using System.Security.Principal; using System.Threading.Tasks; using Microsoft.AspNet.Identity; using Microsoft.AspNet.Mvc; using Microsoft.AspNet.Mvc.ModelBinding; using MusicStore.Models; namespace MusicStore.Controllers { [Route("account")] [Authorize] public class AccountController : Controller { [FromServices] public UserManager UserManager { get; set; } [FromServices] public SignInManager SignInManager { get; set; } [AllowAnonymous] //Bug: https://github.com/aspnet/WebFx/issues/339 [HttpGet("login")] public IActionResult Login(string returnUrl) { ViewBag.ReturnUrl = returnUrl; return View(); } [HttpPost("login")] [AllowAnonymous] [ValidateAntiForgeryToken] public async Task Login(LoginViewModel model, string returnUrl) { if (ModelState.IsValid == true) { var result = await SignInManager.PasswordSignInAsync(model.UserName, model.Password, model.RememberMe, shouldLockout: false); if (result.Succeeded) { return RedirectToLocal(returnUrl); } if (result.IsLockedOut) { ModelState.AddModelError("", "User is locked out, try again later."); } else { ModelState.AddModelError("", "Invalid username or password."); return View(model); } } // If we got this far, something failed, redisplay form return View(model); } [AllowAnonymous] //Bug: https://github.com/aspnet/WebFx/issues/339 [HttpGet("register")] public IActionResult Register() { return View(); } [HttpPost("register")] [AllowAnonymous] [ValidateAntiForgeryToken] public async Task Register(RegisterViewModel model) { //Bug: https://github.com/aspnet/WebFx/issues/247 //if (ModelState.IsValid == true) { var user = new ApplicationUser { UserName = model.UserName }; var result = await UserManager.CreateAsync(user, model.Password); if (result.Succeeded) { await SignInManager.SignInAsync(user, isPersistent: false); return RedirectToAction("Home", "Page"); } else { AddErrors(result); } } // If we got this far, something failed, redisplay form return View(model); } [HttpGet("manage")] public IActionResult Manage(ManageMessageId? message = null) { ViewBag.StatusMessage = message == ManageMessageId.ChangePasswordSuccess ? "Your password has been changed." : message == ManageMessageId.Error ? "An error has occurred." : ""; ViewBag.ReturnUrl = Url.Action("Manage"); return View(); } [HttpPost("manage")] [ValidateAntiForgeryToken] public async Task Manage(ManageUserViewModel model) { ViewBag.ReturnUrl = Url.Action("Manage"); //Bug: https://github.com/aspnet/WebFx/issues/247 //if (ModelState.IsValid == true) { var user = await GetCurrentUserAsync(); var result = await UserManager.ChangePasswordAsync(user, model.OldPassword, model.NewPassword); if (result.Succeeded) { return RedirectToAction("Manage", new { Message = ManageMessageId.ChangePasswordSuccess }); } else { AddErrors(result); } } // If we got this far, something failed, redisplay form return View(model); } [HttpPost("logoff")] [ValidateAntiForgeryToken] public IActionResult LogOff() { SignInManager.SignOut(); return RedirectToAction("Home", "Page"); } #region Helpers private void AddErrors(IdentityResult result) { foreach (var error in result.Errors) { ModelState.AddModelError("", error.Description); } } private async Task GetCurrentUserAsync() { return await UserManager.FindByIdAsync(Context.User.Identity.GetUserId()); } public enum ManageMessageId { ChangePasswordSuccess, Error } private IActionResult RedirectToLocal(string returnUrl) { if (Url.IsLocalUrl(returnUrl)) { return Redirect(returnUrl); } else { return RedirectToAction("Index", "Home"); } } #endregion } }