public async Task <IActionResult> Login(LoginModel model, UserServices Svc, CrytoUtilsExtensions Cryto) { if (ModelState.IsValid) { Users user = Svc.GetUser(Input.User.Username); //AuthenticateUser(Input.Email, Input.Password); if (user == null) { ModelState.AddModelError(string.Empty, "Invalid login attempt."); model.Message = "Invalid login attempt."; return(View(model)); } if (!user.Enabled) { ModelState.AddModelError(string.Empty, "Login account Disabled."); model.Message = "Login account Disabled."; return(View(model)); } if (user.ToChange) { //Redirect Page to Change Password, Before Contininuing. } if (!Cryto.Decrypt(user.Password).Equals(Input.User.Password)) { ModelState.AddModelError(string.Empty, "Login Failed. Invalid password."); model.Message = "Login Failed. Invalid password."; return(View(model)); } var claims = new List <Claim> { new Claim(ClaimTypes.Name, user.Name), new Claim(ClaimTypes.UserData, user.Username), new Claim(ClaimTypes.Actor, user.Id.ToString()), new Claim(ClaimTypes.Role, "Administrator"), }; var claimsIdentity = new ClaimsIdentity( claims, CookieAuthenticationDefaults.AuthenticationScheme); var authProperties = new AuthenticationProperties { AllowRefresh = true, ExpiresUtc = DateTimeOffset.UtcNow.AddMinutes(60), IsPersistent = true, }; await HttpContext.SignInAsync( CookieAuthenticationDefaults.AuthenticationScheme, new ClaimsPrincipal(claimsIdentity), authProperties); return(LocalRedirect("/")); } return(View(model)); }
public IActionResult ChangePassword(UserService service, CrytoUtilsExtensions Cryto) { Users user = service.GetUser(UserView.User.Username); if (!Cryto.Decrypt(user.Password).Equals(UserView.User.Password)) { return(LocalRedirect("/accounts/users/" + user.Uuid + "?status=403")); } user.UpdatePassword(Cryto.Encrypt(UserView.Password)); if (user.Id.Equals(int.Parse(HttpContext.User.FindFirst(ClaimTypes.Actor).Value))) { return(LocalRedirect("/Account/Logout")); } return(LocalRedirect("/accounts/users/" + user.Uuid + "?status=ok")); }
public async Task <IActionResult> Login(LoginModel model, CrytoUtilsExtensions Cryto) { if (ModelState.IsValid) { Users user = IService.GetUser(Input.User.Username); //AuthenticateUser(Input.Email, Input.Password); if (user == null) { ModelState.AddModelError(string.Empty, "Invalid login attempt."); model.Message = "Invalid login attempt."; return(View(model)); } if (!user.Enabled) { ModelState.AddModelError(string.Empty, "Login account Disabled."); model.Message = "Login account Disabled."; return(View(model)); } if (!Cryto.Decrypt(user.Password).Equals(Input.User.Password)) { ModelState.AddModelError(string.Empty, "Login Failed. Invalid password."); model.Message = "Login Failed. Invalid password."; return(View(model)); } var claims = new List <Claim> { new Claim(ClaimTypes.Name, user.Name), new Claim(ClaimTypes.Sid, user.Uuid), new Claim(ClaimTypes.UserData, user.Username), new Claim(ClaimTypes.Actor, user.Id.ToString()) }; if (string.IsNullOrEmpty(model.Password)) { if (user.ToChange) { model.ToChange = 1; return(View(model)); } } else { user.Password = Cryto.Encrypt(model.Password); user.UpdatePassword(); } user.UpdateLastAccess(); foreach (var roles in user.GetRoles()) { claims.Add(new Claim(ClaimTypes.Role, roles.Role.Name)); } var claimsIdentity = new ClaimsIdentity( claims, CookieAuthenticationDefaults.AuthenticationScheme); var authProperties = new AuthenticationProperties { AllowRefresh = true, ExpiresUtc = DateTimeOffset.UtcNow.AddMinutes(180), IsPersistent = true, }; await HttpContext.SignInAsync( CookieAuthenticationDefaults.AuthenticationScheme, new ClaimsPrincipal(claimsIdentity), authProperties); if (!string.IsNullOrEmpty(Input.ReturnUrl.Trim())) { return(LocalRedirect(Input.ReturnUrl.Trim())); } return(LocalRedirect("/")); } return(View(model)); }