public async Task <IActionResult> OnPostAsync() { if (!ModelState.IsValid) { // the Required parts on the model will automatically print for us return(Page()); // no point in logging in then } BL.User user = null; try { user = BL.User.GetUser(loginData.Username); } catch (Exception e) { ModelState.AddModelError("", "There was an exception from the system getting the user info;" + "report this to an administrator: " + e.Message); return(Page()); } if (user == null) { ModelState.AddModelError("", "There is no user with that username."); return(Page()); } if (!user.ValidatePassword(loginData.Password)) { ModelState.AddModelError("", "The password doesn't match."); return(Page()); } var identity = new ClaimsIdentity(CookieAuthenticationDefaults.AuthenticationScheme, ClaimTypes.Name, ClaimTypes.Role); identity.AddClaim(new Claim(ClaimTypes.NameIdentifier, user.Id.ToString(), ClaimValueTypes.Integer)); identity.AddClaim(new Claim(ClaimTypes.Name, user.Username)); if (!string.IsNullOrWhiteSpace(user.Name)) { identity.AddClaim(new Claim(ClaimTypes.GivenName, user.Name)); } var roles = user.GetRoles(); if (roles != null && roles.Count() > 0) { identity.AddClaims(roles.Select(x => new Claim(ClaimTypes.Role, x.Name))); } var principal = new ClaimsPrincipal(identity); await HttpContext.SignInAsync(CookieAuthenticationDefaults.AuthenticationScheme, principal, new AuthenticationProperties { IsPersistent = loginData.RememberMe }); return(RedirectToPage("Index")); }
// XXX: turn into a route with args? public IActionResult OnPost() { // we still perform a bunch of verification in case someone tries to bamboozle us if (!AllowedToChangePassword()) { ModelState.AddModelError("", "You aren't allowed to change the password of someone else."); return(Page()); } bool error = false; BL.User user = BL.User.GetUser(TargetUserId); if (user == null) { ModelState.AddModelError("", "The user isn't valid."); return(Page()); } if (!ModelState.IsValid) { ModelState.AddModelError("", "One of the values is blank."); error = true; } if (User.UserIdMatches(TargetUserId) && !user.ValidatePassword(OldPassword)) { ModelState.AddModelError("", "The current password isn't valid."); error = true; } if (User.UserIdMatches(TargetUserId) && OldPassword == NewPassword) { ModelState.AddModelError("", "The old and new password are the same."); error = true; } if (NewPassword != NewPasswordRepeat) { ModelState.AddModelError("", "The new passwords don't match."); error = true; } // TODO: This would be a good place to put password validation rules if we had any. // any errors that are pointless do any work with, stop here if (error) { return(Page()); } try { if (user.ChangePassword(NewPassword) != null) { ModelState.AddModelError("", "The password couldn't be changed."); } } catch (Exception e) { ModelState.AddModelError("", "There was an exception from the system changing the password;" + "report this to an administrator: " + e.Message); } // success should be a redirect tbh (if self, back to index, otherwise, let them change more passwords) // XXX: Sign out? return(RedirectToPage(User.UserIdMatches(TargetUserId) ? "/Index" : "/ViewUsers")); }