private IUser ValidateLogonFacebook(LoginFB login, out string Hash) { Hash = string.Empty; ApplicationRecord apprecord = _applicationsService.GetApplicationByKey(login.ApiKey); if (apprecord == null) { return(null); // wrong cloudbast application id } DebugFB debuginfo = FBHelper.GetDebugInfo(login.Token, apprecord); if (!debuginfo.isValid) { return(null); // access token is not valid } if (debuginfo.Application != apprecord.Name || debuginfo.AppId != apprecord.fbAppKey) { return(null); // access token for another application } string email = login.Username; var lowerEmail = email == null ? "" : email.ToLowerInvariant(); // load user with FBemail IUser user = _orchardServices.ContentManager.Query <UserPart, UserPartRecord>().Where(u => u.Email == lowerEmail).List().FirstOrDefault(); UserProfilePart profile = null; if (user == null) { var fb = new FacebookClient(login.Token); dynamic me = fb.Get("me"); // since everything is correct, we have to create a new user var registrationSettings = _orchardServices.WorkContext.CurrentSite.As <RegistrationSettingsPart>(); if (registrationSettings.UsersCanRegister) { // create a user with random password user = _membershipService.CreateUser(new CreateUserParams(lowerEmail, Guid.NewGuid().ToString(), lowerEmail, null, null, true)) as UserPart; // add facebook fields profile = user.As <UserProfilePart>(); profile.FBemail = lowerEmail; profile.FBtoken = login.Token; profile.FirstName = me.first_name; profile.LastName = me.last_name; } } else { profile = user.As <UserProfilePart>(); profile.FBemail = lowerEmail; profile.FBtoken = login.Token; } Hash = _loginsService.CreateHash(profile, apprecord); _profileService.CreateUserForApplicationRecord(profile, apprecord); _orchardServices.WorkContext.HttpContext.Session["doticca_aid"] = apprecord.Id; return(user); }
public HttpResponseMessage LoginFacebook(LoginFB login) { string Hash = string.Empty; IUser user = ValidateLogonFacebook(login, out Hash); if (user == null) { return(Request.CreateResponse(HttpStatusCode.Unauthorized, new uError("User not authorized", 401))); } _authenticationService.SignIn(user, false); _userEventHandler.LoggedIn(user); Contrib.Foundation.UserProfile.OData.Profile profile = new Contrib.Foundation.UserProfile.OData.Profile(user, Request, Hash); return(Request.CreateResponse(HttpStatusCode.OK, profile)); }