public async Task <IActionResult> Login(Login loginData)
{
if (!ModelState.IsValid || string.IsNullOrEmpty(loginData.Email) || string.IsNullOrEmpty(loginData.Password))
{
return(BadRequest(new { text = "Invalid data" }));
}
var match = _context.Logins.SingleOrDefault(l => l.Email.Equals(loginData.Email));
if (match == null)
{
return(BadRequest(new { text = "Wrong email or password" }));
}
if (match.Password == "xxxIsGoogleGringoXxx")
{
return(BadRequest(new { text = "Please use Google to login" }));
}
if (!Security.CheckPassword(match.Password, loginData.Password))
{
return(BadRequest(new { text = "Wrong email or password" }));
}
var user = _context.Users.SingleOrDefault(u => u.Login.Email.Equals(match.Email));
//IsOnline will be set on socket connection
if (user != null)
{
if (!user.EmailVerified)
{
return(BadRequest(new { text = "Please verify your email!" }));
}
var notificationSetting = _context.NotificationSettings.Find(user.NotificationSettingsId);
var userData = new UserDTO
{
UserId = user.UserId,
UserName = user.UserName,
IsOnline = user.IsOnline,
ImageUrl = user.ImageUrl,
NotificationSettings = notificationSetting
};
var userToken = await TokenValidation.CreateJwtAsync(userData);
return(Ok(new { userToken }));
}
return(BadRequest(new { text = "Wrong email or password" }));
}
public async Task <IActionResult> HandleGoogleLogin(TokenDto tokenDto)
{
if (!ModelState.IsValid || string.IsNullOrEmpty(tokenDto.Token))
{
return(BadRequest(new { text = "Invalid data." }));
}
var token = tokenDto.Token;
Dictionary <string, string> validatedTokenClaims;
try
{
validatedTokenClaims = TokenValidation.ValidateToken(token);
}
catch (ArgumentException)
{
return(BadRequest(new { text = "Validation failed" }));
}
var email = validatedTokenClaims["http://schemas.xmlsoap.org/ws/2005/05/identity/claims/emailaddress"];
var name = validatedTokenClaims["name"];
var picture = validatedTokenClaims["imageUrl"];
//user exists -> login
if (_context.Users.Any(u => u.Login.Email.Equals(email)))
{
var user = _context.Users.Single(u => u.Login.Email.Equals(email));
//we dont put our users as verified in the DB
//This can still get broken if normal email is registered, but not verified yet
if (user.EmailVerified)
{
return(BadRequest(new { text = "Email already taken." }));
}
var notificationSetting = _context.NotificationSettings.Find(user.NotificationSettingsId);
var userData = new UserDTO
{
UserId = user.UserId,
UserName = user.UserName,
IsOnline = user.IsOnline,
ImageUrl = user.ImageUrl,
NotificationSettings = notificationSetting
};
var userToken = await TokenValidation.CreateJwtAsync(userData);
return(Ok(new { userToken }));
}
else
{
var loginData = new Login()
{
Email = email, Password = "******"
};
var notificationSetting = new NotificationSettings();
_context.NotificationSettings.Add(notificationSetting);
await _context.SaveChangesAsync();
var user = new User()
{
Login = loginData,
UserName = name,
ImageUrl = picture,
NotificationSettingsId = notificationSetting.NotificationSettingsId
};
_context.Users.Add(user);
await _context.SaveChangesAsync();
var userData = new UserDTO
{
UserId = user.UserId,
UserName = user.UserName,
IsOnline = user.IsOnline,
ImageUrl = user.ImageUrl,
NotificationSettings = notificationSetting
};
var userToken = await TokenValidation.CreateJwtAsync(userData);
return(Ok(new { userToken }));
}
}
