public ActionResult ChangePassword(Guid id, AdministratorLoginModel administratorLogin)
{
var administrator = _administratorsQuery.GetAdministrator(id);
if (administrator == null)
{
return(NotFound("administrator", "id", id));
}
var credentials = _loginCredentialsQuery.GetCredentials(id);
if (credentials == null)
{
return(NotFound("administrator", "id", id));
}
try
{
// Validate.
administratorLogin.Validate();
// Update.
credentials.PasswordHash = LoginCredentials.HashToString(administratorLogin.Password);
_loginCredentialsCommand.UpdateCredentials(administrator.Id, credentials, User.Id().Value);
const string message = "The password has been reset.";
return(RedirectToRouteWithConfirmation(AdministratorsRoutes.Edit, new { id }, message));
}
catch (UserException ex)
{
ModelState.AddModelError(ex, new StandardErrorHandler());
}
administratorLogin.LoginId = credentials.LoginId;
return(View("Edit", new UserModel <Administrator, AdministratorLoginModel>
{
User = _administratorsQuery.GetAdministrator(id),
UserLogin = administratorLogin,
}));
}
//[ValidateAntiForgeryToken]
public async Task <IActionResult> Login(AdministratorLoginModel model)
{
var result = await _signInManager.PasswordSignInAsync(model.Email, model.Password, false, lockoutOnFailure : true);
if (result == SignInResult.TwoFactorRequired)
{
//return RedirectToAction(nameof(LoginWith2fa), new { returnUrl, model.RememberMe });
}
if (result == SignInResult.Failed)
{
return(BadRequest("Email or password is incorrect."));
}
if (result == SignInResult.LockedOut)
{
return(new UnauthorizedObjectResult("Account locked out."));
}
if (result == SignInResult.NotAllowed)
{
return(new UnauthorizedObjectResult("Access denied."));
}
var account = await _accountService.GetAccountByEmailAsync <AdministratorAccount>(model.Email);
if (account.IsOnline)
{
return(BadRequest("Already logged in."));
}
var remoteAddress = HttpContext.Connection.RemoteIpAddress.ToString();
account.Ip = remoteAddress;
account.IsOnline = true;
account.LastLoginDate = DateTime.UtcNow;
await _accountService.UpdateEntityAsync(account);
var newToken = await _accessTokenService.GenerateTokenAsync(account);
var isSuccess = await _accessTokenService.SaveTokenAsync <AdministratorAccount>(newToken, account.Id);
return(Ok(new { Message = "Admin log in.", newToken }));
}
