spouliot/PowderCoatingLogix
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Initial commit

Browse Source
This commit is contained in:
Scott Pouliot
2026-04-23 21:38:24 -04:00
commit 63e12a9636
1762 changed files with 1672620 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files
src/PowderCoating.Web/Controllers/AccountController.cs
+68
View File
@@ -0,0 +1,68 @@
using Microsoft.AspNetCore.Authorization;
using Microsoft.AspNetCore.Identity;
using Microsoft.AspNetCore.Mvc;
using PowderCoating.Core.Entities;
namespace PowderCoating.Web.Controllers;
[Authorize]
public class AccountController : Controller
{
private readonly UserManager<ApplicationUser> _userManager;
private readonly SignInManager<ApplicationUser> _signInManager;
public AccountController(
UserManager<ApplicationUser> userManager,
SignInManager<ApplicationUser> signInManager)
{
_userManager = userManager;
_signInManager = signInManager;
}
/// <summary>
/// Shows the forced password-change form for newly created accounts. Redirects to the dashboard immediately if the MustChangePassword claim is absent, preventing direct navigation by users who do not need to change their password.
/// </summary>
[HttpGet]
public IActionResult ChangeInitialPassword()
{
if (User.FindFirst("MustChangePassword")?.Value != "true")
return RedirectToAction("Index", "Dashboard");
return View();
}
/// <summary>
/// Processes the forced initial password change. After a successful change the MustChangePassword claim is removed and the auth cookie is refreshed so the user is not challenged again in the same session. Redirects to the Registration Welcome page as the next onboarding step.
/// </summary>
[HttpPost]
[ValidateAntiForgeryToken]
public async Task<IActionResult> ChangeInitialPassword(
string currentPassword, string newPassword, string confirmPassword)
{
if (User.FindFirst("MustChangePassword")?.Value != "true")
return RedirectToAction("Index", "Dashboard");
if (string.IsNullOrWhiteSpace(newPassword) || newPassword != confirmPassword)
{
ModelState.AddModelError(string.Empty, "New passwords do not match.");
return View();
}
var user = await _userManager.GetUserAsync(User);
if (user == null)
return Challenge();
var result = await _userManager.ChangePasswordAsync(user, currentPassword, newPassword);
if (!result.Succeeded)
{
foreach (var error in result.Errors)
ModelState.AddModelError(string.Empty, error.Description);
return View();
}
await _userManager.RemoveClaimAsync(user, new System.Security.Claims.Claim("MustChangePassword", "true"));
await _signInManager.RefreshSignInAsync(user);
return RedirectToAction("Welcome", "Registration");
}
}