December 8, 2016 06:31
diff --git a/LoginController.cs b/LoginController.cs
 using AlpacaCore.SiteFramework.SimpleLogin.ViewModels;
 using Microsoft.AspNetCore.Authentication.Cookies;
 using Microsoft.AspNetCore.Mvc;
 using Microsoft.AspNetCore.Http.Authentication;
 using SiteFramework.Abstractions;
 using SiteFramework.Abstractions.Repositories;
 using System;
 using System.Security.Claims;
 using System.Threading.Tasks;
 using System.Collections.Generic;
 using System.Linq;

 namespace AlpacaCore.SiteFramework.SimpleLogin.Controllers
 {
 	public class LoginController : Controller
 	{
 		private readonly IAccountRepository _accountRepository;
 		private readonly ISiteContext _siteContext;

 		public LoginController(IAccountRepository accountRepository, ISiteContext siteContext)
 		{
 			_accountRepository = accountRepository;
 			_siteContext = siteContext;
 		}

 		[HttpGet]
 		public IActionResult Index()
 		{
 			var viewModel = new SignInViewModel();

 			if (Request.Query.ContainsKey("ReturnUrl"))
 			{
 				viewModel.ReturnUrl = Request.Query["ReturnUrl"];
 			}

 			return View(viewModel);
 		}

 		[HttpPost]
 		[ValidateAntiForgeryToken]
 		public async Task<IActionResult> Index(SignInViewModel signInViewModel)
 		{
 			if (ModelState.IsValid)
 			{
 				var account = await _accountRepository.SignInAsync(signInViewModel.UserId, signInViewModel.Password).ConfigureAwait(false);
 				if (account == null)
 				{
 					ModelState.AddModelError("", "Username or password is invalid.");
 				}
 				else
 				{
 					await SetPrincipalAsync(account, signInViewModel.RememberMe).ConfigureAwait(false);
 					return Redirect(signInViewModel.ReturnUrl ?? "~/");
 				}
 			}

 			return View(signInViewModel);
 		}

 		public async Task<IActionResult> SignOut()
 		{
 			await HttpContext.Authentication.SignOutAsync(CookieAuthenticationDefaults.AuthenticationScheme);
 			var redirectUrl = "~/";
 			if (Request.Query.ContainsKey("ReturnUrl"))
 			{
 				redirectUrl = Request.Query["ReturnUrl"];
 			}
 			return Redirect(redirectUrl);
 		}

 		private async Task SetPrincipalAsync(Account account, bool rememberMe)
 		{
 			var claims = new List<Claim>()
 			{
 				new Claim(ClaimTypes.Name, account.DisplayName),
 				new Claim(ClaimTypes.Sid, account.AccountId.ToString()),
 				new Claim(ClaimTypes.NameIdentifier, account.AccountName),
 				new Claim("loginTime", DateTime.UtcNow.ToString())
 			};
 			claims.AddRange(
 				(await _accountRepository.GetRolesAsync(account, _siteContext.Site).ConfigureAwait(false))
 					.Select(q => new Claim(ClaimTypes.Role, q))
 			);
 			var loginPrincipal = new ClaimsPrincipal(new ClaimsIdentity(claims, "SimpleLoginIdentity"));
 			await HttpContext.Authentication.SignInAsync(
 				CookieAuthenticationDefaults.AuthenticationScheme,
 				loginPrincipal,
 				new AuthenticationProperties
 				{
 					IsPersistent = rememberMe
 				});
 		}
 	}
 }
diff --git a/SimpleLoginModule.cs b/SimpleLoginModule.cs
 using SiteFramework.SimpleLogin.Abstractions;
 using System.Collections.Generic;
 using SiteFramework.Abstractions;
 using Microsoft.Extensions.DependencyInjection;
 using Microsoft.AspNetCore.Builder;
 using Microsoft.AspNetCore.Authentication.Cookies;
 using Microsoft.Extensions.Options;
 using Microsoft.AspNetCore.Http;

 namespace AlpacaCore.SiteFramework.SimpleLogin
 {
 	public class SimpleLoginModule : SimpleLoginModuleBase
 	{
 		private List<Route> _routes = new List<Route>();
 		public override IEnumerable<Route> Routes => _routes;

 		[RegisterServices]
 		public static void RegisterServices(IServiceCollection services, ISiteBuilder builder)
 		{
 			IsInstalled = true;
 			services.AddAuthentication();
 			services.AddOptions();
 			services.AddSingleton<IConfigureOptions<SimpleLoginOptions>, SimpleLoginConfigureOptions>();
 			services.AddSingleton<IHttpContextAccessor, HttpContextAccessor>();
 			services.AddScoped<IAccountAccessor, SimpleLoginAccountAccessor>();
 		}

 		[ConfigurePipeline]
 		public static void Configure(IApplicationBuilder app, IOptions<SimpleLoginOptions> options)
 		{
 			app.UseCookieAuthentication(new CookieAuthenticationOptions
 			{
 				AutomaticAuthenticate = true,
 				AutomaticChallenge = true,
 				AuthenticationScheme = CookieAuthenticationDefaults.AuthenticationScheme,
 				LoginPath = new PathString("/signin"),
 				AccessDeniedPath = new PathString("/signin"),
 				CookieName = options.Value.CookieName,
 				CookieSecure = options.Value.CookieSecure,
 				CookieDomain = options.Value.CookieDomain,
 				CookieHttpOnly = options.Value.CookieHttpOnly
 			});
 		}

 		public SimpleLoginModule()
 		{
 			_routes.Add(new Route("login", "signin/{action}", 1, new { controller = "Login", action = "Index" }));
 		}
 	}
 }
	using AlpacaCore.SiteFramework.SimpleLogin.ViewModels;
	using Microsoft.AspNetCore.Authentication.Cookies;
	using Microsoft.AspNetCore.Mvc;
	using Microsoft.AspNetCore.Http.Authentication;
	using SiteFramework.Abstractions;
	using SiteFramework.Abstractions.Repositories;
	using System;
	using System.Security.Claims;
	using System.Threading.Tasks;
	using System.Collections.Generic;
	using System.Linq;

	namespace AlpacaCore.SiteFramework.SimpleLogin.Controllers
	{
	public class LoginController : Controller
	{
	private readonly IAccountRepository _accountRepository;
	private readonly ISiteContext _siteContext;

	public LoginController(IAccountRepository accountRepository, ISiteContext siteContext)
	{
	_accountRepository = accountRepository;
	_siteContext = siteContext;
	}

	[HttpGet]
	public IActionResult Index()
	{
	var viewModel = new SignInViewModel();

	if (Request.Query.ContainsKey("ReturnUrl"))
	{
	viewModel.ReturnUrl = Request.Query["ReturnUrl"];
	}

	return View(viewModel);
	}

	[HttpPost]
	[ValidateAntiForgeryToken]
	public async Task<IActionResult> Index(SignInViewModel signInViewModel)
	{
	if (ModelState.IsValid)
	{
	var account = await _accountRepository.SignInAsync(signInViewModel.UserId, signInViewModel.Password).ConfigureAwait(false);
	if (account == null)
	{
	ModelState.AddModelError("", "Username or password is invalid.");
	}
	else
	{
	await SetPrincipalAsync(account, signInViewModel.RememberMe).ConfigureAwait(false);
	return Redirect(signInViewModel.ReturnUrl ?? "~/");
	}
	}

	return View(signInViewModel);
	}

	public async Task<IActionResult> SignOut()
	{
	await HttpContext.Authentication.SignOutAsync(CookieAuthenticationDefaults.AuthenticationScheme);
	var redirectUrl = "~/";
	if (Request.Query.ContainsKey("ReturnUrl"))
	{
	redirectUrl = Request.Query["ReturnUrl"];
	}
	return Redirect(redirectUrl);
	}

	private async Task SetPrincipalAsync(Account account, bool rememberMe)
	{
	var claims = new List<Claim>()
	{
	new Claim(ClaimTypes.Name, account.DisplayName),
	new Claim(ClaimTypes.Sid, account.AccountId.ToString()),
	new Claim(ClaimTypes.NameIdentifier, account.AccountName),
	new Claim("loginTime", DateTime.UtcNow.ToString())
	};
	claims.AddRange(
	(await _accountRepository.GetRolesAsync(account, _siteContext.Site).ConfigureAwait(false))
	.Select(q => new Claim(ClaimTypes.Role, q))
	);
	var loginPrincipal = new ClaimsPrincipal(new ClaimsIdentity(claims, "SimpleLoginIdentity"));
	await HttpContext.Authentication.SignInAsync(
	CookieAuthenticationDefaults.AuthenticationScheme,
	loginPrincipal,
	new AuthenticationProperties
	{
	IsPersistent = rememberMe
	});
	}
	}
	}
	using SiteFramework.SimpleLogin.Abstractions;
	using System.Collections.Generic;
	using SiteFramework.Abstractions;
	using Microsoft.Extensions.DependencyInjection;
	using Microsoft.AspNetCore.Builder;
	using Microsoft.AspNetCore.Authentication.Cookies;
	using Microsoft.Extensions.Options;
	using Microsoft.AspNetCore.Http;

	namespace AlpacaCore.SiteFramework.SimpleLogin
	{
	public class SimpleLoginModule : SimpleLoginModuleBase
	{
	private List<Route> _routes = new List<Route>();
	public override IEnumerable<Route> Routes => _routes;

	[RegisterServices]
	public static void RegisterServices(IServiceCollection services, ISiteBuilder builder)
	{
	IsInstalled = true;
	services.AddAuthentication();
	services.AddOptions();
	services.AddSingleton<IConfigureOptions<SimpleLoginOptions>, SimpleLoginConfigureOptions>();
	services.AddSingleton<IHttpContextAccessor, HttpContextAccessor>();
	services.AddScoped<IAccountAccessor, SimpleLoginAccountAccessor>();
	}

	[ConfigurePipeline]
	public static void Configure(IApplicationBuilder app, IOptions<SimpleLoginOptions> options)
	{
	app.UseCookieAuthentication(new CookieAuthenticationOptions
	{
	AutomaticAuthenticate = true,
	AutomaticChallenge = true,
	AuthenticationScheme = CookieAuthenticationDefaults.AuthenticationScheme,
	LoginPath = new PathString("/signin"),
	AccessDeniedPath = new PathString("/signin"),
	CookieName = options.Value.CookieName,
	CookieSecure = options.Value.CookieSecure,
	CookieDomain = options.Value.CookieDomain,
	CookieHttpOnly = options.Value.CookieHttpOnly
	});
	}

	public SimpleLoginModule()
	{
	_routes.Add(new Route("login", "signin/{action}", 1, new { controller = "Login", action = "Index" }));
	}
	}
	}