public async Task <IActionResult> LogToAccountAsync([FromBody] UserLoginDto APayLoad)
{
try
{
if (!ModelState.IsValid)
{
FAppLogger.LogError(ErrorCodes.INVALID_PAYLOAD);
return(StatusCode(400, new ErrorHandlerDto
{
ErrorCode = nameof(ErrorCodes.INVALID_PAYLOAD),
ErrorDesc = ErrorCodes.INVALID_PAYLOAD
}));
}
var(LSessionId, LIsSignedIn, LIsExisting) = await FLogicContext.Accounts.SignIn(APayLoad.EmailAddr, APayLoad.Password);
if (!LIsExisting)
{
FAppLogger.LogError(ErrorCodes.EMAIL_DOES_NOT_EXIST);
return(StatusCode(400, new ErrorHandlerDto
{
ErrorCode = nameof(ErrorCodes.EMAIL_DOES_NOT_EXIST),
ErrorDesc = ErrorCodes.EMAIL_DOES_NOT_EXIST
}));
}
if (LSessionId == Guid.Empty && LIsSignedIn)
{
FAppLogger.LogError(ErrorCodes.INVALID_CREDENTIALS);
return(StatusCode(400, new ErrorHandlerDto
{
ErrorCode = nameof(ErrorCodes.INVALID_CREDENTIALS),
ErrorDesc = ErrorCodes.INVALID_CREDENTIALS
}));
}
if (!LIsSignedIn)
{
FAppLogger.LogError(ErrorCodes.ACCOUNT_NOT_ACTIVATED);
return(StatusCode(400, new ErrorHandlerDto
{
ErrorCode = nameof(ErrorCodes.ACCOUNT_NOT_ACTIVATED),
ErrorDesc = ErrorCodes.ACCOUNT_NOT_ACTIVATED
}));
}
HttpContext.Session.SetString(Constants.Sessions.KeyNames.SESSION_ID, LSessionId.ToString());
HttpContext.Session.SetString(Constants.Sessions.KeyNames.EMAIL_ADDRESS, APayLoad.EmailAddr);
HttpContext.Session.SetString(Constants.Sessions.KeyNames.EXPIRES_AT, DateTime.Now
.AddMinutes(Constants.Sessions.IDLE_TIMEOUT)
.ToString(CultureInfo.InvariantCulture));
return(StatusCode(204));
}
catch (Exception LException)
{
FAppLogger.LogFatality(ControllerException.Handle(LException).ErrorDesc);
return(StatusCode(500, ControllerException.Handle(LException)));
}
}
public async Task <IActionResult> OnGet()
{
try
{
ViewData["XCSRF"] = FAntiforgery.GetAndStoreTokens(HttpContext).RequestToken;
var LLoggedUser = HttpContext.Session.GetString(Constants.Sessions.KeyNames.EMAIL_ADDRESS);
if (!string.IsNullOrEmpty(LLoggedUser))
{
return(RedirectToPage("./Index"));
}
CountryList = await FMainDbContext.Countries
.AsNoTracking()
.Select(ACountries => new CountryList
{
Id = ACountries.Id,
Name = ACountries.CountryName
})
.ToListAsync();
var LHtmlList = CountryList
.Aggregate("", (ACurrent, ACountry)
=> ACurrent + $"<option value = '{ACountry.Id}'>{ACountry.Name}</option>");
ViewData["CountryList"] = LHtmlList;
return(Page());
}
catch (Exception LException)
{
FAppLogger.LogFatality(ControllerException.Handle(LException).ErrorDesc);
throw;
}
}
public async Task <IActionResult> ReturnCountryAsync()
{
try
{
return(StatusCode(200, new ReturnCountryListDto
{
Countries = await FLogicContext.Repository.ReturnCountryList()
}));
}
catch (Exception LException)
{
FAppLogger.LogFatality(ControllerException.Handle(LException).ErrorDesc);
return(StatusCode(500, ControllerException.Handle(LException)));
}
}
public async Task <IActionResult> CreateAccountAsync([FromBody] UserCreateDto APayLoad)
{
try
{
if (!ModelState.IsValid)
{
FAppLogger.LogError(ErrorCodes.INVALID_PAYLOAD);
return(StatusCode(400, new ErrorHandlerDto
{
ErrorCode = nameof(ErrorCodes.INVALID_PAYLOAD),
ErrorDesc = ErrorCodes.INVALID_PAYLOAD
}));
}
if (await FLogicContext.Emails.IsEmailAddressExist(APayLoad.EmailAddress))
{
FAppLogger.LogWarn(ErrorCodes.EMAIL_ALREADY_EXISTS);
return(StatusCode(400, new ErrorHandlerDto
{
ErrorCode = nameof(ErrorCodes.EMAIL_ALREADY_EXISTS),
ErrorDesc = ErrorCodes.EMAIL_ALREADY_EXISTS
}));
}
var LUserId = await FLogicContext.Accounts.SignUp(APayLoad, 12);
if (LUserId == 0)
{
FAppLogger.LogWarn(ErrorCodes.UNEXPECTED_ERROR);
return(StatusCode(400, new ErrorHandlerDto
{
ErrorCode = nameof(ErrorCodes.UNEXPECTED_ERROR),
ErrorDesc = ErrorCodes.UNEXPECTED_ERROR
}));
}
FAppLogger.LogInfo($"New user '{APayLoad.EmailAddress}' has been successfully registered.");
return(StatusCode(204));
}
catch (Exception LException)
{
FAppLogger.LogFatality(ControllerException.Handle(LException).ErrorDesc);
return(StatusCode(500, ControllerException.Handle(LException)));
}
}
public IActionResult OnGet()
{
try
{
ViewData["XCSRF"] = FAntiforgery.GetAndStoreTokens(HttpContext).RequestToken;
var LLoggedUser = HttpContext.Session.GetString(Constants.Sessions.KeyNames.EMAIL_ADDRESS);
if (!string.IsNullOrEmpty(LLoggedUser))
{
return(RedirectToPage("./Index"));
}
return(Page());
}
catch (Exception LException)
{
FAppLogger.LogFatality(ControllerException.Handle(LException).ErrorDesc);
throw;
}
}
public IActionResult OnGet()
{
try
{
ViewData["XCSRF"] = FAntiforgery.GetAndStoreTokens(HttpContext).RequestToken;
var LSessionId = HttpContext.Session.GetString(Constants.Sessions.KeyNames.SESSION_ID);
var LExpiresAt = HttpContext.Session.GetString(Constants.Sessions.KeyNames.EXPIRES_AT);
if (string.IsNullOrEmpty(LSessionId))
{
return(Page());
}
var LCookieOptions = new CookieOptions
{
Path = "/",
Expires = DateTime.Parse(LExpiresAt),
IsEssential = false,
SameSite = SameSiteMode.Strict,
HttpOnly = true,
Secure = false //Set to true before deployment on HTTPS
};
/*
* We add short-lived HttpOnly cookie containing Session Id to the response header.
* This token would be later necessary to request data from API for logged user.
* Such API request must contain Anit-Forgery token along with Session Id in the request header.
* If session expires, then any requests to the API will fail and user will have to login again.
* Please note that Session Id is randomly generated key with short lifespan; and it is restricted
* to this domain only. Thus, if CORS is enabled, make sure it allows only certain domain,
* on which front-end runs.
*/
HttpContext.Response.Cookies.Append("SessionId", LSessionId, LCookieOptions);
return(Page());
}
catch (Exception LException)
{
FAppLogger.LogFatality(ControllerException.Handle(LException).ErrorDesc);
throw;
}
}
public async Task <IActionResult> CheckEmailAsync([FromRoute] string AEmailAddress)
{
try
{
if (!FLogicContext.Emails.IsEmailAddressCorrect(AEmailAddress))
{
FAppLogger.LogWarn(ErrorCodes.EMAIL_ADDRESS_MALFORMED);
return(StatusCode(400, new ErrorHandlerDto
{
ErrorCode = nameof(ErrorCodes.EMAIL_ADDRESS_MALFORMED),
ErrorDesc = ErrorCodes.EMAIL_ADDRESS_MALFORMED
}));
}
if (await FLogicContext.Emails.IsEmailAddressExist(AEmailAddress))
{
FAppLogger.LogWarn(ErrorCodes.EMAIL_ALREADY_EXISTS);
return(StatusCode(400, new ErrorHandlerDto
{
ErrorCode = nameof(ErrorCodes.EMAIL_ALREADY_EXISTS),
ErrorDesc = ErrorCodes.EMAIL_ALREADY_EXISTS
}));
}
if (await FLogicContext.Emails.IsEmailDomainExist(AEmailAddress))
{
return(StatusCode(204));
}
FAppLogger.LogWarn(ErrorCodes.EMAIL_DOMAIN_NOT_EXISTS);
return(StatusCode(400, new ErrorHandlerDto
{
ErrorCode = nameof(ErrorCodes.EMAIL_DOMAIN_NOT_EXISTS),
ErrorDesc = ErrorCodes.EMAIL_DOMAIN_NOT_EXISTS
}));
}
catch (Exception LException)
{
FAppLogger.LogFatality(ControllerException.Handle(LException).ErrorDesc);
return(StatusCode(500, ControllerException.Handle(LException)));
}
}