コード例 #1
0
        public async Task <ActionResult <TokenResponseViewModel> > Post([FromBody] LogonViewModel credentials)
        {
            if (!ModelState.IsValid)
            {
                return(BadRequest(AuthenticationErrorViewModel.Init(ModelState)));
            }
            // user name used at logon is "email"
            var identity = await GetClaimsIdentity(credentials.UserName, credentials.Password);

            if (identity == null)
            {
                return(BadRequest(AuthenticationErrorViewModel.Init(Errors.AddErrorToModelState("login_failure", "User not known.", ModelState))));
            }
            var user = new UserViewModel {
                UserName = identity.Name,
                Id       = identity.Claims.Single(c => c.Type == "id").Value
            };
            // log user immediately in
            var result = await _signin.CheckPasswordSignInAsync(user, credentials.Password, true);

            if (!result.Succeeded)
            {
                return(BadRequest(AuthenticationErrorViewModel.Init(Errors.AddErrorToModelState("login_failure", "Invalid username or password.", ModelState))));
            }
            // Serialize and return the response
            var response = new TokenResponseViewModel {
                Id        = identity.Claims.Single(c => c.Type == "id").Value,
                AuthToken = await _jwtFactory.GenerateEncodedToken(credentials.UserName, identity),
                ExpiresIn = (int)_jwtOptions.ValidFor.TotalSeconds
            };

            return(response);
        }
コード例 #2
0
        public async Task <IActionResult> ConfirmEmail([FromQuery] string userId, [FromQuery] string confirmation)
        {
            if (!ModelState.IsValid)
            {
                return(BadRequest(ModelState));
            }
            var user = await _userManager.FindByIdAsync(userId);

            var result = await _userManager.ConfirmEmailAsync(user, confirmation);

            if (result == null || !result.Succeeded)
            {
                return(BadRequest(AuthenticationErrorViewModel.Init(Errors.AddErrorToModelState("Forbidden", "Not authorized", ModelState))));
            }
            // TODO: Direct View ?
            return(Ok("Email confirmed"));
        }
コード例 #3
0
        public async Task <IActionResult> ChangePassword([FromBody] ChangePasswordViewModel model)
        {
            if (!ModelState.IsValid)
            {
                return(BadRequest(ModelState));
            }

            // User.

            var userIdentity = await _userManager.GetUserAsync(User);

            if (userIdentity == null)
            {
                return(BadRequest("Not authorized"));
            }
            var result = await _userManager.ChangePasswordAsync(userIdentity, model.OldPassword, model.NewPassword);

            if (result == null || !result.Succeeded)
            {
                return(BadRequest(AuthenticationErrorViewModel.Init(Errors.AddErrorsToModelState(result, ModelState))));
            }
            return(Ok("Password changed"));
        }
コード例 #4
0
        public async Task <IActionResult> Post([FromBody] RegistrationViewModel model)
        {
            if (!ModelState.IsValid)
            {
                return(BadRequest(ModelState));
            }
            var userIdentity = _mapper.Map <UserViewModel>(model);
            var result       = await _userManager.CreateAsync(userIdentity, model.Password);

            if (result == null || !result.Succeeded)
            {
                return(BadRequest(AuthenticationErrorViewModel.Init(Errors.AddErrorsToModelState(result, ModelState))));
            }
            // Save additional profile data
            userIdentity = await _userManager.FindByEmailAsync(model.Email);

            await _userManager.AddClaimAsync(userIdentity, new Claim(ClaimTypes.Surname, model.LastName));

            await _userManager.AddClaimAsync(userIdentity, new Claim(ClaimTypes.GivenName, model.FirstName));

            await _userManager.AddClaimAsync(userIdentity, new Claim(ClaimTypes.HomePhone, model.Phone));

            return(Ok("Account created"));
        }