From 2cfee78597971b2e3e7e612eb9d7e8805e1aef85 Mon Sep 17 00:00:00 2001 From: ivarlovlie Date: Mon, 10 Aug 2020 21:35:58 +0200 Subject: add signing credentials --- src/server/Controllers/AccountController.cs | 29 ++++++++++++----------------- 1 file changed, 12 insertions(+), 17 deletions(-) (limited to 'src/server/Controllers') diff --git a/src/server/Controllers/AccountController.cs b/src/server/Controllers/AccountController.cs index 5c760e2..5e57201 100644 --- a/src/server/Controllers/AccountController.cs +++ b/src/server/Controllers/AccountController.cs @@ -1,7 +1,4 @@ using System; -using System.Collections.Generic; -using System.IO; -using System.Security.Claims; using System.Threading.Tasks; using Microsoft.AspNetCore.Authorization; using Microsoft.AspNetCore.Mvc; @@ -10,7 +7,6 @@ using Dough.Models.Database; using Dough.Models.Payloads; using Dough.Models.Results; using Dough.Services; -using Dough.Utilities; using IdentityServer4; using IdentityServer4.Services; using Microsoft.AspNetCore.Authentication; @@ -34,17 +30,16 @@ namespace Dough.Controllers _emailService = emailService; } - [HttpGet("login")] - public ActionResult GetLogin() + [HttpGet("logout")] + public async Task Logout(string returnUrl) { - var pathToLoginFile = Path.Combine(Directory.GetCurrentDirectory(), "AppData", "login.html"); - var fileContent = System.IO.File.ReadAllText(pathToLoginFile); - return Content(fileContent, "text/html"); + await HttpContext.SignOutAsync(); + return Redirect("http://localhost:3000"); } [HttpPost("login")] [ValidateAntiForgeryToken] - public async Task PostLogin(LoginPayload payload) + public async Task Login(LoginPayload payload) { if (!_interaction.IsValidReturnUrl(payload.ReturnUrl)) return BadRequest(new ErrorResult()); @@ -53,16 +48,18 @@ namespace Dough.Controllers if (user == default) { await Task.Delay(1500); - return BadRequest(new ErrorResult("Username or password is incorrect","Please try again with a different username and/or password")); + return BadRequest(new ErrorResult("Username or password is incorrect", + "Please try again with a different username and/or password")); } if (!user.VerifyPassword(payload.Password)) { await Task.Delay(1000); - return BadRequest(new ErrorResult("Username or password is incorrect","Please try again with a different username and/or password")); + return BadRequest(new ErrorResult("Username or password is incorrect", + "Please try again with a different username and/or password")); } - + var props = new AuthenticationProperties { AllowRefresh = true, @@ -74,7 +71,7 @@ namespace Dough.Controllers props.IsPersistent = true; props.ExpiresUtc = DateTime.UtcNow.AddDays(15); } - + var identityServerUser = new IdentityServerUser(user.Id.ToString()) { DisplayName = user.Username, @@ -82,13 +79,11 @@ namespace Dough.Controllers }; await HttpContext.SignInAsync(identityServerUser, props); - return Ok(payload.ReturnUrl); } - [HttpGet("forgot")] - public async Task ForgotPassword(string username) + public ActionResult ForgotPassword(string username) { var user = _context.Users.SingleByNameOrDefault(username); if (user == default) return Ok(); -- cgit v1.3