@using System.Net @namespace Oqtane.Modules.Admin.Login @inherits ModuleBase @inject NavigationManager NavigationManager @inject IUserService UserService @inject ISettingService SettingService @inject IServiceProvider ServiceProvider @inject IStringLocalizer Localizer @inject IStringLocalizer SharedLocalizer @if (PageState.User != null) { } else { @if (!twofactor) {

@if (_allowexternallogin) {

} @if (_allowsitelogin) {

Username:

Password:

@if (!_alwaysremember) {

Remember Me?

}

@if (PageState.Site.AllowRegistration) {

@Localizer["Register"] } }

} else { } } @code { private bool _allowsitelogin = true; private bool _allowexternallogin = false; private ElementReference login; private bool validated = false; private bool twofactor = false; private string _username = string.Empty; private ElementReference username; private string _password = string.Empty; private string _passwordtype = "password"; private string _togglepassword = string.Empty; private bool _remember = false; private bool _alwaysremember = false; private string _code = string.Empty; public override SecurityAccessLevel SecurityAccessLevel => SecurityAccessLevel.Anonymous; public override bool? Prerender => true; public override List Resources => new List() { new Resource { ResourceType = ResourceType.Stylesheet, Url = ModulePath() + "Module.css" } }; protected override async Task OnInitializedAsync() { try { _allowexternallogin = (SettingService.GetSetting(PageState.Site.Settings, "ExternalLogin:ProviderType", "") != "") ? true : false; _allowsitelogin = bool.Parse(SettingService.GetSetting(PageState.Site.Settings, "LoginOptions:AllowSiteLogin", "true")); _alwaysremember = bool.Parse(SettingService.GetSetting(PageState.Site.Settings, "LoginOptions:AlwaysRemember", "false")); _togglepassword = SharedLocalizer["ShowPassword"]; if (PageState.QueryString.ContainsKey("name")) { _username = PageState.QueryString["name"]; } if (PageState.QueryString.ContainsKey("token") && !string.IsNullOrEmpty(_username)) { var user = new User(); user.SiteId = PageState.Site.SiteId; user.Username = _username; if (PageState.QueryString.ContainsKey("key")) { user = await UserService.LinkUserAsync(user, PageState.QueryString["token"], PageState.Site.Settings["ExternalLogin:ProviderType"], PageState.QueryString["key"], PageState.Site.Settings["ExternalLogin:ProviderName"]); if (user != null) { await logger.LogInformation(LogFunction.Security, "External Login Linkage Successful For Username {Username}", _username); AddModuleMessage(Localizer["Success.Account.Linked"], MessageType.Info); } else { await logger.LogError(LogFunction.Security, "External Login Linkage Failed For Username {Username}", _username); AddModuleMessage(Localizer["Message.Account.NotLinked"], MessageType.Warning); } _username = ""; } else { user = await UserService.VerifyEmailAsync(user, PageState.QueryString["token"]); if (user != null) { await logger.LogInformation(LogFunction.Security, "Email Verified For For Username {Username}", _username); AddModuleMessage(Localizer["Success.Account.Verified"], MessageType.Info); } else { await logger.LogError(LogFunction.Security, "Email Verification Failed For Username {Username}", _username); AddModuleMessage(Localizer["Message.Account.NotVerified"], MessageType.Warning); } } } else { if (PageState.QueryString.ContainsKey("status")) { AddModuleMessage(Localizer["ExternalLoginStatus." + PageState.QueryString["status"]], MessageType.Info); } } } catch (Exception ex) { await logger.LogError(ex, "Error Loading Login {Error}", ex.Message); AddModuleMessage(Localizer["Error.LoadLogin"], MessageType.Error); } } protected override async Task OnAfterRenderAsync(bool firstRender) { if (firstRender && PageState.User == null && _allowsitelogin) { if (!string.IsNullOrEmpty(username.Id)) // ensure username is visible in UI { await username.FocusAsync(); } } // redirect logged in user to specified page if (PageState.User != null && !UserSecurity.IsAuthorized(PageState.User, RoleNames.Admin)) { NavigationManager.NavigateTo(PageState.ReturnUrl); } } private async Task Login() { try { validated = true; var interop = new Interop(JSRuntime); if (await interop.FormValid(login)) { var hybrid = (PageState.Runtime == Shared.Runtime.Hybrid); var user = new User { SiteId = PageState.Site.SiteId, Username = _username, Password = _password, LastIPAddress = SiteState.RemoteIPAddress}; if (!twofactor) { _remember = _alwaysremember || _remember; user = await UserService.LoginUserAsync(user, hybrid, _remember); } else { user = await UserService.VerifyTwoFactorAsync(user, _code); } if (user != null && user.IsAuthenticated) { await logger.LogInformation(LogFunction.Security, "Login Successful For {Username} From IP Address {IPAddress}", _username, SiteState.RemoteIPAddress); // return url is not specified if user navigated directly to login page var returnurl = (!string.IsNullOrEmpty(PageState.ReturnUrl)) ? PageState.ReturnUrl : PageState.Alias.Path; if (hybrid) { // hybrid apps utilize an interactive login var authstateprovider = (IdentityAuthenticationStateProvider)ServiceProvider.GetService(typeof(IdentityAuthenticationStateProvider)); authstateprovider.NotifyAuthenticationChanged(); NavigationManager.NavigateTo(NavigateUrl(returnurl, true)); } else { // post back to the Login page so that the cookies are set correctly var fields = new { __RequestVerificationToken = SiteState.AntiForgeryToken, username = _username, password = _password, remember = _remember, returnurl = WebUtility.UrlEncode(returnurl) }; string url = Utilities.TenantUrl(PageState.Alias, "/pages/login/"); await interop.SubmitForm(url, fields); } } else { if (SettingService.GetSetting(PageState.Site.Settings, "LoginOptions:TwoFactor", "false") == "required" || (user != null && user.TwoFactorRequired)) { twofactor = true; validated = false; AddModuleMessage(Localizer["Message.TwoFactor"], MessageType.Info); } else { if (!twofactor) { await logger.LogInformation(LogFunction.Security, "Login Failed For Username {Username}", _username); AddModuleMessage(Localizer["Error.Login.Fail"], MessageType.Error); } else { await logger.LogInformation(LogFunction.Security, "Two Factor Verification Failed For Username {Username}", _username); AddModuleMessage(Localizer["Error.TwoFactor.Fail"], MessageType.Error); } } } } else { AddModuleMessage(Localizer["Message.Required.UserInfo"], MessageType.Warning); } } catch (Exception ex) { await logger.LogError(ex, "Error Performing Login {Error}", ex.Message); AddModuleMessage(Localizer["Error.Login"], MessageType.Error); } } private void Cancel() { NavigationManager.NavigateTo(PageState.ReturnUrl); } private async Task Forgot() { try { if (_username != string.Empty) { var user = await UserService.GetUserAsync(_username, PageState.Site.SiteId); if (user != null) { await UserService.ForgotPasswordAsync(user); await logger.LogInformation(LogFunction.Security, "Password Reset Notification Sent For Username {Username}", _username); AddModuleMessage(Localizer["Message.ForgotUser"], MessageType.Info); } else { AddModuleMessage(Localizer["Message.UserDoesNotExist"], MessageType.Warning); } } else { AddModuleMessage(Localizer["Message.ForgotPassword"], MessageType.Info); } StateHasChanged(); } catch (Exception ex) { await logger.LogError(ex, "Error Resetting Password {Error}", ex.Message); AddModuleMessage(Localizer["Error.ResetPassword"], MessageType.Error); } } private void Reset() { twofactor = false; _username = ""; _password = ""; ClearModuleMessage(); StateHasChanged(); } private async Task KeyPressed(KeyboardEventArgs e) { if (e.Code == "Enter" || e.Code == "NumpadEnter") { await Login(); } } private void TogglePassword() { if (_passwordtype == "password") { _passwordtype = "text"; _togglepassword = SharedLocalizer["HidePassword"]; } else { _passwordtype = "password"; _togglepassword = SharedLocalizer["ShowPassword"]; } } private void ExternalLogin() { NavigationManager.NavigateTo(Utilities.TenantUrl(PageState.Alias, "/pages/external?returnurl=" + WebUtility.UrlEncode(PageState.ReturnUrl)), true); } }