public async Task <IActionResult> Login([FromBody] EmailPasswordModel model) { if (!ModelState.IsValid) { return(BadRequest("Invalid user name or password")); } var user = await _userManager.FindByEmailAsync(model.Email); if (user == null) { return(Conflict("Bad user name password combination")); } if (!await _userManager.CheckPasswordAsync(user, model.Password)) { return(Conflict("Bad user name password combination")); } //TODO: implement user account lockout to avoid guess password with brute force var refreshToken = AesCryptor.EncryptStringAes(user.Id, RefreshtokenKey.Value, RefreshtokenKey.IV); var jwtToken = JwtTokenizer.GenerateJwtToken(user.Id, user.Email); //CreateAuthenticatedCookie(jwtToken); return(Ok(new { userId = user.Id, Token = jwtToken, refreshtoken = refreshToken })); }
public async Task <IActionResult> Register([FromBody] EmailPasswordModel model) { if (!model.Email.IsValidEmail()) { return(BadRequest()); } var user = new ApplicationUser { UserName = model.Email, Email = model.Email }; var result = await _userManager.CreateAsync(user, model.Password); if (!result.Succeeded) { var errorMessages = result.Errors.Select(e => e.Description).Aggregate((en, enn) => en + ", " + enn); return(Conflict(new { Status = "Error", Message = errorMessages })); } //await SendEmailConfirmationAsync(model, user); TODO send email confirmation var refreshToken = AesCryptor.EncryptStringAes(user.Id, RefreshtokenKey.Value, RefreshtokenKey.IV); var jwtToken = JwtTokenizer.GenerateJwtToken(user.Id, user.Email); //CreateAuthenticatedCookie(jwtToken); return(Ok(new { userId = user.Id, Token = jwtToken, refreshtoken = refreshToken })); }
public async Task <ActionResult> ResetPassword(EmailPasswordModel model) { if (ModelState.IsValid) { model.UserContext = WeedHackersContext.Users.Single(u => u.Email == model.Email); string base64GuidPassword = Convert.ToBase64String(Guid.NewGuid().ToByteArray());//New Password assigned, User can later go and change it model.UserContext.Password = base64GuidPassword; WeedHackersContext.Users.AddOrUpdate(model.UserContext); await WeedHackersContext.SaveChangesAsync(); var SendNewPassword = new EmailHelper(); await SendNewPassword.SendEmail(new EmailFormModel { Message = "Your New Default password is " + model.UserContext.Password + " please use this to login and then update your password to your prefered new password", Recipient = model.UserContext.Email }); FlashMessage.Confirmation("Forgot Password", "Your password has been reset. An email was sent to you containing your new password."); return(RedirectToAction("Index", "Security")); } return(RedirectToAction("Index", "ForgotPassword")); }
public async Task <IActionResult> Register(EmailPasswordModel model) { var user = await this.userManager.FindByEmailAsync(model.Email); if (user == null) { user = new KmUser() { Email = model.Email, UserName = model.Email }; user.Email = model.Email; var result = await this.userManager.CreateAsync(user, model.Password); if (!result.Succeeded) { return(BadRequest(result.Errors.First().Code)); } await this.accountConfirmationService.SendAccountConfirmationEmail(user); return(Ok()); } else { return(BadRequest("The email has been registered.")); } }
public async Task <ActionResult <string> > Login(EmailPasswordModel model) { var user = await this.userManager.FindByEmailAsync(model.Email); if (user == null) { return(BadRequest("There is no account for the email you entered.")); } var result = await this.signinManager.PasswordSignInAsync(user, model.Password, false, false); if (result == SignInResult.Failed) { return(BadRequest("Incorrect password.")); } else if (result == SignInResult.NotAllowed) { return(BadRequest("You can not log in until email is confirmed.")); } var token = await this.tokenService.GenerateAccessToken(user); return(Ok(token)); }
// GET: ForgotPassword public ActionResult Index(EmailPasswordModel model) { model = new EmailPasswordModel(); return(View(model)); }