public async Task <IActionResult> CandidateLogin(string returnUrl)
{
var context = await _interaction.GetAuthorizationContextAsync(returnUrl);
var token = context.Parameters["token"];
var userId = context.Parameters["userid"];
var offerId = context.Parameters["offerid"];
var corporateId = context.Parameters["corporateid"];
var user = await _userManager.FindByIdAsync(userId);
var userIsCandidateInCorporate = await _userManager.IsInGroupyfyRoleAsync(user, "Candidate", Guid.Parse(corporateId));
if (!userIsCandidateInCorporate)
{
return(BadRequest());
}
var tokenIsValid = await _userManager.VerifyOfferTokenAsync(user, token, Guid.Parse(offerId));
if (!tokenIsValid)
{
return(BadRequest());
}
await HttpContext.SignInAsync(IdentityConstants.ApplicationScheme, await StoreRememberClient(user, "Candidate", Guid.Parse(corporateId), Guid.Parse(offerId)));
return(Redirect(returnUrl));
}
public async Task <ActionResult <string> > GenerateOfferLoginLink(OfferLoginLinkCommand command)
{
var user = await _userManager.FindByIdAsync(command.UserId.ToString());
if (await _userManager.IsInGroupyfyRoleAsync(user, "candidate", command.CorporateId))
{
var offerToken = await _userManager.GenerateOfferTokenAsync(user, command.OfferId);
var link = "http://localhost:4200/#/candidate/login?" + $"userid={command.UserId}&corporateid={command.CorporateId}&offerid={command.OfferId}&token={WebUtility.UrlEncode(offerToken)}";
return(link);
}
return(BadRequest());
}
public async Task GetProfileDataAsync(ProfileDataRequestContext context)
{
var user = await _userManager.FindByIdAsync(context.Subject.GetSubjectId());
var principal = await _claimsFactory.CreateAsync(user);
var claims = principal.Claims.ToList();
claims.RemoveAll(x => x.Type == JwtClaimTypes.Role);
if (!string.IsNullOrEmpty(context.ValidatedRequest?.Raw["role"]))
{
var corporateId = context.ValidatedRequest.Raw["corporateid"];
var role = context.ValidatedRequest.Raw["role"];
var userHasRole = await _userManager.IsInGroupyfyRoleAsync(user, context.ValidatedRequest.Raw["role"], corporateId != null?Guid.Parse(corporateId) : (Guid?)null);
if (userHasRole)
{
claims.Add(new Claim(JwtClaimTypes.Role, role));
if (!string.IsNullOrEmpty(corporateId))
{
claims.Add(new Claim("corporateId", corporateId));
}
}
}
else
{
var role = context.Subject.Claims.FirstOrDefault(x => x.Type == JwtClaimTypes.Role)?.Value;
var corporateId = context.Subject.Claims.FirstOrDefault(x => x.Type == "corporateId")?.Value;
if (!string.IsNullOrEmpty(role))
{
claims.Add(new Claim(JwtClaimTypes.Role, role));
}
if (!string.IsNullOrEmpty(corporateId))
{
claims.Add(new Claim("corporateId", corporateId));
}
}
if (!string.IsNullOrEmpty(context.ValidatedRequest?.Raw["offerid"]))
{
claims.Add(new Claim("offerId", context.ValidatedRequest.Raw["offerid"]));
}
context.IssuedClaims = claims;
}
public async Task <IActionResult> OnPostAsync(string returnUrl = null)
{
returnUrl = returnUrl ?? Url.Content("~/");
if (!ModelState.IsValid)
{
return(Page());
}
if (Input.Role.ToLower() == "candidate")
{
var user = await _userManager.FindByNameAsync(Input.Email);
if (user != null)
{
var isUserInCandidateRoleForCorporate = await _userManager.IsInGroupyfyRoleAsync(user, "candidate", Input.CorporateId);
if (isUserInCandidateRoleForCorporate)
{
ModelState.AddModelError("candidate", "Candidate already exists for this corporate");
return(Page());
}
var assignRoleResult = await _userManager.AddToGroupyfyRoleAsync(user, Input.Role, Input.CorporateId);
if (!assignRoleResult.Succeeded)
{
return(LocalRedirect($"/home/error?errorId={assignRoleResult.Errors.ToArray()[0].Code}"));
}
await _signInManager.SignInAsync(user, isPersistent : false);
return(LocalRedirect(returnUrl));
}
else
{
user = new GroupyfyUser {
UserName = Input.Email, Email = Input.Email
};
var result = await _userManager.CreateAsync(user);
if (result.Succeeded)
{
var assignRoleResult = await _userManager.AddToGroupyfyRoleAsync(user, "candidate", Input.CorporateId);
if (!assignRoleResult.Succeeded)
{
return(LocalRedirect($"/home/error?errorId={assignRoleResult.Errors.ToArray()[0].Code}"));
}
_logger.LogInformation("Candidate created");
await _signInManager.SignInAsync(user, isPersistent : false);
return(LocalRedirect(returnUrl));
}
foreach (var error in result.Errors)
{
ModelState.AddModelError(string.Empty, error.Description);
}
}
}
else
{
var user = new GroupyfyUser {
UserName = Input.Email, Email = Input.Email
};
var result = await _userManager.CreateAsync(user, Input.Password);
if (result.Succeeded)
{
var assignRoleResult = await _userManager.AddToGroupyfyRoleAsync(user, Input.Role, Input.CorporateId);
if (!assignRoleResult.Succeeded)
{
return(LocalRedirect($"/home/error?errorId={assignRoleResult.Errors.ToArray()[0].Code}"));
}
_logger.LogInformation("User created a new account with password.");
var code = await _userManager.GenerateEmailConfirmationTokenAsync(user);
var callbackUrl = Url.Page(
"/Account/ConfirmEmail",
pageHandler: null,
values: new { userId = user.Id, code = code },
protocol: Request.Scheme);
await _emailSender.SendEmailAsync(Input.Email, "Confirm your email",
$"Please confirm your account by <a href='{HtmlEncoder.Default.Encode(callbackUrl)}'>clicking here</a>.");
await _signInManager.SignInAsync(user, isPersistent : false);
return(LocalRedirect(returnUrl));
}
foreach (var error in result.Errors)
{
ModelState.AddModelError(string.Empty, error.Description);
}
}
// If we got this far, something failed, redisplay form
return(Page());
}