public async Task <IActionResult> ChangeUserPassword(ChangeUserPasswordViewModel model)
{
if (!_uiOptions.AllowAdminsToChangeUserPasswords)
{
return(RedirectToAction("Index"));
}
if (model.UserId == Guid.Empty)
{
return(RedirectToAction("Index"));
}
var selectedSite = await _siteManager.GetSiteForDataOperations(model.SiteId);
// only server admin site can edit other sites users
if (selectedSite.Id != _siteManager.CurrentSite.Id)
{
ViewData["Title"] = string.Format(CultureInfo.CurrentUICulture, _sr["{0} - Change User Password"], selectedSite.SiteName);
}
else
{
ViewData["Title"] = _sr["Change User Password"];
}
var user = await _userManager.Fetch(selectedSite.Id, model.UserId);
if (user == null)
{
return(RedirectToAction("Index"));
}
if (!ModelState.IsValid)
{
return(View(model));
}
user.MustChangePwd = model.MustChangePwd;
var result = await _userManager.ChangeUserPassword(user as SiteUser, model.NewPassword, true);
if (result.Succeeded)
{
this.AlertSuccess(_sr["The user password has been changed."]);
return(RedirectToAction("Index"));
}
else
{
this.AlertDanger(_sr["oops something went wrong please try again"]);
}
AddErrors(result);
return(View(model));
}
//public bool IsValidPassowrd(string password)
//{
// return passwordValidator.
//}
public virtual async Task <UserLoginResult> TryLogin(LoginViewModel model)
{
var template = new LoginResultTemplate();
IUserContext userContext = null;
if (_userManager.Site.UseEmailForLogin)
{
template.User = await _userManager.FindByNameAsync(model.Email);
}
else
{
template.User = await _userManager.FindByNameAsync(model.UserName);
}
if (template.User != null)
{
await _loginRulesProcessor.ProcessAccountLoginRules(template);
}
if (template.User != null)
{
userContext = new UserContext(template.User);
}
if (userContext != null &&
template.SignInResult == SignInResult.Failed &&
template.RejectReasons.Count == 0)
{
var persistent = false;
if (_userManager.Site.AllowPersistentLogin)
{
persistent = model.RememberMe;
}
if (_userManager.Site.UseEmailForLogin)
{
template.SignInResult = await _signInManager.PasswordSignInAsync(
model.Email,
model.Password,
persistent,
lockoutOnFailure : false);
}
else
{
template.SignInResult = await _signInManager.PasswordSignInAsync(
model.UserName,
model.Password,
persistent,
lockoutOnFailure : false);
}
if (template.SignInResult.Succeeded)
{
//update last login time
template.User.LastLoginUtc = DateTime.UtcNow;
if (string.IsNullOrEmpty(template.User.SecurityStamp))
{
// if security stamp is empty then the securitystamp validation
// fails when it checks after 30 minutes
// users created via usermanager this gets populated but not
// populated for the admin user created by seeding data
// changes to the user such as password change also will populate it
// but we can go ahead and check here and populate it if it is empty
await _userManager.UpdateSecurityStampAsync(template.User);
if (template.User.PasswordHash == "admin||0")
{
// initial admin user has not updated the password, need to hash it
await _userManager.ChangeUserPassword(template.User, "admin", false);
await _signInManager.SignOutAsync();
// security stamp needs to be there before authentication to avoid the problem
if (_userManager.Site.UseEmailForLogin)
{
template.SignInResult = await _signInManager.PasswordSignInAsync(
model.Email,
model.Password,
persistent,
lockoutOnFailure : false);
}
else
{
template.SignInResult = await _signInManager.PasswordSignInAsync(
model.UserName,
model.Password,
persistent,
lockoutOnFailure : false);
}
}
}
//if (template.User.PasswordHash == "admin||0")
//{
// // initial admin user has not updated the password, need to hash it
// await _userManager.ChangeUserPassword(template.User, "admin", false);
// if (string.IsNullOrEmpty(template.User.SecurityStamp))
// {
// // if security stamp is empty then the securitystamp validation
// // fails when it checks after 30 minutes
// // users created via usermanager this gets populated but not
// // populated for the admin user created by seeding data
// // changes to the user such as password change also will populate it
// // but we can go ahead and check here and populate it if it is empty
// await _userManager.UpdateSecurityStampAsync(template.User);
// await _signInManager.SignOutAsync();
// // security stamp needs to be there before authentication to avoid the problem
// if (_userManager.Site.UseEmailForLogin)
// {
// template.SignInResult = await _signInManager.PasswordSignInAsync(
// model.Email,
// model.Password,
// persistent,
// lockoutOnFailure: false);
// }
// else
// {
// template.SignInResult = await _signInManager.PasswordSignInAsync(
// model.UserName,
// model.Password,
// persistent,
// lockoutOnFailure: false);
// }
// }
//}
//else
//{
// // the above also updates
// await _userManager.UpdateAsync(template.User);
//}
}
}
return(new UserLoginResult(
template.SignInResult,
template.RejectReasons,
userContext,
template.IsNewUserRegistration,
template.MustAcceptTerms,
template.NeedsAccountApproval,
template.NeedsEmailConfirmation,
template.EmailConfirmationToken,
template.NeedsPhoneConfirmation
));
}
