public async Task <bool> Handle(ValidateUserPasswordQuery query, CancellationToken cancellationToken) { var user = await _usersRepository.FindByEmailAsync(query.Email); if (user == null) { return(false); } return(_passwordService.VerifyHashedPassword(user.PasswordHash, query.Password)); }
public async Task <IActionResult> Login(LoginInputModel model, string button) { var context = await _interaction.GetAuthorizationContextAsync(model.ReturnUrl); if (ModelState.IsValid) { var validateUserPasswordQuery = new ValidateUserPasswordQuery() { Email = model.Email, Password = model.Password }; if (await _mediator.Send(validateUserPasswordQuery)) { var query = new GetUserByEmailQuery() { Email = model.Email }; UserDto user = await _mediator.Send(query); await _events.RaiseAsync(new UserLoginSuccessEvent(username : user.UserName, subjectId : user.Id.ToString(), name : user.GivenName, clientId : context?.Client?.ClientId)); AuthenticationProperties props = null; if (model.RememberLogin) { props = new AuthenticationProperties { IsPersistent = true, ExpiresUtc = DateTimeOffset.UtcNow.Add(AccountOptions.RememberMeLoginDuration) }; } var isuser = new IdentityServerUser(user.Id.ToString()) { DisplayName = $"{user.GivenName} {user.FamilyName}".Trim(), }; await HttpContext.SignInAsync(isuser, props); if (context != null) { if (await _clientStore.IsPkceClientAsync(context?.Client?.ClientId)) { return(this.LoadingPage("Redirect", model.ReturnUrl)); } return(Redirect(model.ReturnUrl)); } if (Url.IsLocalUrl(model.ReturnUrl)) { return(Redirect(model.ReturnUrl)); } if (string.IsNullOrEmpty(model.ReturnUrl)) { return(Redirect("~/")); } throw new Exception("invalid return URL"); } await _events.RaiseAsync(new UserLoginFailureEvent(model.Email, "invalid credentials", clientId : context?.Client?.ClientId)); ModelState.AddModelError(string.Empty, AccountOptions.InvalidCredentialsErrorMessage); } var vm = await BuildLoginViewModelAsync(model); return(View(vm)); }