diff options
Diffstat (limited to 'src/Controllers/AccountController.cs')
| -rw-r--r-- | src/Controllers/AccountController.cs | 97 |
1 files changed, 97 insertions, 0 deletions
diff --git a/src/Controllers/AccountController.cs b/src/Controllers/AccountController.cs new file mode 100644 index 0000000..e1f6946 --- /dev/null +++ b/src/Controllers/AccountController.cs @@ -0,0 +1,97 @@ +using System; +using System.Collections.Generic; +using System.Linq; +using System.Security.Claims; +using System.Threading.Tasks; +using IOL.Fagprove.Data; +using IOL.Fagprove.Data.DTOs; +using IOL.Fagprove.Services.Interfaces; +using IOL.Fagprove.Utilities; +using Microsoft.AspNetCore.Authentication; +using Microsoft.AspNetCore.Authentication.Cookies; +using Microsoft.AspNetCore.Authorization; +using Microsoft.AspNetCore.Mvc; + +namespace IOL.Fagprove.Controllers +{ + public class AccountController : BaseController + { + private readonly AppDbContext _context; + private readonly IUserService _userService; + + public AccountController(AppDbContext context, IUserService userService) + { + _context = context; + _userService = userService; + } + + [HttpPost("login")] + [ValidateAntiForgeryToken] + [AllowAnonymous] + public async Task<ActionResult> Login(LoginDto data) + { + if (data.Password.IsMissing() || data.Username.IsMissing()) return BadRequest("Ett eller flere felt er ikke fylt inn."); + if (data.Username.IsEmail() == false) return BadRequest("Det ser ikke ut som en e-postadresse"); + var user = _context.Users.SingleOrDefault(u => u.Email == data.Username); + var passwordMatches = PasswordHasher.PasswordMatches(user?.Password ?? string.Empty, data.Password ?? string.Empty); + if (user == default || passwordMatches == false) return BadRequest("E-postadresse eller passord er feil"); + + var claims = new List<Claim> + { + new Claim(ClaimTypes.NameIdentifier, user.Id.ToString()), + new Claim(ClaimTypes.Name, user.Name), + new Claim(ClaimTypes.Role, user.Role.ToString()) + }; + + var claimsIdentity = new ClaimsIdentity(claims, CookieAuthenticationDefaults.AuthenticationScheme); + var authenticationProperties = new AuthenticationProperties + { + AllowRefresh = true, + IssuedUtc = DateTimeOffset.UtcNow + }; + + await HttpContext.SignInAsync(CookieAuthenticationDefaults.AuthenticationScheme, + new ClaimsPrincipal(claimsIdentity), authenticationProperties); + return Ok(); + } + + [HttpGet("logout")] + public async Task<ActionResult> Logout() + { + await HttpContext.SignOutAsync(CookieAuthenticationDefaults.AuthenticationScheme); + return Redirect("/"); + } + + [AllowAnonymous] + [HttpPost("forgot")] + public ActionResult StartForgotPasswordFlow(string email) + { + var user = _context.Users.SingleOrDefault(u => u.Email == email); + if (user == default) return Ok(); + var task = _userService.SetNewTemporaryPasswordAndNotifyUser(user); + if (task) return Ok(); + return StatusCode(500); + } + + [HttpPut("password")] + public ActionResult SetPasswordAfterTemporary(UpdatePasswordDto data) + { + var user = _context.Users.SingleOrDefault(u => u.Id == LoggedInUser.Id); + if (user == default) + { + SignOut(); + return Unauthorized(new { error = "Vi fant deg ikke i våre systemer." }); + } + + if (data.Password.IsMissing() || data.Password.IsMissing()) + { + return BadRequest(new { error = "Ett eller flere felt er ikke fylt inn." }); + } + if (data.Password.Length <= 5) return BadRequest(new { error = "Passordet er ikke langt nok." }); + if (data.Password != data.PasswordOnceMore) return BadRequest(new { error = "Passordene er forksjellige" }); + var passwordIsUpdated = _userService.UpdatePassword(user, data.Password); + if (passwordIsUpdated) return Ok(); + return StatusCode(500, new { error = "Noe gikk galt, vennligst prøv igjen senere." }); + } + } +}
\ No newline at end of file |