public async Task <ActionResult <TokenResponseViewModel> > Post([FromBody] LogonViewModel credentials)
{
if (!ModelState.IsValid)
{
return(BadRequest(AuthenticationErrorViewModel.Init(ModelState)));
}
// user name used at logon is "email"
var identity = await GetClaimsIdentity(credentials.UserName, credentials.Password);
if (identity == null)
{
return(BadRequest(AuthenticationErrorViewModel.Init(Errors.AddErrorToModelState("login_failure", "User not known.", ModelState))));
}
var user = new UserViewModel {
UserName = identity.Name,
Id = identity.Claims.Single(c => c.Type == "id").Value
};
// log user immediately in
var result = await _signin.CheckPasswordSignInAsync(user, credentials.Password, true);
if (!result.Succeeded)
{
return(BadRequest(AuthenticationErrorViewModel.Init(Errors.AddErrorToModelState("login_failure", "Invalid username or password.", ModelState))));
}
// Serialize and return the response
var response = new TokenResponseViewModel {
Id = identity.Claims.Single(c => c.Type == "id").Value,
AuthToken = await _jwtFactory.GenerateEncodedToken(credentials.UserName, identity),
ExpiresIn = (int)_jwtOptions.ValidFor.TotalSeconds
};
return(response);
}
public async Task <IActionResult> ConfirmEmail([FromQuery] string userId, [FromQuery] string confirmation)
{
if (!ModelState.IsValid)
{
return(BadRequest(ModelState));
}
var user = await _userManager.FindByIdAsync(userId);
var result = await _userManager.ConfirmEmailAsync(user, confirmation);
if (result == null || !result.Succeeded)
{
return(BadRequest(AuthenticationErrorViewModel.Init(Errors.AddErrorToModelState("Forbidden", "Not authorized", ModelState))));
}
// TODO: Direct View ?
return(Ok("Email confirmed"));
}
public async Task <IActionResult> ChangePassword([FromBody] ChangePasswordViewModel model)
{
if (!ModelState.IsValid)
{
return(BadRequest(ModelState));
}
// User.
var userIdentity = await _userManager.GetUserAsync(User);
if (userIdentity == null)
{
return(BadRequest("Not authorized"));
}
var result = await _userManager.ChangePasswordAsync(userIdentity, model.OldPassword, model.NewPassword);
if (result == null || !result.Succeeded)
{
return(BadRequest(AuthenticationErrorViewModel.Init(Errors.AddErrorsToModelState(result, ModelState))));
}
return(Ok("Password changed"));
}
public async Task <IActionResult> Post([FromBody] RegistrationViewModel model)
{
if (!ModelState.IsValid)
{
return(BadRequest(ModelState));
}
var userIdentity = _mapper.Map <UserViewModel>(model);
var result = await _userManager.CreateAsync(userIdentity, model.Password);
if (result == null || !result.Succeeded)
{
return(BadRequest(AuthenticationErrorViewModel.Init(Errors.AddErrorsToModelState(result, ModelState))));
}
// Save additional profile data
userIdentity = await _userManager.FindByEmailAsync(model.Email);
await _userManager.AddClaimAsync(userIdentity, new Claim(ClaimTypes.Surname, model.LastName));
await _userManager.AddClaimAsync(userIdentity, new Claim(ClaimTypes.GivenName, model.FirstName));
await _userManager.AddClaimAsync(userIdentity, new Claim(ClaimTypes.HomePhone, model.Phone));
return(Ok("Account created"));
}
