using Hcs.WebApp.Data; using Microsoft.AspNetCore.Authorization; using Microsoft.AspNetCore.Identity; using Microsoft.AspNetCore.Mvc; using Radzen; using System.Security.Claims; namespace Hcs.WebApp.Controllers { [Route("identity/")] [Authorize] public class IdentityController( UserManager userManager, SignInManager signInManager) : Controller { private readonly UserManager userManager = userManager; private readonly SignInManager signInManager = signInManager; [HttpPost] [Route("login")] [AllowAnonymous] public async Task Login(string userName, string password, string returnUrl) { var result = await signInManager.PasswordSignInAsync(userName, password, false, false); if (!result.Succeeded) { if (!string.IsNullOrEmpty(returnUrl)) { return Redirect($"/account/login?status=failed&returnUrl={Uri.EscapeDataString(returnUrl)}"); } else { return Redirect($"/account/login?status=failed"); } } if (string.IsNullOrEmpty(returnUrl)) { return Redirect("/"); } return Redirect(returnUrl); } [HttpGet] [Route("logout")] public async Task Logout() { await signInManager.SignOutAsync(); return Redirect("/"); } [HttpPost] [Route("change-password")] public async Task ChangePassword(string oldPassword, string newPassword) { var userId = User.FindFirstValue(ClaimTypes.NameIdentifier); var user = await userManager.FindByIdAsync(userId); var isPasswordCorrect = await userManager.CheckPasswordAsync(user, oldPassword); if (!isPasswordCorrect) { return BadRequest("Неверный текущий пароль"); } var result = await userManager.ChangePasswordAsync(user, oldPassword, newPassword); if (result.Succeeded) { return Ok(); } var message = string.Join(", ", result.Errors.Select(x => x.Description)); return BadRequest(message); } } }