Beispiel #1
0
        public async Task <ActionResult> Login(LoginViewModel model, string returnUrl)
        {
            //if (!ModelState.IsValid)
            //{
            //    return View(model);
            //}

            //var result = await SignInManager.PasswordSignInAsync(model.Email, model.Password, model.RememberMe, shouldLockout: false);
            //switch (result)
            //{
            //    case SignInStatus.Success:
            //        return RedirectToLocal(returnUrl);
            //    case SignInStatus.LockedOut:
            //        return View("Lockout");
            //    case SignInStatus.RequiresVerification:
            //        return RedirectToAction("SendCode", new { ReturnUrl = returnUrl, RememberMe = model.RememberMe });
            //    case SignInStatus.Failure:
            //    default:
            //        ModelState.AddModelError("", "Invalid login attempt.");
            //        return View(model);
            //}

            //Validar el usuario y la contraseña
            FormsAuthentication _formsAuthentication = new FormsAuthentication();

            _formsAuthentication.SignIn();

            //HttpCookie emailCookie = new HttpCookie("emailCookie");
            //emailCookie.Value = user.Email;
            //Response.Cookies.Add(emailCookie);

            return(RedirectToAction("Index", "Home"));
        }
Beispiel #2
0
        public virtual ActionResult LogOn(string userName, string password, bool rememberMe, string returnUrl)
        {
            if (!ValidateLogOn(userName, password))
            {
                return(View());
            }

            User user = null;

            try
            {
                user = service.Authenticate(userName, password);
            }
            catch (RulesException rulesException)
            {
                foreach (ErrorInfo info in rulesException.Errors)
                {
                    ModelState.AddModelError("_FORM", info.ErrorMessage);
                }
                return(View());
            }

            if (user == null)
            {
                ModelState.AddModelError("_FORM", "The username or password provided is incorrect.");
                return(View());
            }

            FormsAuthentication.SignIn(user.Id.ToString(), rememberMe);
            HttpContext.User = user;

            if (!String.IsNullOrEmpty(returnUrl))
            {
                return(Redirect(returnUrl));
            }
            else
            {
                return(RedirectToAction("Index", "Home"));
            }
        }
Beispiel #3
0
        public virtual ActionResult OpenId(string openid_openidAuthData, string returnUrl)
        {
            IAuthenticationResponse response;

            if (!string.IsNullOrEmpty(openid_openidAuthData))
            {
                var auth    = new Uri(openid_openidAuthData);
                var headers = new WebHeaderCollection();
                foreach (string header in Request.Headers)
                {
                    headers[header] = Request.Headers[header];
                }

                // Always say it's a GET since the payload is all in the URL, even the large ones.
                HttpRequestInfo clientResponseInfo = new HttpRequestInfo("GET", auth, auth.PathAndQuery, headers, null);
                response = this.RelyingParty.GetResponse(clientResponseInfo);
            }
            else
            {
                response = this.RelyingParty.GetResponse();
            }

            try
            {
                if (response != null)
                {
                    // Stage 3: OpenID Provider sending assertion response
                    switch (response.Status)
                    {
                    case AuthenticationStatus.Authenticated:

                        User user      = null;
                        var  authtoken =
                            authTokenService.Find(token => token.ClaimedIdentifier == response.ClaimedIdentifier.ToString()).FirstOrDefault();
                        if (authtoken != null)
                        {
                            user = authtoken.User;
                        }
                        //checks:
                        if (user != null)
                        {
                            if (user.IsLockedOut)
                            {
                                this.ModelState.AddModelError("_FORM", "Your account is locked out");
                                break;
                            }
                            if (!user.IsApproved)
                            {
                                this.ModelState.AddModelError("_FORM", "Your account is not yet approved");
                                break;
                            }
                        }

                        var claims = response.GetExtension <ClaimsResponse>();
                        var name   = claims != null ? claims.FullName ?? "" : "";
                        var email  = claims != null ? claims.Email ?? "" : "";

                        if (user != null)
                        {
                            //Sync the email from OpenID provider.
                            if (string.IsNullOrEmpty(user.Email))
                            {
                                user.Email = email;
                            }
                            if (string.IsNullOrEmpty(user.Name))
                            {
                                user.Name = name;
                            }
                        }
                        else
                        {
                            user = new User
                            {
                                Email = email,
                                Name  = name
                            };
                        }
                        user.LastActivity = DateTime.Now;
                        user = service.SaveOrUpdate(user);

                        var isNew = authtoken == null;
                        if (isNew)
                        {
                            authtoken = new AuthenticationToken
                            {
                                ClaimedIdentifier = response.ClaimedIdentifier.ToString(),
                                User = user
                            };
                        }
                        authtoken.FriendlyIdentifier = response.FriendlyIdentifierForDisplay;
                        authtoken.LastUsed           = DateTime.Now;
                        authtoken = authTokenService.SaveOrUpdate(authtoken);

                        if (isNew)
                        {
                            user.AuthenticationTokens.Add(authtoken);
                            user = service.SaveOrUpdate(user);
                        }

                        FormsAuthentication.SignIn(user.Id.ToString(), false);

                        return(Redirect(returnUrl ?? VirtualPathUtility.ToAbsolute("~/")));

                    case AuthenticationStatus.Canceled:
                        ViewData.ModelState.AddModelError("openid_identifier", "Canceled at provider");
                        break;

                    case AuthenticationStatus.Failed:
                        ViewData.ModelState.AddModelError("openid_identifier", response.Exception);
                        break;
                    }
                }
            }
            catch (RulesException rulesException)
            {
                foreach (var error in rulesException.Errors)
                {
                    ViewData.ModelState.AddModelError(error.PropertyName, error.ErrorMessage);
                }
            }
            // If we're to this point, login didn't complete successfully.
            // Show the LogOn view again to show the user any errors and
            // give another chance to complete login.
            return(View("LogOn"));
        }