| using ContactManagementAPI.Data; |
| using ContactManagementAPI.Models; |
| using ContactManagementAPI.Services; |
| using ContactManagementAPI.ViewModels; |
| using Microsoft.AspNetCore.Identity; |
| using Microsoft.AspNetCore.Mvc; |
| using Microsoft.EntityFrameworkCore; |
|
|
| namespace ContactManagementAPI.Controllers |
| { |
| public class AccountController : Controller |
| { |
| private readonly ApplicationDbContext _context; |
| private readonly PasswordHasher<AppUser> _passwordHasher = new(); |
|
|
| public AccountController(ApplicationDbContext context) |
| { |
| _context = context; |
| } |
|
|
| [HttpGet] |
| public IActionResult Login(string? returnUrl = null) |
| { |
| return View(new LoginViewModel { ReturnUrl = returnUrl }); |
| } |
|
|
| [HttpPost] |
| [ValidateAntiForgeryToken] |
| public IActionResult Login(LoginViewModel model) |
| { |
| if (!ModelState.IsValid) |
| return View(model); |
|
|
| var user = _context.AppUsers |
| .Include(u => u.Group) |
| .FirstOrDefault(u => u.UserName == model.UserName); |
|
|
| if (user == null || !user.IsActive) |
| { |
| ModelState.AddModelError(string.Empty, "Invalid username or password."); |
| return View(model); |
| } |
|
|
| var result = _passwordHasher.VerifyHashedPassword(user, user.PasswordHash, model.Password); |
| if (result == PasswordVerificationResult.Failed) |
| { |
| ModelState.AddModelError(string.Empty, "Invalid username or password."); |
| return View(model); |
| } |
|
|
| HttpContext.Session.SetInt32(SessionKeys.UserId, user.Id); |
| return Redirect(string.IsNullOrWhiteSpace(model.ReturnUrl) ? "/" : model.ReturnUrl); |
| } |
|
|
| public IActionResult Logout() |
| { |
| HttpContext.Session.Clear(); |
| return RedirectToAction("Login"); |
| } |
|
|
| public IActionResult AccessDenied() |
| { |
| return View(); |
| } |
| } |
| } |
|
|
