public string DoLogin([FromBody] AuthLoginViewModel model)
{
List <DB.User> user;
using (ApplicationContext db = new ApplicationContext())
{
user = db.Users.Where(a => a.Email == model.Email && a.Password == HashPassword(model.Password)).ToList();
}
if (user.Count == 0)
{
return(JsonResponse.Error("incorrect login or password"));
}
else
{
Response.Cookies.Append("Email", model.Email, new Microsoft.AspNetCore.Http.CookieOptions()
{
Path = "/", Expires = DateTimeOffset.Now.AddDays(7)
});
Response.Cookies.Append("Session", GetNewSession(model.Email), new Microsoft.AspNetCore.Http.CookieOptions()
{
Path = "/", Expires = DateTimeOffset.Now.AddDays(7)
});
if (user[0].Role == "admin")
{
Response.Cookies.Append("IsAdmin", "it`s a secret!", new Microsoft.AspNetCore.Http.CookieOptions()
{
Path = "/", Expires = DateTimeOffset.Now.AddDays(7)
});
}
return(JsonResponse.Success());
}
}
public async Task <IActionResult> Login(AuthLoginViewModel loginData)
{
var failData = new { Result = 0, Msg = "Username or password is incorrect!" };
if (ModelState.IsValid)
{
var user = await _userManager.FindByNameAsync(loginData.Username);
if (user == null)
{
return(Ok(failData));
}
var result = await _signInManager.PasswordSignInAsync(user, loginData.Password, false, false);
if (result.Succeeded)
{
return(Ok(new
{
Result = 1,
Msg = "Welcome " + user.UserName + ", We hope you are in better health.",
User = user,
}));
}
}
return(Ok(failData));
}
public async Task <ActionResult> Login(AuthLoginViewModel registrar)
{
if (!ModelState.IsValid)
{
return(Result(ModelState));
}
var user = new IdentityUser
{
UserName = registrar.Login
};
var result = await _signInManager.PasswordSignInAsync(registrar.Login, registrar.Senha, false, true);
if (result.Succeeded)
{
return(Result(GerarToken()));
}
if (result.IsLockedOut)
{
NotificarErro("Usuário Temporariamente Bloqueado!");
}
if (result.IsNotAllowed)
{
NotificarErro("Usuário com Acesso Não Permitido!");
}
else
{
NotificarErro("Usuário e/ou Senha Invalidos!");
}
return(Result());
}
public ActionResult Login(string returnUrl)
{
if (this.User.Identity.IsAuthenticated)
{
return(this.RedirectToReturnUrl(returnUrl));
}
var model = new AuthLoginViewModel();
return(this.View(model));
}
public async Task <ActionResult> Login(AuthLoginViewModel model, string returnUrl)
{
if (ModelState.IsValid)
{
var user = await this.UserManager.FindAsync(model.Username, model.Password);
if (user != null)
{
this.SignInAsync(user, model.IsPersistent);
return(this.RedirectToReturnUrl(returnUrl));
}
this.ModelState.AddModelError("model", "Invalid username or password.");
}
return(this.View(model));
}
public ActionResult Login(AuthLoginViewModel form, string returnUrl)
{
var user = Database.Session.Query <User>().FirstOrDefault(u => u.UserName == form.UserName);
//if (user == null)
// SimpleBlog.Models.User.FakeHash();//prevent the "time attack" - if user is null then normaly there is no password to be hashed against and the request time is significantly lower. that makes hackers aware if a given username (often email) is registered on a given website. so we simply hash an empty string to prolong the request time
//if (user==null || !user.CheckPassword(form.Password))
// ModelState.AddModelError("UserName", "User Name or password is incorrect");
if (!ModelState.IsValid)
{
return(View(form));
}
FormsAuthentication.SetAuthCookie(user.UserName, true);
if (!string.IsNullOrWhiteSpace(returnUrl))
{
return(Redirect(returnUrl));
}
return(RedirectToRoute("Home"));
}
public string DoRegister([FromBody] AuthLoginViewModel model)
{
//if (model.Password != model.RePassword)
//{
// return JsonResponse.Error("passwords differ");
//}
using (ApplicationContext db = new ApplicationContext())
{
var res = db.Users.Where(a => a.Email == model.Email).ToList();
if (res.Count != 0)
{
return(JsonResponse.Error("user already exists"));
}
else
{
db.Users.Add(new DB.User()
{
Email = model.Email, Password = HashPassword(model.Password), Role = "user"
});
db.SaveChanges();
return(JsonResponse.Success());
}
}
}