductId   = p.Id,
                    ProductName = p.Name,
                    Price       = p.Price
                }).FirstOrDefaultAsync();

                var userDebitAccount = await _db.DebitAccounts.FirstAsync(p => p.UserId == userId);

                if (productRequest == null)
                {
                    ViewBag.ErrorMessage = "Requested product doesn't exist.";
                }
                else
                {
                    ViewBag.ErrorMessage = productRequest.Validate(GetMyAccountBalance());
                }

                if (!string.IsNullOrEmpty(ViewBag.ErrorMessage))
                {
                    return(View(productRequest));
                }

                productRequest.Note = request.Note;

                userDebitAccount.Balance = userDebitAccount.Balance - productRequest.Price;
                await _db.Orders.AddAsync(new Order
                {
                    ProductId   = productRequest.ProductId,
                    Price       = productRequest.Price,
                    UserId      = userId,
                    CreatedDate = DateTimeOffset.UtcNow,
                    Note        = productRequest.Note
                });

                var flag = new FlagTrack
                {
                    Source            = $"order:{productRequest.ProductName} with price = {productRequest.Price}",
                    Flag              = Guid.NewGuid().ToString(),
                    CreatedByUserName = userName,
                    CreatedDate       = DateTimeOffset.UtcNow
                };

                flagId = flag.Flag;
                await _db.FlagTracks.AddAsync(flag);

                await _db.SaveChangesAsync();

                tx.Commit();
            }

            return(View("_OrderSuccessWithFlag", flagId));
        }