public async Task <IActionResult> Account()
{
if (!User.Identity.IsAuthenticated)
{
return(RedirectToAction("Login"));
}
APIHelper.InitializeClient();
Account user = await AccountOperations.Get(User.Identity.Name);
return(View(user));
}
public async Task <ActionResult> Login(LoginViewModel model, string returnUrl)
{
if (!ModelState.IsValid)
{
return(View(model));
}
//get use by username and only continue if it exists
APIHelper.InitializeClient();
Account user = await AccountOperations.Get(model.Username);
//check username
if (user == null)
{
ModelState.AddModelError("", "Username or password is incorrect.");
return(View(model));
}
//check password
var hasher = new PasswordHasher <Account>();
if (hasher.VerifyHashedPassword(user, user.Password, model.Password) == PasswordVerificationResult.Failed)
{
ModelState.AddModelError("", "Username or password is incorrect.");
return(View(model));
}
var claims = new List <Claim>
{
new Claim(ClaimTypes.Name, user.Name),
new Claim(ClaimTypes.UserData, user.Points.ToString())
};
if (user.IsAdmin)
{
claims.Add(new Claim(ClaimTypes.Role, "Admin"));
}
var claimsIdentity = new ClaimsIdentity(claims, CookieAuthenticationDefaults.AuthenticationScheme);
var authProperties = new AuthenticationProperties();
await HttpContext.SignInAsync(
CookieAuthenticationDefaults.AuthenticationScheme,
new ClaimsPrincipal(claimsIdentity),
authProperties);
return(RedirectToAction("Index", "Home"));
}