public async Task <IApiResponse> HandleAsync(IApiRequest request)
{
var phone = request.Body.Get <String>("phone");
var name = request.Body.Get <String>("name");
var email = request.Body.Get <String>("email");
var id = request.Body.Get <String>("id");
if (String.IsNullOrEmpty(id))
{
return(Fail("id required"));
}
if (String.IsNullOrEmpty(email))
{
return(Fail("email required"));
}
if (String.IsNullOrEmpty(phone))
{
return(Fail("phone required"));
}
if (String.IsNullOrEmpty(name))
{
return(Fail("name required"));
}
var user = await _userManager.FindByNameAsync(email);
if (user != null)
{
return(Fail("Email already taken"));
}
user = await _userManager.FindAsync(new UserLoginInfo("PhoneNumber", phone));
if (user != null)
{
return(Fail("Phone already taken"));
}
user = new AppUser()
{
UserName = email,
Email = email,
PhoneNumber = phone,
PersonName = name,
Tenant = -1,
};
var result = await _userManager.CreateAsync(user);
if (!result.Succeeded)
{
return(Fail(String.Join(",", result.Errors)));
}
await _userManager.AddLoginAsync(user.Id, new UserLoginInfo("ExternalId", id.ToUpperInvariant()));
user.SetEMailConfirmed();
await _userManager.UpdateUser(user);
return(Ok());
}
public async Task <ClaimsIdentity> Authenticate(UserDTO userDto)
{
AppUser user = await _userMng.FindAsync(userDto.Email, userDto.Password);
ClaimsIdentity claim = user != null ? await _userMng.CreateIdentityAsync(user, DefaultAuthenticationTypes.ApplicationCookie) : null;
_userMng.Dispose();
return(claim);
}
public async Task <ClaimsIdentity> Login(LoginViewModel model)
{
var user = await userManager.FindAsync(model.Username, model.Password);
if (user == null)
{
throw new ApplicationException("Invalid name or password.");
}
return(await userManager.CreateIdentityAsync(user, DefaultAuthenticationTypes.ApplicationCookie));
}
public async Task <IHttpActionResult> RegisterExternal(RegisterExternalBindingModel model)
{
if (!ModelState.IsValid)
{
return(BadRequest(ModelState));
}
var verifiedAccessToken = await VerifyExternalAccessToken(model.Provider, model.ExternalAccessToken);
if (verifiedAccessToken == null)
{
return(BadRequest("Invalid Provider or External Access Token"));
}
var user = await AppUserManager.FindAsync(new UserLoginInfo(model.Provider, verifiedAccessToken.user_id));
bool hasRegistered = user != null;
if (hasRegistered)
{
return(BadRequest("External user is already registered"));
}
user = new Backer()
{
UserName = model.UserName
};
IdentityResult result = await AppUserManager.CreateAsync(user);
if (!result.Succeeded)
{
return(GetErrorResult(result));
}
var info = new ExternalLoginInfo()
{
DefaultUserName = model.UserName,
Login = new UserLoginInfo(model.Provider, verifiedAccessToken.user_id)
};
result = await AppUserManager.AddLoginAsync(user.Id, info.Login);
if (!result.Succeeded)
{
return(GetErrorResult(result));
}
//generate access token response
var accessTokenResponse = GenerateLocalAccessTokenResponse(model.UserName);
return(Ok(accessTokenResponse));
}
public async Task <IHttpActionResult> GetExternalLogin(string provider, string error = null)
{
if (error != null)
{
return(Redirect(Url.Content("~/") + "#error=" + Uri.EscapeDataString(error)));
}
if (!User.Identity.IsAuthenticated)
{
return(new ChallengeResult(provider, this));
}
ExternalLoginData externalLogin = ExternalLoginData.FromIdentity(User.Identity as ClaimsIdentity);
if (externalLogin == null)
{
return(InternalServerError());
}
if (externalLogin.LoginProvider != provider)
{
Authentication.SignOut(DefaultAuthenticationTypes.ExternalCookie);
return(new ChallengeResult(provider, this));
}
ApplicationUser user = await AppUserManager.FindAsync(new UserLoginInfo(externalLogin.LoginProvider,
externalLogin.ProviderKey));
bool hasRegistered = user != null;
if (hasRegistered)
{
Authentication.SignOut(DefaultAuthenticationTypes.ExternalCookie);
ClaimsIdentity oAuthIdentity = await user.GenerateUserIdentityAsync(AppUserManager,
OAuthDefaults.AuthenticationType);
ClaimsIdentity cookieIdentity = await user.GenerateUserIdentityAsync(AppUserManager,
CookieAuthenticationDefaults.AuthenticationType);
AuthenticationProperties properties = ApplicationOAuthProvider.CreateProperties(user.UserName);
Authentication.SignIn(properties, oAuthIdentity, cookieIdentity);
}
else
{
IEnumerable <Claim> claims = externalLogin.GetClaims();
ClaimsIdentity identity = new ClaimsIdentity(claims, OAuthDefaults.AuthenticationType);
Authentication.SignIn(identity);
}
return(Ok());
}
public async Task <IHttpActionResult> Login(LoginDto model)
{
var user = await _userManager.FindAsync(model.UserName, model.Password);
if (user == null || !user.IsEnabled)
{
return(Content(HttpStatusCode.Unauthorized, "用户名或密码不正确"));
}
await SignInAsync(user, model.RememberMe);
ActionLogAttribute.Log("Login", user.Id);
return(StatusCode(HttpStatusCode.NoContent));
}
public async Task <IHttpActionResult> RegisterExternal(ExternalUserAddRequest model)
{
if (!ModelState.IsValid)
{
return(BadRequest(ModelState));
}
var externalAccessToken = await VerifyExternalAccessToken(model.Provider, model.ExternalAccessToken);
if (externalAccessToken == null)
{
return(BadRequest("Invalid Provider or External Access Token"));
}
AppUser appUser = await AppUserManager.FindAsync(new UserLoginInfo(model.Provider, externalAccessToken.user_id));
if (appUser != null)
{
return(BadRequest("External user is already registered"));
}
appUser = new AppUser {
UserName = model.Username, Email = model.Email, EmailConfirmed = true, JoinDate = DateTime.Now
};
IdentityResult result = await AppUserManager.CreateAsync(appUser, model.Password);
if (!result.Succeeded)
{
return(GetErrorResult(result));
}
IdentityResult addUserToRoleResult = await AppUserManager.AddToRoleAsync(appUser.Id, "user");
if (!addUserToRoleResult.Succeeded)
{
return(GetErrorResult(addUserToRoleResult));
}
var info = new ExternalLoginInfo
{
DefaultUserName = model.Username,
Login = new UserLoginInfo(model.Provider, externalAccessToken.user_id)
};
result = await AppUserManager.AddLoginAsync(appUser.Id, info.Login);
return(result.Succeeded ? Ok(GenerateLocalAccessTokenResponse(model.Username)) : GetErrorResult(result));
}
public async Task <IHttpActionResult> GetExternalLogin(string provider, string error = null)
{
string redirectUri = string.Empty;
if (error != null)
{
return(BadRequest(Uri.EscapeDataString(error)));
}
if (!User.Identity.IsAuthenticated)
{
return(new ChallengeResult(provider, this));
}
var redirectUriValidationResult = ValidateClientAndRedirectUri(ref redirectUri);
if (!string.IsNullOrWhiteSpace(redirectUriValidationResult))
{
return(BadRequest(redirectUriValidationResult));
}
ExternalLoginData externalLogin = ExternalLoginData.FromIdentity(User.Identity as ClaimsIdentity);
if (externalLogin == null)
{
return(InternalServerError());
}
if (externalLogin.LoginProvider != provider)
{
Authentication.SignOut(DefaultAuthenticationTypes.ExternalCookie);
return(new ChallengeResult(provider, this));
}
IdentityUser user = await AppUserManager.FindAsync(new UserLoginInfo(externalLogin.LoginProvider, externalLogin.ProviderKey));
bool registered = user != null;
redirectUri = string.Format("{0}#external_access_token={1}&provider={2}&haslocalaccount={3}&external_user_name={4}&email={5}",
redirectUri,
externalLogin.ExternalAccessToken,
externalLogin.LoginProvider,
registered.ToString(),
externalLogin.UserName,
externalLogin.Email);
return(Redirect(redirectUri));
}
public async Task <ClaimsIdentity> Authenticate(UserDTO userDto)
{
AppUserManager appUserManager = (AppUserManager)Database.UserManager;
ClaimsIdentity claim = null;
// find user
ApplicationUser user = await appUserManager.FindAsync(userDto.Email, userDto.Password);
// authorize user и return object ClaimsIdentity
if (user != null)
{
claim = await appUserManager.CreateIdentityAsync(user,
DefaultAuthenticationTypes.ApplicationCookie);
}
return(claim);
}
public async Task <ActionResult> Login(LoginViewModel model, string returnUrl)
{
if (!ModelState.IsValid)
{
return(View(model));
}
// This doesn't count login failures towards account lockout
// To enable password failures to trigger account lockout, change to shouldLockout: true
var result = await SignInManager.PasswordSignInAsync(model.Email, model.Password, model.RememberMe, shouldLockout : false);
switch (result)
{
case SignInStatus.Success:
AppUserManager manager = new AppUserManager(new UserStore <AppUser>(db));
var user = await manager.FindAsync(model.Email, model.Password);
if (manager.IsInRole(user.Id, "Customer"))
{
//redirects user to Create A bank account page if User nodernot have a bank account
if (user.BankAccounts.Count() == 0)
{
return(RedirectToAction("Create", "BankAccounts"));
}
return(RedirectToAction("Index", "Customers"));
}
else if (manager.IsInRole(user.Id, "Employee"))
{
return(RedirectToAction("Index", "Employees"));
}
return(RedirectToAction("Index", "RoleAdmin"));
case SignInStatus.Failure:
default:
ModelState.AddModelError("", "Incorrect Email or Password");
return(View(model));
}
}
public async Task <ActionResult> Login(LoginViewModel model)
{
if (ModelState.IsValid)
{
var user = await UserManager.FindAsync(model.UserName, model.Password);
if (user != null)
{
await SignInAsync(user, model.RememberMe);
return(RedirectToAction("Index", "Home"));
}
else
{
ModelState.AddModelError("", "Invalid username or password.");
}
}
// Появление этого сообщения означает наличие ошибки; повторное отображение формы
return(View(model));
}
public async Task <IHttpActionResult> GetUserByEmail(CreateUserBindingModel getUserModel)
{
if (!ModelState.IsValid)
{
return(BadRequest(ModelState));
}
var user = await this.AppUserManager.FindByEmailAsync(getUserModel.Email);
if (user != null)
{
var check = await AppUserManager.FindAsync(user.UserName, getUserModel.Password);
if (check != null)
{
return(Ok(this.TheModelFactory.Create(user)));
}
return(BadRequest("Incorrect e-mail or password! "));
}
return(NotFound());
}
/*
* public async Task<IdentityResult> RegisterUser(UserModel userModel)
* {
* IdentityUser user = new IdentityUser
* {
* UserName = userModel.UserName
* };
*
* var result = await _userManager.CreateAsync(user, userModel.Password);
*
* return result;
* }
*/
public async Task <ApplicationUser> FindUser(string userName, string password)
{
ApplicationUser user = null;
#if DEBUG
user = await _userManager.FindByNameAsync(userName);
#else
var separateUsername = userName.ToLower().Split('\\');
if (separateUsername.Length == 2)
{
string domen = char.ToUpper((separateUsername[0])[0]) + separateUsername[0].Substring(1);
MembershipProvider membersip = Membership.Providers["ADMembershipProvider" + domen];
if (membersip != null & membersip.ValidateUser(separateUsername[1], password))
{
user = _userManager.FindByName(userName);
if (user == null)
{
// return SignInStatus.Failure;
ApplicationUser newAccount = new ApplicationUser()
{
UserName = userName,
Email = $"{separateUsername[1]}@gsu.by"
};
var result = await _userManager.CreateAsync(newAccount);
user = _userManager.FindByName(userName);
}
}
}
else
{
user = await _userManager.FindAsync(userName, password);
}
#endif
return(user);
}
public async Task <IHttpActionResult> GetLocalAccessToken(string provider, string externalAccessToken)
{
if (string.IsNullOrWhiteSpace(provider) || string.IsNullOrWhiteSpace(externalAccessToken))
{
return(BadRequest("Provider or external access token is not sent"));
}
var verifiedAccessToken = await VerifyExternalAccessToken(provider, externalAccessToken);
if (verifiedAccessToken == null)
{
return(BadRequest("Invalid Provider or External Access Token"));
}
IdentityUser user = await AppUserManager.FindAsync(new UserLoginInfo(provider, verifiedAccessToken.user_id));
if (user == null)
{
return(BadRequest("External user is not registered"));
}
return(Ok(GenerateLocalAccessTokenResponse(user.UserName)));
}
public async Task <Object> InvokeAsync(Int64 UserId, String PhoneNumber)
{
var userByPhone = await _userManager.FindAsync(new UserLoginInfo("PhoneNumber", PhoneNumber));
if (userByPhone != null && userByPhone.Id != UserId)
{
return("phoneAlreadyTaken");
}
String code = await _userManager.GenerateChangePhoneNumberTokenAsync(UserId, PhoneNumber);
if (_userManager.SmsService == null)
{
throw new ArgumentNullException("UserManager.SmsService");
}
var message = new IdentityMessageWithUserId
{
Destination = PhoneNumber,
Body = "Your security code is: " + code,
UserId = UserId
};
try
{
await _userManager.SmsService.SendAsync(message);
}
catch (Exception ex)
{
if (ex.InnerException != null)
{
ex = ex.InnerException;
}
return($"error:{ex.Message}");
}
return("success");
}
public async Task <IHttpActionResult> ConfirmEmailAsync(ConfirmEmailForm form)
{
return
(!ModelState.IsValid ? BadRequest(ModelState) : !await verifyUserAuthData(form.UserId, form.UserName, form.Password)
? BadRequest("Nazwa użytkownika, identyfikator lub hasło są niepoprawne") : !await verifyUserTokenAsync(form.UserId, form.Token)
? BadRequest("podany token jest niepoprawny") : await activateAccountAsync(form.UserId, form.Token));
async Task <bool> verifyUserAuthData(string userId, string userName, string password) => await AppUserManager.FindAsync(userName, password) is ApplicationUser user ? user.Id == userId.ToString() : false;
Task <bool> verifyUserTokenAsync(string userId, string token) => AppUserManager.VerifyUserTokenAsync(userId, "Confirmation", token);
async Task <IHttpActionResult> activateAccountAsync(string userId, string token)
{
IdentityResult identityResult = await AppUserManager.ConfirmEmailAsync(userId, token);
return(identityResult.Succeeded ? Ok() : (IHttpActionResult)InternalServerError(new Exception("Nieoczekiwany błąd serwera")));
}
}
public User Validate(string userNameOrEmail, string password)
{
return(_userManager.FindAsync(userNameOrEmail, password).Result);
}
public async Task <ApplicationUser> FindAsync(string userName, string password)
{
return(await _userManager.FindAsync(userName, password));
}
public async Task <AppUser> IsRegistered(string username, string password)
{
return(await _userManager.FindAsync(username, password));
}
