auth user

author: ivarlovlie <git@ivarlovlie.no> 2020-08-09 15:51:33 +0200
committer: ivarlovlie <git@ivarlovlie.no> 2020-08-09 15:51:33 +0200
commit: 8614d18522441543e08c37c68121fed1fa8d6ae7 (patch)
tree: dd53ae13bdf269098e385107d27dcc2a0d8d73db /src/server/Controllers/AccountController.cs
parent: 9b2c6f550a3a705e02dc4f86797c9223ad59d5fa (diff)
download: dough-8614d18522441543e08c37c68121fed1fa8d6ae7.tar.xz
dough-8614d18522441543e08c37c68121fed1fa8d6ae7.zip
1 files changed, 57 insertions, 14 deletions
diff --git a/src/server/Controllers/AccountController.cs b/src/server/Controllers/AccountController.cs
index fe7b7a2..5c760e2 100644
--- a/src/server/Controllers/AccountController.cs
+++ b/src/server/Controllers/AccountController.cs
@@ -1,11 +1,20 @@
 using System;
+using System.Collections.Generic;
+using System.IO;
+using System.Security.Claims;
 using System.Threading.Tasks;
 using Microsoft.AspNetCore.Authorization;
 using Microsoft.AspNetCore.Mvc;
 using Dough.Models;
 using Dough.Models.Database;
+using Dough.Models.Payloads;
+using Dough.Models.Results;
+using Dough.Services;
 using Dough.Utilities;
+using IdentityServer4;
 using IdentityServer4.Services;
+using Microsoft.AspNetCore.Authentication;
+using Microsoft.AspNetCore.Http;
 
 namespace Dough.Controllers
 {
@@ -13,34 +22,68 @@ namespace Dough.Controllers
     public class AccountController : BaseController
     {
         private readonly MainDbContext _context;
-        private readonly IIdentityServerInteractionService _identityServerInteractionService;
+        private readonly IIdentityServerInteractionService _interaction;
+        private readonly EmailService _emailService;
 
         public AccountController(MainDbContext context,
-            IIdentityServerInteractionService identityServerInteractionService)
+            IIdentityServerInteractionService interaction,
+            EmailService emailService)
         {
             _context = context;
-            _identityServerInteractionService = identityServerInteractionService;
+            _interaction = interaction;
+            _emailService = emailService;
         }
 
+        [HttpGet("login")]
+        public ActionResult GetLogin()
+        {
+            var pathToLoginFile = Path.Combine(Directory.GetCurrentDirectory(), "AppData", "login.html");
+            var fileContent = System.IO.File.ReadAllText(pathToLoginFile);
+            return Content(fileContent, "text/html");
+        }
 
-        // This is the default route for identityserver4 logins (https://identityserver4.readthedocs.io/en/latest/topics/signin.html#login-workflow)
         [HttpPost("login")]
-        public async Task<ActionResult> Login(string returnUrl)
+        [ValidateAntiForgeryToken]
+        public async Task<ActionResult> PostLogin(LoginPayload payload)
         {
-            if (returnUrl.IsMissing() || !_identityServerInteractionService.IsValidReturnUrl(returnUrl))
-                return BadRequest("route parameter returnUrl is invalid");
+            if (!_interaction.IsValidReturnUrl(payload.ReturnUrl))
+                return BadRequest(new ErrorResult());
 
+            var user = _context.Users.SingleByNameOrDefault(payload.Username);
+            if (user == default)
+            {
+                await Task.Delay(1500);
+                return BadRequest(new ErrorResult("Username or password is incorrect","Please try again with a different username and/or password"));
+            }
 
-            Console.WriteLine("returnUrl: " + returnUrl);
-            var reqBody = await HttpContext.Request.ReadFormAsync();
-            foreach (var formEl in reqBody)
+            if (!user.VerifyPassword(payload.Password))
             {
-                Console.WriteLine(formEl.Key);
-                foreach (var value in formEl.Value)
-                    Console.WriteLine(" - " + value);
+                await Task.Delay(1000);
+                return BadRequest(new ErrorResult("Username or password is incorrect","Please try again with a different username and/or password"));
             }
 
-            return Ok();
+            
+            var props = new AuthenticationProperties
+            {
+                AllowRefresh = true,
+                IssuedUtc = DateTime.UtcNow,
+            };
+
+            if (payload.Persist)
+            {
+                props.IsPersistent = true;
+                props.ExpiresUtc = DateTime.UtcNow.AddDays(15);
+            }
+            
+            var identityServerUser = new IdentityServerUser(user.Id.ToString())
+            {
+                DisplayName = user.Username,
+                AuthenticationTime = DateTime.UtcNow,
+            };
+
+            await HttpContext.SignInAsync(identityServerUser, props);
+            
+            return Ok(payload.ReturnUrl);
         }
author	ivarlovlie <git@ivarlovlie.no>	2020-08-09 15:51:33 +0200
committer	ivarlovlie <git@ivarlovlie.no>	2020-08-09 15:51:33 +0200
commit	8614d18522441543e08c37c68121fed1fa8d6ae7 (patch)
tree	dd53ae13bdf269098e385107d27dcc2a0d8d73db /src/server/Controllers/AccountController.cs
parent	9b2c6f550a3a705e02dc4f86797c9223ad59d5fa (diff)
download	dough-8614d18522441543e08c37c68121fed1fa8d6ae7.tar.xz dough-8614d18522441543e08c37c68121fed1fa8d6ae7.zip