public async Task <ActionResult <IList <KeyValuePair <string, Guid?> > > > GetSystemUserRoles()
{
var user = await _userManager.FindByNameAsync(User.Identity.Name);
var roles = await _userManager.GetGroupyfyRolesAsync(user);
return(Ok(roles));
}
public async Task <IActionResult> OnPostAsync(string returnUrl = null)
{
returnUrl = returnUrl ?? Url.Content("~/");
if (!ModelState.IsValid)
{
return(Page());
}
if (Input.Role.ToLower() == "candidate")
{
var user = await _userManager.FindByNameAsync(Input.Email);
if (user != null)
{
var isUserInCandidateRoleForCorporate = await _userManager.IsInGroupyfyRoleAsync(user, "candidate", Input.CorporateId);
if (isUserInCandidateRoleForCorporate)
{
ModelState.AddModelError("candidate", "Candidate already exists for this corporate");
return(Page());
}
var assignRoleResult = await _userManager.AddToGroupyfyRoleAsync(user, Input.Role, Input.CorporateId);
if (!assignRoleResult.Succeeded)
{
return(LocalRedirect($"/home/error?errorId={assignRoleResult.Errors.ToArray()[0].Code}"));
}
await _signInManager.SignInAsync(user, isPersistent : false);
return(LocalRedirect(returnUrl));
}
else
{
user = new GroupyfyUser {
UserName = Input.Email, Email = Input.Email
};
var result = await _userManager.CreateAsync(user);
if (result.Succeeded)
{
var assignRoleResult = await _userManager.AddToGroupyfyRoleAsync(user, "candidate", Input.CorporateId);
if (!assignRoleResult.Succeeded)
{
return(LocalRedirect($"/home/error?errorId={assignRoleResult.Errors.ToArray()[0].Code}"));
}
_logger.LogInformation("Candidate created");
await _signInManager.SignInAsync(user, isPersistent : false);
return(LocalRedirect(returnUrl));
}
foreach (var error in result.Errors)
{
ModelState.AddModelError(string.Empty, error.Description);
}
}
}
else
{
var user = new GroupyfyUser {
UserName = Input.Email, Email = Input.Email
};
var result = await _userManager.CreateAsync(user, Input.Password);
if (result.Succeeded)
{
var assignRoleResult = await _userManager.AddToGroupyfyRoleAsync(user, Input.Role, Input.CorporateId);
if (!assignRoleResult.Succeeded)
{
return(LocalRedirect($"/home/error?errorId={assignRoleResult.Errors.ToArray()[0].Code}"));
}
_logger.LogInformation("User created a new account with password.");
var code = await _userManager.GenerateEmailConfirmationTokenAsync(user);
var callbackUrl = Url.Page(
"/Account/ConfirmEmail",
pageHandler: null,
values: new { userId = user.Id, code = code },
protocol: Request.Scheme);
await _emailSender.SendEmailAsync(Input.Email, "Confirm your email",
$"Please confirm your account by <a href='{HtmlEncoder.Default.Encode(callbackUrl)}'>clicking here</a>.");
await _signInManager.SignInAsync(user, isPersistent : false);
return(LocalRedirect(returnUrl));
}
foreach (var error in result.Errors)
{
ModelState.AddModelError(string.Empty, error.Description);
}
}
// If we got this far, something failed, redisplay form
return(Page());
}
public async Task <IActionResult> Login(LoginInputModel model, string button)
{
// check if we are in the context of an authorization request
var context = await _interaction.GetAuthorizationContextAsync(model.ReturnUrl);
// the user clicked the "cancel" button
if (button != "login")
{
if (context != null)
{
// if the user cancels, send a result back into IdentityServer as if they
// denied the consent (even if this client does not require consent).
// this will send back an access denied OIDC error response to the client.
await _interaction.GrantConsentAsync(context, ConsentResponse.Denied);
// we can trust model.ReturnUrl since GetAuthorizationContextAsync returned non-null
if (await _clientStore.IsPkceClientAsync(context.ClientId))
{
// if the client is PKCE then we assume it's native, so this change in how to
// return the response is for better UX for the end user.
return(View("Redirect", new RedirectViewModel {
RedirectUrl = model.ReturnUrl
}));
}
return(Redirect(model.ReturnUrl));
}
else
{
// since we don't have a valid context, then we just go back to the home page
return(Redirect("~/"));
}
}
if (ModelState.IsValid)
{
var result = await _signInManager.PasswordSignInAsync(model.Username, model.Password, model.RememberLogin, lockoutOnFailure : true);
if (result.Succeeded)
{
var user = await _userManager.FindByNameAsync(model.Username);
await HttpContext.SignInAsync(IdentityConstants.ApplicationScheme, await StoreRememberClient(user));
await _events.RaiseAsync(new UserLoginSuccessEvent(user.UserName, user.Id.ToString(), user.UserName));
//if (context != null)
//{
// if (await _clientStore.IsPkceClientAsync(context.ClientId))
// {
// // if the client is PKCE then we assume it's native, so this change in how to
// // return the response is for better UX for the end user.
// return View("Redirect", new RedirectViewModel { RedirectUrl = model.ReturnUrl });
// }
// // we can trust model.ReturnUrl since GetAuthorizationContextAsync returned non-null
// return Redirect(model.ReturnUrl);
//}
return(RedirectToAction("PickRole", new { returnUrl = model.ReturnUrl }));
}
await _events.RaiseAsync(new UserLoginFailureEvent(model.Username, "invalid credentials"));
ModelState.AddModelError(string.Empty, AccountOptions.InvalidCredentialsErrorMessage);
}
// something went wrong, show form with error
var vm = await BuildLoginViewModelAsync(model);
return(View(vm));
}