fix to credential fetching issue

rastenis · rastenis · commit 8d4aec753e82 · 2020-04-01T14:06:49.000+02:00
diff --git a/Controllers/AuthController.cs b/Controllers/AuthController.cs
@@ -238,7 +238,7 @@ public async Task<IActionResult> GoogleCallback([FromQuery]IDictionary<string, s
             // If user is logged in and the auth token is not registered yet, link.
             if (HttpContext.Session.GetString("user") != null)
             {
-                var user = await _context.Users.Where(c => c.Id == HttpContext.Session.GetString("user")).FirstOrDefaultAsync();
+                var user = await _context.Users.Where(c => c.Id == HttpContext.Session.GetString("user")).Include("Credentials").FirstOrDefaultAsync();
 
                 // If someone already has that token OR there is a user that has the email but is not the same user.
                 if (userWithMatchingToken != null || (userWithMatchingEmail != null && userWithMatchingEmail.Email != user.Email))
@@ -330,12 +330,12 @@ public async Task<IActionResult> GithubCallback([FromQuery]IDictionary<string, s
 
             // Fetching data
             var userWithMatchingToken = await _context.Users.Where(c => c.Credentials.Any(cred => cred.Provider == AuthProvider.GITHUB && cred.Token == userinfo.Id)).FirstOrDefaultAsync();
-            var userWithMatchingEmail = await _context.Users.Where(c => c.Email != null && c.Email == userinfo.Email).FirstOrDefaultAsync();
+            var userWithMatchingEmail = await _context.Users.Where(c => userinfo.Email != null && c.Email == userinfo.Email).FirstOrDefaultAsync();
 
             // If user is logged in and the auth token is not registered yet, link.
             if (HttpContext.Session.GetString("user") != null)
             {
-                var user = await _context.Users.Where(c => c.Id == HttpContext.Session.GetString("user")).FirstOrDefaultAsync();
+                var user = await _context.Users.Where(c => c.Id == HttpContext.Session.GetString("user")).Include("Credentials").FirstOrDefaultAsync();
 
                 // If someone already has that token OR there is a user that has the email but is not the same user.
                 if (userWithMatchingToken != null || (userWithMatchingEmail != null && userWithMatchingEmail.Email != user.Email))
@@ -433,7 +433,7 @@ public async Task<IActionResult> RedditCallback([FromQuery]IDictionary<string, s
             // If user is logged in and the auth token is not registered yet, link.
             if (HttpContext.Session.GetString("user") != null)
             {
-                var user = await _context.Users.Where(c => c.Id == HttpContext.Session.GetString("user")).FirstOrDefaultAsync();
+                var user = await _context.Users.Where(c => c.Id == HttpContext.Session.GetString("user")).Include("Credentials").FirstOrDefaultAsync();
 
                 // If someone already has that token OR there is a user that has the email but is not the same user.
                 if (userWithMatchingToken != null)
diff --git a/Controllers/ProfileController.cs b/Controllers/ProfileController.cs
@@ -36,14 +36,15 @@ public async Task<IActionResult> Profile()
                 return Redirect("/Auth/Login");
             }
 
-            var user = await _context.Users.Where(c => Regex.IsMatch(c.Id, HttpContext.Session.GetString("user"))).FirstOrDefaultAsync();
+            var user = await _context.Users.Where(c => Regex.IsMatch(c.Id, HttpContext.Session.GetString("user"))).Include("Credentials").FirstOrDefaultAsync();
 
             if (user.Credentials == null)
             {
                 user.Credentials = new List<Credential>();
             }
 
-            ViewData["HasPassword"] = user.Password != null;
+            var blankPassword = BCrypt.Net.BCrypt.Verify("", user.Password);
+            ViewData["HasPassword"] = user.Password != null && !blankPassword;
 
             ViewData["GoogleLinked"] = user.Credentials.Exists(c => { return c.Provider == AuthProvider.GOOGLE; });
             ViewData["GithubLinked"] = user.Credentials.Exists(c => { return c.Provider == AuthProvider.GITHUB; });
@@ -133,7 +134,7 @@ public async Task<IActionResult> ChangeOAuth(string submit)
             submit = submit.First().ToString().ToUpper() + submit.Substring(1);
 
             // Fetching the user
-            var user = await _context.Users.Where(c => Regex.IsMatch(c.Id, HttpContext.Session.GetString("user"))).FirstOrDefaultAsync();
+            var user = await _context.Users.Where(c => Regex.IsMatch(c.Id, HttpContext.Session.GetString("user"))).Include("Credentials").FirstOrDefaultAsync();
 
             AuthProvider provider;
             if (!Enum.TryParse(submit.ToUpper(), out provider))
diff --git a/Models/DatabaseContext.cs b/Models/DatabaseContext.cs
@@ -34,11 +34,11 @@ public User(string email, string password)
             this.Id = Guid.NewGuid().ToString();
             this.Email = email;
             this.Password = BCrypt.Net.BCrypt.HashPassword(password);
-            this.Credentials = new List<Credential>();
         }
 
         public User()
         {
+            Credentials = new List<Credential>();
         }
 
         public string Id { get; set; }
diff --git a/docker-compose-windows.yml b/docker-compose-windows.yml
@@ -38,4 +38,3 @@ services:
             - 8080:8080
 volumes:
     db:
-        external: true

Original file line number	Diff line number	Diff line change
`@@ -34,11 +34,11 @@ public User(string email, string password)`
`34`	`34`	`this.Id = Guid.NewGuid().ToString();`
`35`	`35`	`this.Email = email;`
`36`	`36`	`this.Password = BCrypt.Net.BCrypt.HashPassword(password);`
`37`		`- this.Credentials = new List<Credential>();`
`38`	`37`	`}`
`39`	`38`
`40`	`39`	`public User()`
`41`	`40`	`{`
	`41`	`+ Credentials = new List<Credential>();`
`42`	`42`	`}`
`43`	`43`
`44`	`44`	`public string Id { get; set; }`