public IActionResult Login(IFormCollection input) { string errorFeedback = "Invalid login!"; try { VsAdmin existingUser = _db.VsAdmins.Where(a => a.Email.Equals(input["email"])).Select(a => a).First(); if (ValidLogin(existingUser, input["password"])) { HttpContext.Session.SetString("UserID", existingUser.Id.ToString()); TempData["UserID"] = HttpContext.Session.GetString("UserID"); // Get IP address for logged in admin user to be used later for admin visit storage: HttpContext.Session.SetString("AdminIP", HttpContext.Connection.RemoteIpAddress.ToString()); return(RedirectToAction("Settings", "Admin")); } else { ViewBag.Error = errorFeedback; } } catch (Exception e) { ViewBag.Error = errorFeedback; Console.Write(e.Message); } return(View(input)); }
public IActionResult AdminSettings(Config input) { if (ModelState.IsValid && HttpContext.Session.GetString("UserID") != null) { try { VsAdmin user = _db.VsAdmins.Find(input.AdminID); string userPassword = !string.IsNullOrEmpty(input.Password) ? hasher.HashPassword(user, input.Password) : user.Password; user.Id = input.AdminID; user.Firstname = input.Firstname; user.Lastname = input.Lastname; user.Email = input.Email; user.Password = userPassword; _db.VsAdmins.Update(user); _db.SaveChanges(); // Return Json to support Ajax submits: return(new JsonResult(input)); } catch (Exception e) { Console.Write(e.Message); } } // Get server side feedback: TempData["errors"] = ErrorFeedback(); return(RedirectToAction(nameof(Settings))); }
/// <summary> /// Utilize the ASP.NET Core Identity function to verify a user password. /// </summary> /// <param name="item">VsAdmins object.</param> /// <param name="passwordInput">User password input in plain text.</param> /// <returns>Valid or invalid login.</returns> public bool ValidLogin(VsAdmin item, string passwordInput) { var result = hasher.VerifyHashedPassword(item, item.Password, passwordInput); if (result == PasswordVerificationResult.Success) { return(true); } return(false); }
public IActionResult Settings() { // Check valid login: if (HttpContext.Session.GetString("UserID") != null) { try { // Catch server side validation messages if any: if (TempData["errors"] != null) { ViewBag.ErrorMessages = TempData["errors"]; } VsApplication app = _db.VsApplications.Select(a => a).First(); VsAdmin admin = _db.VsAdmins.Select(a => a).First(); List <string> urls = _db.VsAppUrls.Select(u => u.RegisteredUrl).ToList(); List <string> ignoredIPs = _db.VsVisitors.Where(i => i.IsIgnored.Equals(true)).Select(i => i.Ipaddress).ToList(); int deletionDays = Convert.ToInt32(_config["IpDeletionDays:Days"]); Config settings = new Config { AdminID = admin.Id, Firstname = admin.Firstname, Lastname = admin.Lastname, Email = admin.Email, AppID = app.Id, ApplicationName = app.Name, UrlList = urls, IPList = ignoredIPs, DaysBeforeDeletion = deletionDays < 1 ? 1 : deletionDays }; return(View(settings)); } catch (Exception e) { Console.Write(e.Message); } return(View()); } return(RedirectToAction("Login", "Home")); }