public async Task <IActionResult> CheckPassword([FromForm] AccountCheckPasswordRequest request)
{
if (request == null || string.IsNullOrWhiteSpace(request.UserName) || string.IsNullOrWhiteSpace(request.Password))
{
return(BadRequest());
}
var user = await _userManager.FindByNameAsync(request.UserName);
// If the user does not exist, then return an empty result.
if (user == null)
{
return(NoContent());
}
// If the user does exist and they have not been migrated to the Azure Active Directory identity store with the SQL-managed
// password, then...
if (user.MigrationStatus == (int)MigrationStatus.New || user.MigrationStatus == (int)MigrationStatus.NotMigrated || user.MigrationStatus == (int)MigrationStatus.MigratedWithoutPassword)
{
var checkPasswordResult = await _userManager.CheckPasswordAsync(user, request.Password);
if (user.MigrationStatus == (int)MigrationStatus.NotMigrated)
{
var userClaims = await _userManager.GetClaimsAsync(user);
var displayNameClaim = userClaims.First(c => c.Type == DisplayNameClaimType);
var playerTagClaim = userClaims.FirstOrDefault(c => c.Type == PlayerTagClaimType);
// Create the user in the Azure Active Directory identity with either the SQL-managed password, if it is valid,
// or a generated password, if it is not valid.
await _graphService.CreateUserAsync(
request.UserName,
checkPasswordResult?request.Password : _passwordGenerator.GeneratePassword(),
displayNameClaim.Value,
"Activated",
playerTagClaim?.Value,
TermsOfServiceConsentedClaimValue);
user.MigrationStatus = checkPasswordResult ? (int)MigrationStatus.MigratedWithPassword : (int)MigrationStatus.MigratedWithoutPassword;
await _userManager.UpdateAsync(user);
}
else if (checkPasswordResult && (user.MigrationStatus == (int)MigrationStatus.New || user.MigrationStatus == (int)MigrationStatus.MigratedWithoutPassword))
{
// Update the password for the user in the Azure Active Directory identity store with the SQL-managed password.
await _graphService.SetUserPasswordAsync(request.UserName, request.Password);
user.MigrationStatus = (int)MigrationStatus.MigratedWithPassword;
await _userManager.UpdateAsync(user);
}
}
return(Ok(user));
}
public async Task <IActionResult> ChangePassword(ChangePasswordViewModel viewModel)
{
if (viewModel == null)
{
throw new ArgumentNullException(nameof(viewModel));
}
if (!ModelState.IsValid)
{
return(new EmptyResult());
}
var user = await _userManager.FindByIdAsync(viewModel.Id);
if (user == null)
{
throw new InvalidOperationException();
}
await _userManager.SetPasswordAsync(user, viewModel.NewPassword);
if (user.MigrationStatus == (int)MigrationStatus.NotMigrated)
{
var userClaims = await _userManager.GetClaimsAsync(user);
var displayNameClaim = userClaims.First(c => c.Type == DisplayNameClaimType);
var playerTagClaim = userClaims.FirstOrDefault(c => c.Type == PlayerTagClaimType);
await _graphService.CreateUserAsync(
user.UserName,
viewModel.NewPassword,
displayNameClaim.Value,
"NotActivated",
playerTagClaim?.Value,
TermsOfServiceConsentedClaimValue);
}
else
{
await _graphService.SetUserPasswordAsync(user.UserName, viewModel.NewPassword);
}
user.MigrationStatus = (int)MigrationStatus.MigratedWithPassword;
await _userManager.UpdateAsync(user);
return(RedirectToAction("Index"));
}
