61 lines
1.7 KiB
C#
61 lines
1.7 KiB
C#
using Authinator.Backend.Database;
|
|
using Authinator.Backend.Database.Tables;
|
|
using Authinator.Backend.Utils;
|
|
using Microsoft.AspNetCore.Mvc;
|
|
using Microsoft.AspNetCore.Mvc.RazorPages;
|
|
|
|
namespace Authinator.Pages;
|
|
|
|
public class UserResetModel : PageModel {
|
|
|
|
public User? ModelUser;
|
|
|
|
public IActionResult OnGet() {
|
|
var db = new DatabaseContext();
|
|
var id = int.Parse((string)(RouteData.Values["id"] ?? string.Empty));
|
|
var token = (string)(RouteData.Values["token"] ?? string.Empty);
|
|
var user = db.Users.FirstOrDefault(p => p.Id == id);
|
|
if (user is not { IsSignupComplete: true }) {
|
|
return BadRequest();
|
|
}
|
|
|
|
if (!user.ValidateResetToken(token)) {
|
|
return StatusCode(StatusCodes.Status403Forbidden);
|
|
}
|
|
|
|
ModelUser = user;
|
|
return Page();
|
|
}
|
|
|
|
public async Task<IActionResult> OnPost() {
|
|
if (Request.Form["action"] == "reset_password") {
|
|
var db = new DatabaseContext();
|
|
|
|
var id = int.Parse((string)(RouteData.Values["id"] ?? string.Empty));
|
|
var token = (string)(RouteData.Values["token"] ?? string.Empty);
|
|
var user = db.Users.FirstOrDefault(p => p.Id == id);
|
|
|
|
if (user is not { IsSignupComplete: true }) {
|
|
return BadRequest();
|
|
}
|
|
|
|
if (!user.ValidateResetToken(token)) {
|
|
return StatusCode(StatusCodes.Status403Forbidden);
|
|
}
|
|
|
|
if (string.IsNullOrWhiteSpace(Request.Form["password"]) || ((string)Request.Form["password"])!.Length < 8) {
|
|
return BadRequest(); //TODO "password too short" error message
|
|
}
|
|
|
|
user.SetPassword(Request.Form["password"]!);
|
|
user.Iteration++;
|
|
await db.SaveChangesAsync();
|
|
|
|
Response.Cookies.Delete(ConfigCache.CookieName);
|
|
return Redirect("/User");
|
|
}
|
|
|
|
return Redirect("/");
|
|
}
|
|
}
|