public IActionResult Login(IFormCollection input)
{
string errorFeedback = "Invalid login!";
try
{
VsAdmin existingUser = _db.VsAdmins.Where(a => a.Email.Equals(input["email"])).Select(a => a).First();
if (ValidLogin(existingUser, input["password"]))
{
HttpContext.Session.SetString("UserID", existingUser.Id.ToString());
TempData["UserID"] = HttpContext.Session.GetString("UserID");
// Get IP address for logged in admin user to be used later for admin visit storage:
HttpContext.Session.SetString("AdminIP", HttpContext.Connection.RemoteIpAddress.ToString());
return(RedirectToAction("Settings", "Admin"));
}
else
{
ViewBag.Error = errorFeedback;
}
}
catch (Exception e)
{
ViewBag.Error = errorFeedback;
Console.Write(e.Message);
}
return(View(input));
}
public IActionResult AdminSettings(Config input)
{
if (ModelState.IsValid && HttpContext.Session.GetString("UserID") != null)
{
try
{
VsAdmin user = _db.VsAdmins.Find(input.AdminID);
string userPassword = !string.IsNullOrEmpty(input.Password) ? hasher.HashPassword(user, input.Password) : user.Password;
user.Id = input.AdminID;
user.Firstname = input.Firstname;
user.Lastname = input.Lastname;
user.Email = input.Email;
user.Password = userPassword;
_db.VsAdmins.Update(user);
_db.SaveChanges();
// Return Json to support Ajax submits:
return(new JsonResult(input));
}
catch (Exception e)
{
Console.Write(e.Message);
}
}
// Get server side feedback:
TempData["errors"] = ErrorFeedback();
return(RedirectToAction(nameof(Settings)));
}
/// <summary>
/// Utilize the ASP.NET Core Identity function to verify a user password.
/// </summary>
/// <param name="item">VsAdmins object.</param>
/// <param name="passwordInput">User password input in plain text.</param>
/// <returns>Valid or invalid login.</returns>
public bool ValidLogin(VsAdmin item, string passwordInput)
{
var result = hasher.VerifyHashedPassword(item, item.Password, passwordInput);
if (result == PasswordVerificationResult.Success)
{
return(true);
}
return(false);
}
public IActionResult Settings()
{
// Check valid login:
if (HttpContext.Session.GetString("UserID") != null)
{
try
{
// Catch server side validation messages if any:
if (TempData["errors"] != null)
{
ViewBag.ErrorMessages = TempData["errors"];
}
VsApplication app = _db.VsApplications.Select(a => a).First();
VsAdmin admin = _db.VsAdmins.Select(a => a).First();
List <string> urls = _db.VsAppUrls.Select(u => u.RegisteredUrl).ToList();
List <string> ignoredIPs = _db.VsVisitors.Where(i => i.IsIgnored.Equals(true)).Select(i => i.Ipaddress).ToList();
int deletionDays = Convert.ToInt32(_config["IpDeletionDays:Days"]);
Config settings = new Config
{
AdminID = admin.Id,
Firstname = admin.Firstname,
Lastname = admin.Lastname,
Email = admin.Email,
AppID = app.Id,
ApplicationName = app.Name,
UrlList = urls,
IPList = ignoredIPs,
DaysBeforeDeletion = deletionDays < 1 ? 1 : deletionDays
};
return(View(settings));
}
catch (Exception e)
{
Console.Write(e.Message);
}
return(View());
}
return(RedirectToAction("Login", "Home"));
}
