public async Task <IActionResult> ResetPassword(ResetPasswordViewModel model)
{
if (ModelState.IsValid)
{
// Find the user by email
var user = await Usermanager.FindByEmailAsync(model.Email);
if (user != null)
{
// reset the user password
var result = await Usermanager.ResetPasswordAsync(user, model.Token, model.Password);
if (result.Succeeded)
{
return(View("ResetPasswordConfirmation"));
}
// Display validation errors. For example, password reset token already
// used to change the password or password complexity rules not met
foreach (var error in result.Errors)
{
ModelState.AddModelError("", error.Description);
}
return(View(model));
}
// To avoid account enumeration and brute force attacks, don't
// reveal that the user does not exist
return(View("ResetPasswordConfirmation"));
}
// Display validation errors if model state is not valid
return(View(model));
}
public async Task <IActionResult> Login(LoginViewModel model)
{
if (ModelState.IsValid)
{
AppUser user = await Usermanager.FindByEmailAsync(model.Email);
//AppUser user = CurrentUser;
if (user != null)
{
if (await Usermanager.IsLockedOutAsync(user))
{
ModelState.AddModelError("", "hesap kilitli");
}
await SignInManager.SignOutAsync();
Microsoft.AspNetCore.Identity.SignInResult result = await SignInManager.PasswordSignInAsync(user, model.Password, false, false);
if (result.Succeeded)
{
await Usermanager.ResetAccessFailedCountAsync(user);
if (TempData["ReturnUrl"] != null)
{
return(Redirect(TempData["ReturnUrl"].ToString()));
}
return(RedirectToAction("Index", "Member"));
}
else
{
await Usermanager.AccessFailedAsync(user);
int fail = await Usermanager.GetAccessFailedCountAsync(user);
ModelState.AddModelError("", $"{fail} kez basarisiz giris");
if (fail == 3)
{
await Usermanager.SetLockoutEndDateAsync(user, new System.DateTimeOffset(DateTime.Now.AddMinutes(20)));
ModelState.AddModelError("", "ban for 20 minutes");
}
else
{
ModelState.AddModelError(nameof(model.Email), "gecersiz mail veya sifre");
}
}
}
else
{
//return RedirectToAction()
ModelState.AddModelError(nameof(model.Email), "gecersiz mail veya sifre");
}
}
return(View());
}
public async Task <IActionResult> IsEmailexist(string email)
{
var user = await Usermanager.FindByEmailAsync(email);
if (user == null)
{
return(Json(true));
}
else
{
return(Json($"Email {email} is already in Use"));
}
}
public async Task <IActionResult> ForgotPassword(string Email)
{
if (Email == null)
{
ModelState.AddModelError("", "Email Can't be null");
return(View());
}
if (ModelState.IsValid)
{
// Find the user by email
var user = await Usermanager.FindByEmailAsync(Email);
// If the user is found AND Email is confirmed
if (user != null && await Usermanager.IsEmailConfirmedAsync(user))
{
// Generate the reset password token
var token = await Usermanager.GeneratePasswordResetTokenAsync(user);
// Build the password reset link
var passwordResetLink = Url.Action("ResetPassword", "Account",
new { email = Email, token = token }, Request.Scheme);
string str = await ViewToStringRenderer.RenderViewToStringAsync(HttpContext.RequestServices, $"~/Views/Template/ResetPassword.cshtml", passwordResetLink);
//util.sendemail(user.Email, "Reset Account Password", str);
//await _emailSender.SendEmailAsync(user.Email, "Reset Account Password", $"<h2>Here is the Reset Password Confirmation Link</h2></br> <a href ={passwordResetLink}>{passwordResetLink}</a>");
await _emailSender.SendEmailAsync(user.Email, "Reset Account Password", str);
ViewBag.PageTitle = "Email Confirmation";
ViewBag.Title = "Password Reset Success";
ViewBag.Message = "Before you can Login, please Reset your " +
"Password, by clicking on the Reset Password link we have emailed you";
return(View("EmailConfirmation"));
}
// To avoid account enumeration and brute force attacks, don't
// reveal that the user does not exist or is not confirmed
ViewBag.PageTitle = "Email Confirmation";
ViewBag.Title = "Password Reset Success";
ViewBag.Message = "Before you can Login, please Reset your " +
"Password, by clicking on the Reset Password link we have emailed you";
return(View("EmailConfirmation"));
}
return(View());
}
public async Task <IActionResult> Login(LoginViewModel model, string returnUrl)
{
model.ExternalLogins =
(await Signinmanager.GetExternalAuthenticationSchemesAsync()).ToList();
if (ModelState.IsValid)
{
var user = await Usermanager.FindByEmailAsync(model.Email);
if (user != null && !user.EmailConfirmed &&
(await Usermanager.CheckPasswordAsync(user, model.Password)))
{
ModelState.AddModelError(string.Empty, "Email not confirmed yet");
return(View(model));
}
var result = await Signinmanager.PasswordSignInAsync(
user, model.Password, model.RememberMe, false);
if (result.Succeeded)
{
if (!String.IsNullOrEmpty(returnUrl) && Url.IsLocalUrl(returnUrl))
{
//LocalRedirect(returnUrl);
return(Redirect(returnUrl));
}
else
{
if (User.IsInRole("Admin") || User.IsInRole("Super Admin") || User.IsInRole("Employee"))
{
return(RedirectToAction("Admin", "Home"));
}
else
{
return(RedirectToAction("index", "Home"));
}
}
}
ModelState.AddModelError(string.Empty, "Invalid Login Attempt");
}
return(View(model));
}
public async Task <IActionResult> ExternalLoginCallback(string returnUrl = null, string remoteError = null)
{
returnUrl = returnUrl ?? Url.Content("~/");
LoginViewModel loginViewModel = new LoginViewModel
{
ReturnUrl = returnUrl,
ExternalLogins =
(await Signinmanager.GetExternalAuthenticationSchemesAsync()).ToList()
};
if (remoteError != null)
{
ModelState
.AddModelError(string.Empty, $"Error from external provider: {remoteError}");
return(View("Login", loginViewModel));
}
// Get the login information about the user from the external login provider
var info = await Signinmanager.GetExternalLoginInfoAsync();
if (info == null)
{
ModelState
.AddModelError(string.Empty, "Error loading external login information.");
return(View("Login", loginViewModel));
}
// If the user already has a login (i.e if there is a record in AspNetUserLogins
// table) then sign-in the user with this external login provider
var signInResult = await Signinmanager.ExternalLoginSignInAsync(info.LoginProvider,
info.ProviderKey, isPersistent : false, bypassTwoFactor : true);
if (signInResult.Succeeded)
{
return(LocalRedirect(returnUrl));
}
// If there is no record in AspNetUserLogins table, the user may not have
// a local account
else
{
// Get the email claim value
var email = info.Principal.FindFirstValue(ClaimTypes.Email);
if (email != null)
{
// Create a new user without password if we do not have a user already
var user = await Usermanager.FindByEmailAsync(email);
if (user == null)
{
user = new ApplicationUser
{
UserName = info.Principal.FindFirstValue(ClaimTypes.Email),
Email = info.Principal.FindFirstValue(ClaimTypes.Email)
};
await Usermanager.CreateAsync(user);
await Usermanager.AddToRoleAsync(user, "User");
}
// Add a login (i.e insert a row for the user in AspNetUserLogins table)
await Usermanager.AddLoginAsync(user, info);
await Signinmanager.SignInAsync(user, isPersistent : false);
return(LocalRedirect(returnUrl));
}
// If we cannot find the user email we cannot continue
ViewBag.ErrorTitle = $"Email claim not received from: {info.LoginProvider}";
ViewBag.ErrorMessage = "Please contact support on " + Configuration["Email"];
return(View("Error"));
}
}
