public async Task <IActionResult> OnPost(Business.Models.LoginModel model, string return_url = Constants.Routing.DASHBOARD) { SetPageInfo(); //this is auto handled by anti-forgery: return 400 bad request if (User.Identity.IsAuthenticated) { Message = "Already logged in"; MessageTitle = "Already logged in"; return(this.MessageView()); } var entity = await identityService.AuthenticateAsync(model.username, model.password); if (entity != null) { #region Custom Signin for extra claims store var principal = await identityService.GetApplicationPrincipalAsync(entity); var utcNow = DateTime.UtcNow; var cookieProps = new AuthenticationProperties() { IssuedUtc = utcNow, }; if (model.remember_me) { cookieProps.IsPersistent = true; cookieProps.ExpiresUtc = utcNow.AddHours(Settings.Instance.CookiePersistentHours); } await HttpContext.SignInAsync(principal.Identity.AuthenticationType, principal, cookieProps); #endregion _logger.CustomProperties(entity).Info("Login user"); #region Generate token var identity = await identityService.GetIdentityAsync(entity, JwtBearerDefaults.AuthenticationScheme); principal = new ClaimsPrincipal(identity); var props = new AuthenticationProperties() { IssuedUtc = utcNow, ExpiresUtc = utcNow.AddHours(WebAdmin.Settings.Instance.TokenValidHours) }; props.Parameters["refresh_expires"] = utcNow.AddHours( WebAdmin.Settings.Instance.RefreshTokenValidHours); var resp = identityService.GenerateTokenResponse(principal, props); #endregion return(LocalRedirect($"{Constants.Routing.INDEX}?access_token=" + $"{resp.access_token}" + $"&refresh_token={resp.refresh_token}" + $"&expires_utc={resp.expires_utc}" + $"&issued_utc={resp.issued_utc}" + $"&token_type={resp.token_type}&" + $"&return_url={return_url}")); } Message = "Invalid username or password"; return(Page()); }
public async Task <IActionResult> OnPost(Business.Models.LoginModel model, string return_url = Routing.DASHBOARD) { SetPageInfo(); //this is auto handled by anti-forgery: return 400 bad request if (User.Identity.IsAuthenticated) { Message = "Can only logged in once at a time"; MessageTitle = "Already logged in"; return(this.MessageView()); } FirebaseToken validResult = await identityService.ValidateFirebaseToken(model.firebase_token); if (validResult == null) { Message = "Invalid firebase token"; return(Page()); } UserRecord userRecord = await FirebaseAuth.DefaultInstance.GetUserAsync(validResult.Uid); bool checkEmailDomain = identityService.ValidateEmailDomain(userRecord.Email); if (!checkEmailDomain) { Message = "Invalid email domain"; return(Page()); } AppUser entity = await identityService.GetUserByEmailAsync(userRecord.Email); if (entity == null) { Message = "Access denied"; return(Page()); } if (!entity.LoggedIn) { using (var transaction = context.Database.BeginTransaction()) { Member memberEntity; entity = identityService.UpdateUser(entity, userRecord); var result = await identityService.UpdateUserAsync(entity); if (!result.Succeeded) { foreach (var err in result.Errors) { ModelState.AddModelError(err.Code, err.Description); } var builder = ResultHelper.MakeInvalidAccountRegistrationResults(ModelState); return(BadRequest(builder)); } memberEntity = memberService.Members.Id(entity.Id).FirstOrDefault(); memberEntity = memberService.UpdateMember(memberEntity, entity); //log event var ev = systemService.GetEventForNewUser( $"{memberEntity.Email} has logged into system for the first time", memberEntity.UserId); systemService.CreateAppEvent(ev); //end log event context.SaveChanges(); transaction.Commit(); } } #region Custom Signin for extra claims store var principal = await identityService.GetApplicationPrincipalAsync(entity); var validationData = identityService.ValidateLoginAdmin(principal, entity); if (!validationData.IsValid) { Message = string.Join("<br/>", validationData.Results.Select(o => o.Message)); return(Page()); } var utcNow = DateTime.UtcNow; var cookieProps = new AuthenticationProperties() { IssuedUtc = utcNow, }; if (model.remember_me) { cookieProps.IsPersistent = true; cookieProps.ExpiresUtc = utcNow.AddHours(Settings.Instance.CookiePersistentHours); } await HttpContext.SignInAsync(principal.Identity.AuthenticationType, principal, cookieProps); #endregion _logger.CustomProperties(entity).Info("Login user"); #region Generate token var identity = await identityService.GetIdentityAsync(entity, JwtBearerDefaults.AuthenticationScheme); principal = new ClaimsPrincipal(identity); var props = new AuthenticationProperties() { IssuedUtc = utcNow, ExpiresUtc = utcNow.AddHours(WebAdmin.Settings.Instance.TokenValidHours) }; props.Parameters["refresh_expires"] = utcNow.AddHours( WebAdmin.Settings.Instance.RefreshTokenValidHours); var resp = identityService.GenerateTokenResponse(principal, props, AppOAuthScope.ROLES); _logger.CustomProperties(entity).Info("Login user"); #endregion return(LocalRedirect($"{Routing.INDEX}?access_token=" + $"{resp.access_token}" + $"&refresh_token={resp.refresh_token}" + $"&expires_utc={resp.expires_utc}" + $"&issued_utc={resp.issued_utc}" + $"&token_type={resp.token_type}&" + $"&return_url={return_url}")); }