public async Task<IActionResult> OnPostAsync(string returnUrl = null) { returnUrl = returnUrl ?? Url.Content("~/"); if (!ModelState.IsValid) { return Page(); } var passwordCheck = await _HIBPClient.GetHitsPlainAsync(Input.Password); if (passwordCheck > 0) { ModelState.AddModelError(nameof(Input.Password), "This password is known to hackers, and can lead to your account being compromised, please try another password. For more info goto https://haveibeenpwned.com/Passwords"); return Page(); } var user = new CoreWikiUser { UserName = Input.UserName, DisplayName = Input.DisplayName, Email = Input.Email, CanNotify = Input.CanNotify }; var result = await _userManager.CreateAsync(user, Input.Password); if (result.Succeeded) { _logger.LogInformation("User created a new account with password."); var code = await _userManager.GenerateEmailConfirmationTokenAsync(user); await _notificationService.SendConfirmationEmail(Input.Email, user.Id, code); await _signInManager.SignInAsync(user, isPersistent: false); return LocalRedirect(returnUrl); } foreach (var error in result.Errors) { ModelState.AddModelError(string.Empty, error.Description); } // If we got this far, something failed, redisplay form return Page(); }
public async Task <IActionResult> OnPostAsync() { if (!ModelState.IsValid) { return(Page()); } var user = await _userManager.GetUserAsync(User); if (user == null) { return(NotFound($"Unable to load user with ID '{_userManager.GetUserId(User)}'.")); } var passwordCheck = await _HIBPClient.GetHitsPlainAsync(Input.NewPassword); if (passwordCheck > 0) { ModelState.AddModelError(nameof(Input.NewPassword), "This password is known to hackers, and can lead to your account being compromised, please try another password. For more info goto https://haveibeenpwned.com/passwords"); return(Page()); } var changePasswordResult = await _userManager.ChangePasswordAsync(user, Input.OldPassword, Input.NewPassword); if (!changePasswordResult.Succeeded) { foreach (var error in changePasswordResult.Errors) { ModelState.AddModelError(string.Empty, error.Description); } return(Page()); } await _signInManager.RefreshSignInAsync(user); _logger.LogInformation("User changed their password successfully."); StatusMessage = "Your password has been changed."; return(RedirectToPage()); }
public async Task <IActionResult> OnPostAsync() { if (!ModelState.IsValid) { return(Page()); } var user = await _userManager.FindByEmailAsync(Input.Email); if (user == null) { // Don't reveal that the user does not exist return(RedirectToPage("./ResetPasswordConfirmation")); } var passwordCheck = await _HIBPClient.GetHitsPlainAsync(Input.Password); if (passwordCheck > 0) { ModelState.AddModelError(nameof(Input.Password), "This password is known to hackers, and can lead to your account being compromised, please try another password. For more info goto https://haveibeenpwned.com/Passwords"); return(RedirectToPage("./ResetPasswordConfirmation")); } var result = await _userManager.ResetPasswordAsync(user, Input.Code, Input.Password); if (result.Succeeded) { return(RedirectToPage("./ResetPasswordConfirmation")); } foreach (var error in result.Errors) { ModelState.AddModelError(string.Empty, error.Description); } return(Page()); }