From c7d72be2d1eed9b7fbfe719752ff800653d8c089 Mon Sep 17 00:00:00 2001
From: ivarlovlie <git@ivarlovlie.no>
Date: Sun, 2 Aug 2020 00:04:06 +0200
Subject: change db, set cookie

---
 src/server/Controllers/AccountController.cs | 16 +++++++++-------
 src/server/Controllers/BaseController.cs    |  1 -
 2 files changed, 9 insertions(+), 8 deletions(-)

(limited to 'src/server/Controllers')

diff --git a/src/server/Controllers/AccountController.cs b/src/server/Controllers/AccountController.cs
index 58bb7b6..ee87a68 100644
--- a/src/server/Controllers/AccountController.cs
+++ b/src/server/Controllers/AccountController.cs
@@ -8,6 +8,7 @@ using Microsoft.AspNetCore.Authorization;
 using Microsoft.AspNetCore.Mvc;
 using Dough.Models;
 using Dough.Models.Database;
+using Dough.Models.Payloads;
 using Dough.Models.Results;
 using Dough.Utilities;
 
@@ -23,24 +24,25 @@ namespace Dough.Controllers
         }
 
         [HttpPost("login")]
-        public async Task<ActionResult> Login(string username, string password)
+        public async Task<ActionResult> Login(LoginPayload payload)
         {
-            var user = _context.Users.SingleByNameOrDefault(username);
+            var user = _context.Users.SingleByNameOrDefault(payload.Username);
             if (user == default)
                 return BadRequest(new ErrorResult("Ugyldig brukernavn eller passord",
                     "Verifiser at passord og brukernavn er riktig og prøv igjen"));
 
-            if (!user.VerifyPassword(password))
+            if (!user.VerifyPassword(payload.Password))
                 return BadRequest(new ErrorResult("Ugyldig brukernavn eller passord",
                     "Verifiser at passord og brukernavn er riktig"));
 
             var claims = new List<Claim>
             {
                 new Claim(ClaimTypes.Name, user.Username),
-                new Claim(ClaimTypes.NameIdentifier, user.Id.ToString())
+                new Claim(ClaimTypes.NameIdentifier, user.Id.ToString()),
+                new Claim(ClaimTypes.AuthenticationInstant, DateTime.UtcNow.ToString("O"))
             };
 
-            var claimsIdentity = new ClaimsIdentity(claims, CookieAuthenticationDefaults.AuthenticationScheme);
+            var claimsIdentity = new ClaimsIdentity(claims, Constants.AuthenticationScheme);
             var claimsPrincipal = new ClaimsPrincipal(claimsIdentity);
 
             var authenticationProperties = new AuthenticationProperties
@@ -51,7 +53,7 @@ namespace Dough.Controllers
                 ExpiresUtc = DateTime.UtcNow.AddDays(7),
             };
 
-            await HttpContext.SignInAsync(CookieAuthenticationDefaults.AuthenticationScheme,
+            await HttpContext.SignInAsync(Constants.AuthenticationScheme,
                 claimsPrincipal,
                 authenticationProperties);
 
@@ -61,7 +63,7 @@ namespace Dough.Controllers
         [HttpGet("logout")]
         public async Task<ActionResult> Logout(string continueTo = default)
         {
-            await HttpContext.SignOutAsync(CookieAuthenticationDefaults.AuthenticationScheme);
+            await HttpContext.SignOutAsync(Constants.AuthenticationScheme);
             if (continueTo.IsPresent() && continueTo.IsValidUrl()) return Redirect(continueTo);
             return Ok();
         }
diff --git a/src/server/Controllers/BaseController.cs b/src/server/Controllers/BaseController.cs
index 33f1e4b..046c060 100644
--- a/src/server/Controllers/BaseController.cs
+++ b/src/server/Controllers/BaseController.cs
@@ -1,7 +1,6 @@
 using System;
 using System.Security.Claims;
 using Microsoft.AspNetCore.Mvc;
-using Dough.Models.Database;
 using Dough.Utilities;
 
 namespace Dough.Controllers
-- 
cgit v1.3