public IActionResult AddCarSale([FromBody] CarSaleViewModel newCarSale)
{
Console.WriteLine("CARSALE: " + newCarSale.Name);
if (newCarSale == null)
{
return(BadRequest());
}
if (!ModelState.IsValid)
{
return(StatusCode(412));
}
var checkIfExists = _carSaleService.GetCarSaleByEmail(newCarSale.Email);
if (checkIfExists != null)
{
return(BadRequest("This carsale is already in the database"));
}
var res = _carSaleService.AddCarSale(newCarSale);
if (res == false)
{
return(BadRequest("Unable to post")); // Add exception here!
}
return(CreatedAtAction("Registered", newCarSale)); // TODO: Better way to do this? Return something else?
}
//[ValidateAntiForgeryToken]
public async Task <IActionResult> Login([FromBody] LoginViewModel model)
{
Console.WriteLine("=================================================");
Console.WriteLine("IN LOGIN");
Console.WriteLine("=================================================");
if (ModelState.IsValid)
{
Console.WriteLine("Modelstate Valid");
// This doesn't count login failures towards account lockout
// To enable password failures to trigger account lockout, set lockoutOnFailure: true
var result = await _signInManager.PasswordSignInAsync(model.Email, model.Password, model.RememberMe, lockoutOnFailure : false);
if (result.Succeeded)
{
var user = await _userManager.FindByEmailAsync(model.Email);
if (user == null)
{
throw new ApplicationException($"Unable to load user with ID '{_userManager.GetUserId(User)}'.");
}
_logger.LogInformation("User logged in.");
//Get the role of the user
var role = _userManager.GetRolesAsync(user).Result[0];
var userInfo = _carSaleService.GetCarSaleByEmail(model.Email);
// Create a token for the logged in user
var now = DateTime.UtcNow;
var principal = await _signInManager.CreateUserPrincipalAsync(user);
// Assign user to the response cookies to access it in server
HttpContext.Response.Cookies.Append("User", role);
var jwt = new JwtSecurityToken(
issuer: _options.Issuer,
audience: _options.Audience,
claims: principal.Claims,
notBefore: now,
expires: now.Add(_options.Expiration),
signingCredentials: _options.SigningCredentials);
var encodedJwt = new JwtSecurityTokenHandler().WriteToken(jwt);
// not being used atm
/*var response = new
* {
* access_token = encodedJwt,
* expires_in = (int)_options.Expiration.TotalSeconds
* };*/
LoginDTO log = new LoginDTO()
{
role = role,
token = encodedJwt
};
if (userInfo == null)
{
log.ID = 0;
}
else
{
log.ID = userInfo.ID;
}
return(CreatedAtAction("Logged in!", log));
}
/*
* if (result.RequiresTwoFactor)
* {
* return RedirectToAction(nameof(LoginWith2fa), new { returnUrl, model.RememberMe });
* }*/
if (result.IsLockedOut)
{
_logger.LogWarning("User account locked out.");
return(Unauthorized());
}
else
{
ModelState.AddModelError(string.Empty, "Invalid login attempt.");
return(Unauthorized());
}
}
Console.WriteLine("Modelstate invalid");
// If we got this far, something failed, redisplay form
return(BadRequest());
}