Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- using System;
- using System.Linq;
- using System.Threading.Tasks;
- using System.Web;
- using System.Web.Mvc;
- using Microsoft.AspNet.Identity;
- using Microsoft.Owin.Security;
- using Vroom.Web.Models;
- using Vroom.Application.Users;
- using Vroom.Common.Infrastructure;
- using System.Web.Security;
- using Omu.ValueInjecter;
- using Vroom.Common.Helpers;
- using Vroom.Web.Infrastructure;
- using Microsoft.AspNet.Identity.Owin;
- using Facebook;
- using Vroom.Common.Classes;
- using Vroom.Domain.Entities;
- using Vroom.Application.Email;
- using Vroom.Application.Email.StoredMails;
- using Vroom.Web.Core.Classes;
- using Vroom.Application.Email.Models;
- namespace Vroom.Web.Controllers
- {
- [Authorize]
- public class AccountController : VroomBaseController
- {
- #region Members
- public UserManager<ApplicationUser> UserManager { get; private set; }
- #endregion
- #region Properties
- private readonly IUserService _userService;
- #endregion
- #region Constructor
- public AccountController(IUserService userService)
- {
- _userService = userService;
- }
- #endregion
- #region Methods
- [HttpGet]
- [AllowAnonymous]
- public ActionResult Login(string returnUrl)
- {
- if (string.IsNullOrEmpty(returnUrl) && Request.UrlReferrer != null)
- returnUrl = Request.UrlReferrer.PathAndQuery;
- ViewBag.PageSectionTealium = CoreHelper.GetEnumDescription(PageSectionTealium.MijnVroom);
- ViewBag.PageTypeTealium = CoreHelper.GetEnumDescription(PageTypeTealium.Aanmelden);
- if (!string.IsNullOrEmpty(returnUrl))
- ViewBag.ReturnUrl = returnUrl;
- return View();
- }
- [HttpPost]
- [AllowAnonymous]
- public ActionResult Login(LoginViewModel model, string returnUrl)
- {
- if (ModelState.IsValid)
- {
- var loggedInPerson = new FrontendUserDTO();
- var passwordHash = Cryptography.EncryptToMd5(model.Password);
- var user = _userService.GetByEmail(model.Email);
- if (string.IsNullOrWhiteSpace(user?.Password) || !user.Password.Equals(passwordHash) || !user.IsActive)
- {
- if (Request.IsAjaxRequest())
- return FailAjaxLogin();
- SetupErrorLoginForNotAjaxCall(returnUrl);
- return View();
- }
- SetupForLogedUser(model, user, loggedInPerson);
- if (Request.IsAjaxRequest())
- return Json(new { success = true, userId = loggedInPerson.Id });
- if (returnUrl == null)
- return RedirectToAction("Index", "Home");
- return Redirect(returnUrl);
- }
- Identity.Current.SignOut();
- if (Request.IsAjaxRequest())
- FailAjaxLogin();
- // If we got this far, something failed, redisplay form
- return View();
- }
- [AllowAnonymous]
- [HttpPost]
- public ActionResult ForgotPassword(string email)
- {
- var user = _userService.GetByEmail(email);
- if (user == null)
- {
- return Json(new { success = false, error = Resources.Login.ForgotPasswordError });
- }
- user.UserToken = CommonHelpers.GenerateUniqueToken();
- user.TokenDate = DateTime.Now;
- _userService.Update(user);
- var mailInfo = new StoredMailsInfo
- {
- Email = user.Email,
- MessagentId = user.MessagentUserId,
- UserId = user.Id,
- Type = MailType.ForgotPasswordMail
- };
- //send mail - (when generating the reset password link, add returnUrl param to the querystring => returnUrl = Request.UrlReferrer.PathAndQuery)
- MailCore.SendForgotPasswordMail(user.MessagentUserId ?? 0, user.Firstname, user.UserToken, mailInfo);
- if (Request.IsAjaxRequest())
- {
- return Json(new { success = true, userMail = email });
- }
- return View();
- }
- [AllowAnonymous]
- [HttpGet]
- public ActionResult InputPassword(string id)
- {
- var user = _userService.GetByUserToken(id);
- if (user == null || user.TokenDate == null || (DateTime.Now - user.TokenDate).Value.TotalHours > 48)
- return RedirectToAction("TokenException", "Account");
- ViewBag.UserFirstName = user.Firstname ?? string.Empty;
- //Return View("~/Views/Account/TokenException.cshtml");
- return View();
- }
- [AllowAnonymous]
- [HttpGet]
- public ActionResult TokenException()
- {
- return View();
- }
- [AllowAnonymous]
- [HttpGet]
- public ActionResult InputPasswordSuccessful()
- {
- return View();
- }
- [AllowAnonymous]
- [HttpPost]
- public ActionResult InputPassword(string id, InputPasswordViewModel inputPassword, string returnUrl)
- {
- inputPassword.NewPassword = _userService.DecodeUserPassword(inputPassword.NewPasswordHashed);
- inputPassword.ConfirmPassword = _userService.DecodeUserPassword(inputPassword.ConfirmPasswordHashed);
- if (!string.IsNullOrEmpty(id))
- {
- var user = _userService.GetByUserToken(id);
- user.Password = Cryptography.EncryptToMd5(inputPassword.NewPassword);
- user.IsApproved = true;
- user.UserToken = null;
- user.TokenDate = null;
- _userService.Update(user);
- }
- return RedirectToAction("InputPasswordSuccessful", "Account");
- //return View("~/Views/Account/InputPasswordSuccessful.cshtml");
- }
- [AllowAnonymous]
- [HttpGet]
- public ActionResult SignOut(string returnUrl)
- {
- Identity.Current.SignOut();
- return RedirectToAction("Index", "Home", new { lang = RouteHelper.GetRouteLanguage() });
- }
- [AllowAnonymous]
- public ActionResult AccountActivation(string id)
- {
- if (string.IsNullOrEmpty(id))
- return HttpNotFound();
- var user = _userService.GetByUserToken(id);
- if (user == null) return HttpNotFound();
- if ((user.TokenDate?.AddDays(2) < DateTime.Now) || user.TokenDate == null)
- {
- ViewBag.AccountActivation = AccountActivationStatus.TokenExpired;
- return View();
- }
- if (user.IsApproved == true)
- ViewBag.AccountActivation = AccountActivationStatus.AccountAlreadyActivated;
- else
- {
- user.IsApproved = true;
- _userService.Update(user);
- ViewBag.AccountActivation = AccountActivationStatus.AccountSuccesfullyActivated;
- }
- var loggedInPerson = new FrontendUserDTO();
- loggedInPerson.InjectFrom(user);
- Identity.Current.User = loggedInPerson;
- ViewBag.ActivationReturnURL = Url.Action("Index", "Home", new { lang = RouteHelper.GetRouteLanguage() });
- return View();
- }
- [AllowAnonymous]
- public ActionResult Register(string returnUrl)
- {
- ViewBag.ReturnUrl = returnUrl;
- return View();
- }
- [HttpPost]
- [AllowAnonymous]
- public ActionResult Register(RegisterViewModel model, string returnUrl)
- {
- if (ModelState.IsValid)
- {
- var passwordHash = Cryptography.EncryptToMd5(model.Password);
- var personExists = _userService.GetByEmail(model.Email) != null;
- if (personExists)
- {
- if (Request.IsAjaxRequest())
- return Json(new { success = false, error = Resources.Register.RegisterFailed });
- ModelState.Clear();
- ModelState.AddModelError("", Resources.Register.RegisterFailed);
- model.Email = string.Empty;
- return View(model);
- }
- FrontendUserDTO registerPerson = new FrontendUserDTO();
- registerPerson.Email = model.Email;
- registerPerson.Password = passwordHash;
- if (model.PhoneNumber != null)
- registerPerson.Phone = model.CountryCode + CommonHelpers.StripPhoneNumber(model.PhoneNumber);
- registerPerson.IsApproved = false;
- registerPerson.IsActive = true;
- registerPerson.Language = RouteHelper.GetRouteLanguage().ToLower();
- registerPerson.DateCreated = DateTime.Now;
- registerPerson.UserToken = CommonHelpers.GenerateUniqueToken();
- registerPerson.TokenDate = DateTime.Now;
- int messagentId = CreateMessagentUserByFrontendUserModel(model, registerPerson);
- if (messagentId > 0)
- {
- registerPerson.MessagentUserId = messagentId;
- }
- var user = new User();
- user.InjectFrom(registerPerson);
- user = _userService.Add(user);
- registerPerson.Id = user.Id;
- var mailInfo = new StoredMailsInfo
- {
- Email = registerPerson.Email,
- MessagentId = messagentId,
- UserId = registerPerson.Id,
- Type = MailType.UserWelcomeMail
- };
- MailCore.SendWelcomeMail(messagentId, registerPerson.Firstname, registerPerson.Lastname,
- registerPerson.UserToken, mailInfo);
- FormsAuthentication.SetAuthCookie(model.Email, false);
- CreatePersistentCookie(registerPerson, false);
- Identity.CreateIdentity(registerPerson);
- TempData["RegisterThankYou"] = true;
- if (Request.IsAjaxRequest())
- {
- return Json(new { success = true });
- }
- if (string.IsNullOrEmpty(returnUrl))
- return RedirectToAction("Index", "Home");
- return Redirect(returnUrl);
- }
- if (Request.IsAjaxRequest())
- return Json(new { success = false, error = Resources.Register.RegisterFailed });
- // If we got this far, something failed, redisplay form
- return View(model);
- }
- public ActionResult SendRegisterEmailAgain()
- {
- var sendSuccesMail = false;
- if (Identity.Current.User.Email != null)
- {
- var mailInfo = new StoredMailsInfo
- {
- Email = Identity.Current.User.Email,
- MessagentId = Identity.Current.User.MessagentUserId,
- UserId = Identity.Current.User.Id,
- Type = MailType.UserWelcomeMail
- };
- var user = _userService.GetByID(Identity.Current.User.Id);
- Identity.Current.User.UserToken = user.UserToken = CommonHelpers.GenerateUniqueToken();
- user.TokenDate = DateTime.Now;
- _userService.Update(user);
- sendSuccesMail = MailCore.SendWelcomeMail(Identity.Current.User.MessagentUserId ?? 0, Identity.Current.User.Firstname, Identity.Current.User.Lastname, Identity.Current.User.UserToken, mailInfo);
- }
- if (!Request.IsAjaxRequest())
- return RedirectToAction("Index", "Home");
- return Json(sendSuccesMail ? new { success = true } : new { success = false }, JsonRequestBehavior.AllowGet);
- }
- public ActionResult VerifyAccount()
- {
- return View("~/Views/Shared/VerifyAccount.cshtml");
- }
- public ActionResult SendVerificationEmail()
- {
- var user = Identity.Current.User;
- var email = user.Email;
- var token = user.UserToken;
- //send email
- if (Request.IsAjaxRequest())
- return Json(new { success = true });
- return RedirectToAction("Index", "Home");
- }
- public ExternalLoginUser RetrieveExternalInformation(ExternalLoginInfo loginInfo)
- {
- ExternalLoginUser user = new ExternalLoginUser();
- if (loginInfo != null)
- {
- if (loginInfo.Login != null)
- if (loginInfo.Login.LoginProvider == "Facebook")
- user.FacebookID = loginInfo.Login.ProviderKey;
- else user.GooglePlusID = loginInfo.Login.ProviderKey;
- if (loginInfo.ExternalIdentity != null && loginInfo.ExternalIdentity.Claims != null)
- {
- if (loginInfo.Login != null && loginInfo.Login.LoginProvider == "Facebook")
- {
- var identity = AuthenticationManager.GetExternalIdentity(DefaultAuthenticationTypes.ExternalCookie);
- var accessToken = identity.FindFirstValue("FacebookAccessToken");
- var fb = new FacebookClient(accessToken);
- dynamic myInfo = fb.Get("/me?fields=email,first_name,last_name"); // specify the email field
- if (myInfo != null)
- {
- if (!string.IsNullOrEmpty(myInfo.email))
- user.Email = myInfo.email;
- if (!string.IsNullOrEmpty(myInfo.first_name))
- user.Firstname = myInfo.first_name;
- if (!string.IsNullOrEmpty(myInfo.last_name))
- user.Lastname = myInfo.last_name;
- }
- }
- else
- {
- if (loginInfo.ExternalIdentity.Claims.ElementAt((int)GoogleClaims.FirstName) != null && !string.IsNullOrEmpty(loginInfo.ExternalIdentity.Claims.ElementAt((int)GoogleClaims.FirstName).Value))
- user.Firstname = loginInfo.ExternalIdentity.Claims.ElementAt((int)GoogleClaims.FirstName).Value;
- if (loginInfo.ExternalIdentity.Claims.ElementAt((int)GoogleClaims.LastName) != null && !string.IsNullOrEmpty(loginInfo.ExternalIdentity.Claims.ElementAt((int)GoogleClaims.LastName).Value))
- user.Lastname = loginInfo.ExternalIdentity.Claims.ElementAt((int)GoogleClaims.LastName).Value;
- if (loginInfo.ExternalIdentity.Claims.ElementAt((int)GoogleClaims.Email) != null && !string.IsNullOrEmpty(loginInfo.ExternalIdentity.Claims.ElementAt((int)GoogleClaims.Email).Value))
- user.Email = loginInfo.ExternalIdentity.Claims.ElementAt((int)GoogleClaims.Email).Value;
- }
- }
- }
- return user;
- }
- [HttpPost]
- [AllowAnonymous]
- public ActionResult ExternalLogin(string provider, string returnUrl)
- {
- //if(Identity.Current.User!=null)
- // return View("ExternalLoginConfirmation", new ExternalLoginConfirmationViewModel(true, 0, null));
- Identity.Current = null;
- //ControllerContext.HttpContext.Session.Remove("vroomIdentity");
- //ControllerContext.HttpContext.Session.RemoveAll();
- // Request a redirect to the external login provider RetrieveExternalInformation
- return new ChallengeResult(provider, Url.Action("ExternalLoginCallback", "Account", new { ReturnUrl = returnUrl }, Request.Url.Scheme));
- }
- [AllowAnonymous]
- public async Task<ActionResult> ExternalLoginCallback(string returnUrl)
- {
- var loginInfo = await AuthenticationManager.GetExternalLoginInfoAsync();
- var externalUser = RetrieveExternalInformation(loginInfo);
- if (loginInfo == null || externalUser.Email == null)
- {
- return View("ExternalLoginConfirmation", new ExternalLoginConfirmationViewModel(false, 0, returnUrl));
- }
- User dbUser = new User();
- dbUser.InjectFrom(externalUser);
- //if (dbUser.FacebookID == null && externalUser.FacebookId != null)
- // dbUser.FacebookID = externalUser.FacebookId;
- //if (dbUser.GooglePlusID == null && externalUser.GooglePlusId != null)
- // dbUser.FacebookID = externalUser.FacebookId;
- var user = _userService.GetUserbyExternalId(dbUser, loginInfo.Login.LoginProvider.ToLower());
- if (user == null)
- {
- dbUser.IsActive = true;
- dbUser.IsApproved = true;
- dbUser.Language = RouteHelper.GetRouteLanguage().ToLower();
- dbUser.DateCreated = DateTime.Now;
- //Implement Mailing method
- dbUser.UserToken = CommonHelpers.GenerateUniqueToken();
- dbUser.TokenDate = DateTime.Now;
- int messagentId = CreateMessagentUserByUserModel(dbUser);
- if (messagentId > 0)
- {
- dbUser.MessagentUserId = messagentId;
- }
- _userService.Add(dbUser);
- }
- else
- {
- dbUser.InjectFrom(user);
- if (dbUser.FacebookID == null && externalUser.FacebookID != null)
- dbUser.FacebookID = externalUser.FacebookID;
- if (dbUser.GooglePlusID == null && externalUser.GooglePlusID != null)
- dbUser.GooglePlusID = externalUser.GooglePlusID;
- if (dbUser.Firstname == null)
- {
- dbUser.Firstname = externalUser.Firstname;
- }
- if (dbUser.Lastname == null)
- {
- dbUser.Lastname = externalUser.Lastname;
- }
- _userService.Update(dbUser);
- }
- FrontendUserDTO loggedInPerson = new FrontendUserDTO();
- loggedInPerson.InjectFrom(dbUser);
- FormsAuthentication.SetAuthCookie(externalUser.Email, false);
- CreatePersistentCookie(loggedInPerson, false);
- Identity.CreateIdentity(loggedInPerson);
- return View("ExternalLoginConfirmation", new ExternalLoginConfirmationViewModel(true, loggedInPerson.Id, returnUrl));
- }
- public ActionResult ExternalLoginFailure()
- {
- return View();
- }
- #endregion
- #region Private Methods
- private void CreatePersistentCookie(FrontendUserDTO user, bool createPersistentCookie)
- {
- var now = DateTime.UtcNow.ToLocalTime();
- var ticket = new FormsAuthenticationTicket(
- 1 /*version*/,
- user.Email,
- now,
- createPersistentCookie ? now.AddDays(14) : now.Add(FormsAuthentication.Timeout),
- createPersistentCookie,
- user.Email,
- FormsAuthentication.FormsCookiePath);
- var encryptedTicket = FormsAuthentication.Encrypt(ticket);
- var cookie = new HttpCookie(FormsAuthentication.FormsCookieName, encryptedTicket) { HttpOnly = true };
- if (ticket.IsPersistent)
- {
- cookie.Expires = ticket.Expiration;
- }
- cookie.Secure = FormsAuthentication.RequireSSL;
- cookie.Path = FormsAuthentication.FormsCookiePath;
- if (FormsAuthentication.CookieDomain != null)
- {
- cookie.Domain = FormsAuthentication.CookieDomain;
- }
- HttpContext.Response.Cookies.Add(cookie);
- }
- protected override void Dispose(bool disposing)
- {
- if (disposing && UserManager != null)
- {
- UserManager.Dispose();
- UserManager = null;
- }
- base.Dispose(disposing);
- }
- private void SetupErrorLoginForNotAjaxCall(string returnUrl)
- {
- ViewBag.IsInvalidSignIn = true;
- ModelState.Clear();
- ModelState.AddModelError("", Resources.Login.LoginFailed);
- if (!string.IsNullOrEmpty(returnUrl))
- ViewBag.ReturnUrl = returnUrl;
- }
- // Used for XSRF protection when adding external logins
- private const string XsrfKey = "XsrfId";
- private IAuthenticationManager AuthenticationManager
- {
- get
- {
- return HttpContext.GetOwinContext().Authentication;
- }
- }
- private async Task SignInAsync(ApplicationUser user, bool isPersistent)
- {
- AuthenticationManager.SignOut(DefaultAuthenticationTypes.ExternalCookie);
- var identity = await UserManager.CreateIdentityAsync(user, DefaultAuthenticationTypes.ApplicationCookie);
- AuthenticationManager.SignIn(new AuthenticationProperties() { IsPersistent = isPersistent }, identity);
- }
- private void AddErrors(IdentityResult result)
- {
- foreach (var error in result.Errors)
- {
- ModelState.AddModelError("", error);
- }
- }
- private bool HasPassword()
- {
- var user = UserManager.FindById(User.Identity.GetUserId());
- if (user != null)
- {
- return user.PasswordHash != null;
- }
- return false;
- }
- public enum ManageMessageId
- {
- ChangePasswordSuccess,
- SetPasswordSuccess,
- RemoveLoginSuccess,
- Error
- }
- private ActionResult RedirectToLocal(string returnUrl)
- {
- if (Url.IsLocalUrl(returnUrl))
- {
- return Redirect(returnUrl);
- }
- else
- {
- return RedirectToAction("Index", "Home");
- }
- }
- private class ChallengeResult : HttpUnauthorizedResult
- {
- public ChallengeResult(string provider, string redirectUri) : this(provider, redirectUri, null)
- {
- }
- public ChallengeResult(string provider, string redirectUri, string userId)
- {
- LoginProvider = provider;
- RedirectUri = redirectUri;
- UserId = userId;
- }
- public string LoginProvider { get; set; }
- public string RedirectUri { get; set; }
- public string UserId { get; set; }
- public override void ExecuteResult(ControllerContext context)
- {
- context.RequestContext.HttpContext.Response.SuppressFormsAuthenticationRedirect = true;
- var properties = new AuthenticationProperties { RedirectUri = RedirectUri };
- if (UserId != null)
- {
- properties.Dictionary[XsrfKey] = UserId;
- }
- context.HttpContext.GetOwinContext().Authentication.Challenge(properties, LoginProvider);
- }
- }
- private static int CreateMessagentUserByUserModel(User dbUser)
- {
- var userProfileData = new ProfileData();
- userProfileData.FirstName = dbUser.Firstname;
- userProfileData.LastName = dbUser.Lastname;
- userProfileData.Email = dbUser.Email;
- userProfileData.Language = dbUser.Language ?? RouteHelper.GetRouteLanguage();
- var messagentId = MessagentService.CreateMesagentUserId(userProfileData, MessagentListId.Users);
- return messagentId;
- }
- private static int CreateMessagentUserByFrontendUserModel(RegisterViewModel model, FrontendUserDTO registerPerson)
- {
- var userProfileData = new ProfileData();
- userProfileData.FirstName = registerPerson.Firstname;
- userProfileData.LastName = registerPerson.Lastname;
- userProfileData.Email = model.Email;
- userProfileData.Language = registerPerson.Language ?? RouteHelper.GetRouteLanguage();
- var messagentId = MessagentService.CreateMesagentUserId(userProfileData, MessagentListId.Users);
- return messagentId;
- }
- private void SetupForLogedUser(LoginViewModel model, User user, FrontendUserDTO loggedInPerson)
- {
- user.UserToken = null;
- user.TokenDate = null;
- _userService.Update(user);
- loggedInPerson.InjectFrom(user);
- FormsAuthentication.SetAuthCookie(model.Email, model.RememberMe);
- CreatePersistentCookie(loggedInPerson, model.RememberMe);
- Identity.CreateIdentity(loggedInPerson);
- }
- private ActionResult FailAjaxLogin()
- {
- return Json(new { success = false, error = Resources.Login.LoginFailed });
- }
- }
- #endregion
- }
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement