public async Task <IActionResult> Login(Guid identityId, [FromBody] PasswordLoginRequest req)
{
var auths = ctx.PasswordAuthentications.Where(x => x.IdentityId == identityId);
if (!await auths.AnyAsync())
{
return(NotFound(new PasswordInvalid()));
}
var enabledAuths = auths.Where(x => x.DisabledAt == null);
if (!await auths.AnyAsync())
{
return(NotFound(new ActivePasswordAuthenticationNotFound()));
}
foreach (var auth in enabledAuths.ToArray())
{
if (await PasswordMatches(req.Password, auth))
{
return(Ok(new AuthenticationResponse {
IdentityId = auth.IdentityId
}));
}
}
// TODO if password matches one of the disabled passwords, return error that says so
return(Unauthorized());
}
public async Task Register(string password)
{
var regData = new PasswordRegisterRequest
{
Password = password
};
var regResp = await _client.PostJsonAsync <AuthenticationResponse>(
$"/identity/{Seeder.IdentityNone.Id}/password/register",
regData
);
var loginData = new PasswordLoginRequest
{
Password = password
};
var loginResp = await _client.PostJsonAsync <AuthenticationResponse>(
$"/identity/{Seeder.IdentityNone.Id}/password/login",
loginData
);
}
