protected void Application_PostAuthenticateRequest(Object sender, EventArgs e)
{
if (!RequestRequiresAuth())
{
return;
}
if (!User.Identity.IsAuthenticated)
{
return;
}
if (User is ExceptionlessPrincipal)
{
return;
}
CheckDbOrCacheDown();
try {
var userRepository = DependencyResolver.Current.GetService <IUserRepository>();
User user = userRepository.GetByEmailAddress(User.Identity.Name);
if (user == null)
{
FormsAuthentication.SignOut();
FormsAuthentication.RedirectToLoginPage();
return;
}
var principal = new ExceptionlessPrincipal(user);
Thread.CurrentPrincipal = principal;
if (HttpContext.Current != null)
{
HttpContext.Current.User = principal;
}
} catch (MongoConnectionException ex) {
Log.Error().Exception(ex).Message("Error getting user: {0}", ex.Message).Report().Write();
MarkDbDown();
RedirectToMaintenancePage();
} catch (SocketException ex) {
Log.Error().Exception(ex).Message("Error getting user: {0}", ex.Message).Report().Write();
MarkDbDown();
RedirectToMaintenancePage();
}
}
//[ValidateJsonAntiForgeryToken]
public ActionResult Manage(ManageModel model)
{
ModelState state = ModelState["OldPassword"];
if (state != null)
{
state.Errors.Clear();
}
state = ModelState["NewPassword"];
if (state != null)
{
state.Errors.Clear();
}
state = ModelState["ConfirmPassword"];
if (state != null)
{
state.Errors.Clear();
}
User user = User.UserEntity;
if (ModelState.IsValid)
{
try {
_userRepository.InvalidateCache(user);
if (!String.Equals(user.EmailAddress, model.EmailAddress, StringComparison.OrdinalIgnoreCase))
{
if (_userRepository.GetByEmailAddress(model.EmailAddress) != null)
{
throw new InvalidOperationException("A user with this email address already exists.");
}
user.IsEmailAddressVerified = user.OAuthAccounts.Count(oa => String.Equals(oa.EmailAddress(), model.EmailAddress, StringComparison.OrdinalIgnoreCase)) > 0;
}
user.EmailAddress = model.EmailAddress;
user.EmailNotificationsEnabled = model.EmailNotificationsEnabled;
user.FullName = model.FullName;
_membershipProvider.UpdateAccount(user);
// NOTE: If a user is updating their profile but hasn't verified the email address.. I think we should send them a notification every time..
if (!user.IsEmailAddressVerified)
{
user.VerifyEmailAddressToken = _membershipProvider.GenerateVerifyEmailToken(user.EmailAddress);
_mailer.SendVerifyEmailAsync(user);
}
var principal = new ExceptionlessPrincipal(user);
Thread.CurrentPrincipal = principal;
if (System.Web.HttpContext.Current != null)
{
System.Web.HttpContext.Current.User = principal;
}
} catch (Exception e) {
ModelState.AddModelError("", e.Message);
}
}
if (!ModelState.IsValid)
{
Response.StatusCode = (int)HttpStatusCode.BadRequest;
return(Json(ModelState.ToDictionary()));
}
return(Json(new { IsVerified = user.IsEmailAddressVerified }));
}
