Beispiel #1
0
        public bool ValidateRegistration(string userName, string email, string password, string confirmPassword, out List <string> errors)
        {
            errors = new List <string>();

            var context = new AccountValidationContext {
                UserName = userName,
                Email    = email,
                Password = password
            };

            _accountValidationService.ValidateUserName(context);
            _accountValidationService.ValidateEmail(context);
            // Don't do the other validations if we already know we failed
            if (!context.ValidationSuccessful)
            {
                foreach (var error in context.ValidationErrors)
                {
                    errors.Add(string.Format("{0}: {1}", error.Key, error.Value.Text));
                }
                return(false);
            }

            if (!_userService.VerifyUserUnicity(userName, email))
            {
                errors.Add(T("User with that username and/or email already exists.").Text);
            }

            if (!_accountValidationService.ValidatePassword(context))
            {
                foreach (var error in context.ValidationErrors)
                {
                    errors.Add(string.Format("{0}: {1}", error.Key, error.Value.Text));
                }
            }

            if (!String.Equals(password, confirmPassword, StringComparison.Ordinal))
            {
                errors.Add(T("The new password and confirmation password do not match.").Text);
            }
            return(errors.Count == 0);
        }
Beispiel #2
0
        private bool ValidateRegistration(string userName, string email, string password, string confirmPassword)
        {
            var context = new AccountValidationContext {
                UserName = userName,
                Email    = email,
                Password = password
            };

            _accountValidationService.ValidateUserName(context);
            _accountValidationService.ValidateEmail(context);
            // Don't do the other validations if we already know we failed
            if (!context.ValidationSuccessful)
            {
                foreach (var error in context.ValidationErrors)
                {
                    ModelState.AddModelError(error.Key, error.Value);
                }
                return(false);
            }

            if (!_userService.VerifyUserUnicity(userName, email))
            {
                // Not a new registration, but perhaps we already have that user and they
                // haven't validated their email address. This doesn't care whether there
                // were other issues with the registration attempt that caused its validation
                // to fail: if the user exists and still has to confirm their email, we show
                // a link to the action from which the challenge email is sent again.
                var membershipSettings = _membershipService.GetSettings();
                if (membershipSettings.UsersMustValidateEmail)
                {
                    var user = _userService.GetUserByNameOrEmail(email);
                    if (user == null)
                    {
                        user = _userService.GetUserByNameOrEmail(userName);
                    }
                    if (user != null && user.EmailStatus == UserStatus.Pending)
                    {
                        // We can't have links in the "text" of a ModelState Error. We are using a notifier
                        // to provide the user with an option to ask for a new challenge email.
                        _orchardServices.Notifier.Warning(
                            T("User with that username and/or email already exists. Follow <a href=\"{0}\">this link</a> if you want to receive a new email to validate your address.",
                              Url.Action(
                                  actionName: "RequestChallengeEmail",
                                  controllerName: "Account",
                                  routeValues: new { area = "Orchard.Users", email = email })));
                        // In creating the link above we use the email that was written in the form
                        // rather than the actual user's email address to prevent exploiting this
                        // for information discovery.
                    }
                }
                // We should add the error to the ModelState anyway.
                context.ValidationErrors.Add("userExists", T("User with that username and/or email already exists."));
            }

            _accountValidationService.ValidatePassword(context);

            if (!String.Equals(password, confirmPassword, StringComparison.Ordinal))
            {
                context.ValidationErrors.Add("_FORM", T("The new password and confirmation password do not match."));
            }

            if (!context.ValidationSuccessful)
            {
                foreach (var error in context.ValidationErrors)
                {
                    ModelState.AddModelError(error.Key, error.Value);
                }
            }

            return(ModelState.IsValid);
        }