public async Task <IActionResult> ResetPassword(ResetPasswordViewModel model) { if (!ModelState.IsValid) { return(View(model)); } var user = await _userManager.FindByEmailAsync(model.Email); if (user == null) { // Don't reveal that the user does not exist return(RedirectToAction(nameof(ResetPasswordConfirmation))); } var result = await _userManager.ResetPasswordAsync(user, model.Code, model.Password); if (result.Succeeded) { var journalEntry = new EntriesRecord { UserId = user.UserName, Event = "Utilisateur chang� son mot de passe", Time = DateTime.Now }; _dbContext.JournalEntries.Add(journalEntry); await _dbContext.SaveChangesAsync(); await _userManager.ResetAccessFailedCountAsync(user); await _userManager.SetLockoutEndDateAsync(user, DateTimeOffset.Now); return(RedirectToAction(nameof(ResetPasswordConfirmation))); } AddErrors(result); return(View()); }
public async Task <IActionResult> Register(RegisterViewModel model, string returnUrl = null) { ViewData["ReturnUrl"] = returnUrl; if (ModelState.IsValid) { var user = new ApplicationUser { FirstName = model.FirstName, LastName = model.LastName, UserName = model.Email, Email = model.Email }; var result = await _userManager.CreateAsync(user, model.Password); if (result.Succeeded) { var journalEntry = new EntriesRecord { UserId = user.UserName, Event = "Utilisateur a crée un compte", Time = DateTime.Now }; _dbContext.JournalEntries.Add(journalEntry); await _dbContext.SaveChangesAsync(); _logger.LogInformation("User created a new account with password."); return(RedirectToAction(nameof(RegisterRole), new { email = model.Email })); } AddErrors(result); } return(View(model)); }
public async Task <IActionResult> Login(LoginViewModel model, string returnUrl = null) { ViewData["ReturnUrl"] = returnUrl; if (ModelState.IsValid) { var user = await _userManager.FindByEmailAsync(model.Email); //Delai entre deux tentatives de loggin pour ralentir le brute force if (user.AccessFailedCount > 0) { await Task.Delay(_dbContext.SecurityParams.Any()?_dbContext.SecurityParams.FirstOrDefault().FailedLoginDelay * 1000 : 0); } var result = await _signInManager.PasswordSignInAsync(model.Email, model.Password, model.RememberMe, lockoutOnFailure : false); if (result.Succeeded) { var journalEntry = new EntriesRecord { UserId = user.UserName, Event = "Utilisateur s'est authentifi�", Time = DateTime.Now }; _dbContext.JournalEntries.Add(journalEntry); await _dbContext.SaveChangesAsync(); _logger.LogInformation("User logged in."); await _userManager.ResetAccessFailedCountAsync(user); await _userManager.SetLockoutEndDateAsync(user, DateTimeOffset.Now); return(RedirectToAction(nameof(HomeController.Index), "Home")); } if (result.RequiresTwoFactor) { return(RedirectToAction(nameof(LoginWith2fa), new { returnUrl, model.RememberMe })); } if (result.IsLockedOut) { var journalEntry = new EntriesRecord { UserId = user.UserName, Event = "Utilisateur a �t� v�rouill�", Time = DateTime.Now }; _dbContext.JournalEntries.Add(journalEntry); await _dbContext.SaveChangesAsync(); _logger.LogWarning("User account locked out."); return(RedirectToAction(nameof(Lockout))); } else { var journalEntry = new EntriesRecord { UserId = user.UserName, Event = "Utilisateur a �chou� une tentative de connexion", Time = DateTime.Now }; _dbContext.JournalEntries.Add(journalEntry); await _dbContext.SaveChangesAsync(); ModelState.AddModelError(string.Empty, "Invalid login attempt."); if (user != null) { await _userManager.AccessFailedAsync(user); } return(View(model)); } } return(View(model)); }