public async Task <IActionResult> CheckPassword([FromForm] AccountCheckPasswordRequest request) { if (request == null || string.IsNullOrWhiteSpace(request.UserName) || string.IsNullOrWhiteSpace(request.Password)) { return(BadRequest()); } var user = await _userManager.FindByNameAsync(request.UserName); // If the user does not exist, then return an empty result. if (user == null) { return(NoContent()); } // If the user does exist and they have not been migrated to the Azure Active Directory identity store with the SQL-managed // password, then... if (user.MigrationStatus == (int)MigrationStatus.New || user.MigrationStatus == (int)MigrationStatus.NotMigrated || user.MigrationStatus == (int)MigrationStatus.MigratedWithoutPassword) { var checkPasswordResult = await _userManager.CheckPasswordAsync(user, request.Password); if (user.MigrationStatus == (int)MigrationStatus.NotMigrated) { var userClaims = await _userManager.GetClaimsAsync(user); var displayNameClaim = userClaims.First(c => c.Type == DisplayNameClaimType); var playerTagClaim = userClaims.FirstOrDefault(c => c.Type == PlayerTagClaimType); // Create the user in the Azure Active Directory identity with either the SQL-managed password, if it is valid, // or a generated password, if it is not valid. await _graphService.CreateUserAsync( request.UserName, checkPasswordResult?request.Password : _passwordGenerator.GeneratePassword(), displayNameClaim.Value, "Activated", playerTagClaim?.Value, TermsOfServiceConsentedClaimValue); user.MigrationStatus = checkPasswordResult ? (int)MigrationStatus.MigratedWithPassword : (int)MigrationStatus.MigratedWithoutPassword; await _userManager.UpdateAsync(user); } else if (checkPasswordResult && (user.MigrationStatus == (int)MigrationStatus.New || user.MigrationStatus == (int)MigrationStatus.MigratedWithoutPassword)) { // Update the password for the user in the Azure Active Directory identity store with the SQL-managed password. await _graphService.SetUserPasswordAsync(request.UserName, request.Password); user.MigrationStatus = (int)MigrationStatus.MigratedWithPassword; await _userManager.UpdateAsync(user); } } return(Ok(user)); }
public async Task <IActionResult> ChangePassword(ChangePasswordViewModel viewModel) { if (viewModel == null) { throw new ArgumentNullException(nameof(viewModel)); } if (!ModelState.IsValid) { return(new EmptyResult()); } var user = await _userManager.FindByIdAsync(viewModel.Id); if (user == null) { throw new InvalidOperationException(); } await _userManager.SetPasswordAsync(user, viewModel.NewPassword); if (user.MigrationStatus == (int)MigrationStatus.NotMigrated) { var userClaims = await _userManager.GetClaimsAsync(user); var displayNameClaim = userClaims.First(c => c.Type == DisplayNameClaimType); var playerTagClaim = userClaims.FirstOrDefault(c => c.Type == PlayerTagClaimType); await _graphService.CreateUserAsync( user.UserName, viewModel.NewPassword, displayNameClaim.Value, "NotActivated", playerTagClaim?.Value, TermsOfServiceConsentedClaimValue); } else { await _graphService.SetUserPasswordAsync(user.UserName, viewModel.NewPassword); } user.MigrationStatus = (int)MigrationStatus.MigratedWithPassword; await _userManager.UpdateAsync(user); return(RedirectToAction("Index")); }