/// <summary>
/// Says if the user object represents the current user, returning the user's real name if not.
/// </summary>
/// <param name="user">The user with a name and ID.</param>
/// <param name="self">
/// The claims principal representing the current user, usually sourced from a sessiom.
/// </param>
/// <returns>Yourself, nobody, or the user's real name.</returns>
public static string GetReferentialName(this BL.User user, ClaimsPrincipal self)
{
// i don't want to put very claims/web focused code in the User class
if (user == null)
{
return("nobody");
}
return(UserIdMatches(self, user.Id) ? "yourself" : user.Name);
}
void SetViewDataForGet(BL.User targetUser)
{
if (targetUser == null)
{
ModelState.AddModelError("", "There is no user with that ID.");
}
TargetUserId = targetUser?.Id ?? -1;
ViewData["ChangePassword_TargetUser"] = targetUser;
ViewData["ChangePassword_IsSelf"] = User.UserIdMatches(TargetUserId);
ViewData["ChangePassword_TargetDescription"] = targetUser.GetReferentialName(User);
}
public async Task <IActionResult> OnPostAsync()
{
if (!ModelState.IsValid)
{
// the Required parts on the model will automatically print for us
return(Page()); // no point in logging in then
}
BL.User user = null;
try
{
user = BL.User.GetUser(loginData.Username);
}
catch (Exception e)
{
ModelState.AddModelError("",
"There was an exception from the system getting the user info;" +
"report this to an administrator: " + e.Message);
return(Page());
}
if (user == null)
{
ModelState.AddModelError("", "There is no user with that username.");
return(Page());
}
if (!user.ValidatePassword(loginData.Password))
{
ModelState.AddModelError("", "The password doesn't match.");
return(Page());
}
var identity = new ClaimsIdentity(CookieAuthenticationDefaults.AuthenticationScheme, ClaimTypes.Name, ClaimTypes.Role);
identity.AddClaim(new Claim(ClaimTypes.NameIdentifier, user.Id.ToString(), ClaimValueTypes.Integer));
identity.AddClaim(new Claim(ClaimTypes.Name, user.Username));
if (!string.IsNullOrWhiteSpace(user.Name))
{
identity.AddClaim(new Claim(ClaimTypes.GivenName, user.Name));
}
var roles = user.GetRoles();
if (roles != null && roles.Count() > 0)
{
identity.AddClaims(roles.Select(x => new Claim(ClaimTypes.Role, x.Name)));
}
var principal = new ClaimsPrincipal(identity);
await HttpContext.SignInAsync(CookieAuthenticationDefaults.AuthenticationScheme, principal, new AuthenticationProperties { IsPersistent = loginData.RememberMe });
return(RedirectToPage("Index"));
}
public IActionResult OnPost()
{
bool error = false;
if (!ModelState.IsValid)
{
ModelState.AddModelError("", "One of the values is blank.");
error = true;
}
if (BL.User.GetUser(Username) != null)
{
ModelState.AddModelError("", "A user with that username exists already.");
error = true;
}
if (NewPassword != NewPasswordRepeat)
{
ModelState.AddModelError("", "The new passwords don't match.");
error = true;
}
if (error)
{
return(Page());
}
BL.User newUser = null;
try
{
newUser = BL.User.CreateUser(RealName, Username, NewPassword);
if (newUser == null)
{
ModelState.AddModelError("", "The user couldn't be created.");
error = true;
}
}
catch (Exception e)
{
ModelState.AddModelError("",
"There was an exception from the system creating the user;" +
"report this to an administrator: " + e.Message);
error = true;
}
if (error)
{
return(Page());
}
// safe to use ID
return(RedirectToPage("/ViewRoles", "WithId", new { id = newUser.Id }));
}
public IActionResult OnPost()
{
// we still perform a bunch of verification in case someone tries to bamboozle us
if (!AllowedToChangeProfile())
{
ModelState.AddModelError("", "You aren't allowed to change the profile of someone else.");
SetViewDataForGet();
return(Page());
}
BL.User user = BL.User.GetUser(TargetUserId);
if (user == null)
{
ModelState.AddModelError("", "The user isn't valid.");
SetViewDataForGet();
return(Page());
}
if (!ModelState.IsValid)
{
ModelState.AddModelError("", "One of the values is blank.");
SetViewDataForGet();
return(Page());
}
if (user.Username != Username && BL.User.GetUser(Username) != null)
{
ModelState.AddModelError("", "A user with that username exists already.");
SetViewDataForGet();
return(Page());
}
try
{
if (user.ChangeProfile(RealName, Username) != null)
{
ModelState.AddModelError("", "The profile couldn't be changed.");
}
}
catch (Exception e)
{
ModelState.AddModelError("",
"There was an exception from the system changing the profile;" +
"report this to an administrator: " + e.Message);
}
// success should be a redirect tbh (if self, back to index, otherwise, let them change more passwords)
// XXX: Sign out?
return(RedirectToPage(User.UserIdMatches(TargetUserId) ? "/Index" : "/ViewUsers"));
}
public void SetViewData(BL.User user)
{
ViewData["ViewRoles_TargetUser"] = user;
// the param here is the current session user principal, being invoked on the queried user object
ViewData["ViewRoles_TargetDescription"] = user.GetReferentialName(User);
}
// XXX: turn into a route with args?
public IActionResult OnPost()
{
// we still perform a bunch of verification in case someone tries to bamboozle us
if (!AllowedToChangePassword())
{
ModelState.AddModelError("", "You aren't allowed to change the password of someone else.");
return(Page());
}
bool error = false;
BL.User user = BL.User.GetUser(TargetUserId);
if (user == null)
{
ModelState.AddModelError("", "The user isn't valid.");
return(Page());
}
if (!ModelState.IsValid)
{
ModelState.AddModelError("", "One of the values is blank.");
error = true;
}
if (User.UserIdMatches(TargetUserId) && !user.ValidatePassword(OldPassword))
{
ModelState.AddModelError("", "The current password isn't valid.");
error = true;
}
if (User.UserIdMatches(TargetUserId) && OldPassword == NewPassword)
{
ModelState.AddModelError("", "The old and new password are the same.");
error = true;
}
if (NewPassword != NewPasswordRepeat)
{
ModelState.AddModelError("", "The new passwords don't match.");
error = true;
}
// TODO: This would be a good place to put password validation rules if we had any.
// any errors that are pointless do any work with, stop here
if (error)
{
return(Page());
}
try
{
if (user.ChangePassword(NewPassword) != null)
{
ModelState.AddModelError("", "The password couldn't be changed.");
}
}
catch (Exception e)
{
ModelState.AddModelError("",
"There was an exception from the system changing the password;" +
"report this to an administrator: " + e.Message);
}
// success should be a redirect tbh (if self, back to index, otherwise, let them change more passwords)
// XXX: Sign out?
return(RedirectToPage(User.UserIdMatches(TargetUserId) ? "/Index" : "/ViewUsers"));
}
