public ActionResult ChangePassword(Guid id, AdministratorLoginModel administratorLogin) { var administrator = _administratorsQuery.GetAdministrator(id); if (administrator == null) { return(NotFound("administrator", "id", id)); } var credentials = _loginCredentialsQuery.GetCredentials(id); if (credentials == null) { return(NotFound("administrator", "id", id)); } try { // Validate. administratorLogin.Validate(); // Update. credentials.PasswordHash = LoginCredentials.HashToString(administratorLogin.Password); _loginCredentialsCommand.UpdateCredentials(administrator.Id, credentials, User.Id().Value); const string message = "The password has been reset."; return(RedirectToRouteWithConfirmation(AdministratorsRoutes.Edit, new { id }, message)); } catch (UserException ex) { ModelState.AddModelError(ex, new StandardErrorHandler()); } administratorLogin.LoginId = credentials.LoginId; return(View("Edit", new UserModel <Administrator, AdministratorLoginModel> { User = _administratorsQuery.GetAdministrator(id), UserLogin = administratorLogin, })); }
//[ValidateAntiForgeryToken] public async Task <IActionResult> Login(AdministratorLoginModel model) { var result = await _signInManager.PasswordSignInAsync(model.Email, model.Password, false, lockoutOnFailure : true); if (result == SignInResult.TwoFactorRequired) { //return RedirectToAction(nameof(LoginWith2fa), new { returnUrl, model.RememberMe }); } if (result == SignInResult.Failed) { return(BadRequest("Email or password is incorrect.")); } if (result == SignInResult.LockedOut) { return(new UnauthorizedObjectResult("Account locked out.")); } if (result == SignInResult.NotAllowed) { return(new UnauthorizedObjectResult("Access denied.")); } var account = await _accountService.GetAccountByEmailAsync <AdministratorAccount>(model.Email); if (account.IsOnline) { return(BadRequest("Already logged in.")); } var remoteAddress = HttpContext.Connection.RemoteIpAddress.ToString(); account.Ip = remoteAddress; account.IsOnline = true; account.LastLoginDate = DateTime.UtcNow; await _accountService.UpdateEntityAsync(account); var newToken = await _accessTokenService.GenerateTokenAsync(account); var isSuccess = await _accessTokenService.SaveTokenAsync <AdministratorAccount>(newToken, account.Id); return(Ok(new { Message = "Admin log in.", newToken })); }