public async Task<ActionResult> Login(LoginModel model)
{
if (!ModelState.IsValid)
{
return View();
}
var authProxy = new AuthenticationProxy(WebConfigurationManager.AppSettings["WebApiUrl"], "/api/oauth");
var token = await authProxy.Login(model.UserName, model.Password);
if (token == null)
{
ModelState.AddModelError("password", "Wachtwoord of gebruikersnaam is onjuist");
return View();
}
var tokenCookie = new HttpCookie("token", token.Value)
{
Expires = DateTime.Now.AddMinutes(token.ExpiresIn),
HttpOnly = false
};
var roleCookie = new HttpCookie("role", token.Role)
{
Expires = DateTime.Now.AddMinutes(token.ExpiresIn),
HttpOnly = true
};
Response.Cookies.Add(tokenCookie);
Response.Cookies.Add(roleCookie);
return RedirectToAction("Index", "Dashboard");
}
public async Task<ActionResult> EditPassword(PasswordViewModel viewModel)
{
if (!ModelState.IsValid)
{
return View();
}
var authProxy = new AuthenticationProxy(WebConfigurationManager.AppSettings["WebApiUrl"], "user");
await authProxy.UpdatePassword(viewModel.Id, viewModel.NewPassword, "bearer", Request.Cookies["token"].Value);
return RedirectToAction("Index");
}
private async Task EnsureReportAccess(Report report)
{
var loginProxy = new AuthenticationProxy(WebConfigurationManager.AppSettings["WebApiUrl"], "/api/oauth");
var token = await loginProxy.LoginAnonymous(report.AnonymousToken);
// TODO: add error handling
var authCookie = new HttpCookie("token", token.Value)
{
Expires = DateTime.Now.AddMinutes(token.ExpiresIn)
};
var cookie = new HttpCookie("report", report.Id.ToString());
Response.Cookies.Add(cookie);
Response.Cookies.Add(authCookie);
}