public async Task <IActionResult> PasswordLoginAsync([FromServices] ILoginRateLimiter loginRateLimiter, string username, string password, string referer)
{
var passwordHasher = new PasswordHasher <User>();
// Already logged in?
var currentUser = await GetCurrentUserAsync();
if (currentUser != null)
{
return(await ShowRedirectAsync(referer));
}
// Find user
bool success = false;
var user = await _userService.FindUserByMoodleNameAsync(username, HttpContext.RequestAborted);
if (user != null)
{
// Check rate limit
if (loginRateLimiter.CheckRateLimitHit(user.Id))
{
AddStatusMessage(_localizer["PasswordLoginAsync:RateLimited"], StatusMessageTypes.Error);
ViewData["LoginFormUsername"] = username;
ViewData["Referer"] = referer;
return(await RenderAsync(ViewType.Login));
}
// Check password
var verificationResult = passwordHasher.VerifyHashedPassword(user, user.PasswordHash, password);
if (verificationResult == PasswordVerificationResult.Success)
{
success = true;
}
else if (verificationResult == PasswordVerificationResult.SuccessRehashNeeded)
{
// Update password hash
user.PasswordHash = passwordHasher.HashPassword(user, password);
await _userService.UpdateUserAsync(user, CancellationToken.None);
success = true;
}
}
// Return to login form, if the login attempt failed
if (!success)
{
AddStatusMessage(_localizer["PasswordLoginAsync:WrongPassword"], StatusMessageTypes.Error);
ViewData["LoginFormUsername"] = username;
ViewData["Referer"] = referer;
return(await RenderAsync(ViewType.Login));
}
// Sign in user
await DoLoginAsync(user);
// Reset rate limit
loginRateLimiter.ResetRateLimit(user.Id);
// Done
AddStatusMessage(_localizer["PasswordLoginAsync:Success"], StatusMessageTypes.Success);
return(await ShowRedirectAsync(referer));
}
public async Task <IActionResult> LoginMoodleAsync([FromServices] IOptions <MoodleLtiOptions> moodleLtiOptions, [FromServices] ILoginRateLimiter loginRateLimiter)
{
// Already logged in?
var currentUser = await GetCurrentUserAsync();
if (currentUser != null)
{
return(await ShowRedirectAsync(null));
}
// Parse and check request
MoodleAuthenticationMessageData authData;
try
{
authData = await MoodleAuthenticationTools.ParseAuthenticationRequestAsync
(
Request,
moodleLtiOptions.Value.OAuthConsumerKey,
moodleLtiOptions.Value.OAuthSharedSecret,
_serviceProvider.GetRequiredService <ILogger <MoodleAuthenticationTools> >()
);
}
catch (SecurityException)
{
AddStatusMessage(_localizer["LoginMoodleAsync:InvalidLogin"], StatusMessageTypes.Error);
return(await RenderAsync(ViewType.Login));
}
// Does the user exist already?
var user = await _userService.FindUserByMoodleUserIdAsync(authData.UserId, HttpContext.RequestAborted);
if (user == null)
{
bool firstUser = !await _userService.AnyUsers(HttpContext.RequestAborted);
var newUser = new User
{
DisplayName = authData.FullName,
MoodleUserId = authData.UserId,
MoodleName = authData.LoginName,
PasswordHash = "",
GroupFindingCode = RandomStringGenerator.GetRandomString(10),
IsTutor = firstUser,
Privileges = firstUser ? UserPrivileges.All : UserPrivileges.Default
};
user = await _userService.CreateUserAsync(newUser, HttpContext.RequestAborted);
AddStatusMessage(_localizer["LoginMoodleAsync:AccountCreationSuccess"], StatusMessageTypes.Success);
}
// Sign in user
await DoLoginAsync(user);
// Reset rate limit
loginRateLimiter.ResetRateLimit(user.Id);
// Done
AddStatusMessage(_localizer["LoginMoodleAsync:Success"], StatusMessageTypes.Success);
return(await ShowRedirectAsync(null));
}
