public MemberDomain CreateNewMemberDomain(string domainName, string orderItemId) { var memberDomain = new MemberDomain(); memberDomain.DomainName = domainName; memberDomain.AdminDomainContactId = DomainDefaults(domainName).AdminDomainContactId; memberDomain.BillingDomainContactId = DomainDefaults(domainName).BillingDomainContactId; memberDomain.OwnerDomainContactId = DomainDefaults(domainName).OwnerDomainContactId; memberDomain.TechDomainContactId = DomainDefaults(domainName).TechDomainContactId; memberDomain.RenewalMode = DomainDefaults(domainName).RenewalMode; memberDomain.TransferMode = DomainDefaults(domainName).TransferMode; memberDomain.PrivacyProtection = DomainDefaults(domainName).PrivacyProtection; memberDomain.NameServers = DomainDefaults(domainName).NameServers; memberDomain.AuthInfo = Utility.CreatePassword(6).ToLowerInvariant() + "!1Fbs"; memberDomain.Save(); MemberProduct memberProduct = new MemberProduct(); memberProduct.OrderItemId = orderItemId; memberProduct.Id = memberDomain.Id; memberProduct.InsertDate = Provider.Database.Now; memberProduct.MemberId = this.Id; memberProduct.Name = domainName; Provider.Database.Insert("MemberProduct", memberProduct); return(memberDomain); }
public string GetOrderStatus(string orderReference) { OrderItem oi = Provider.Database.Read <OrderItem>("Id={0}", orderReference); if (oi == null) { throw new APIException("OrderItem not found. refNo: " + orderReference); } MemberProduct mp = Provider.Database.Read <MemberProduct>("OrderItemId = {0}", oi.Id); if (mp == null) { throw new APIException("Critical error: OrderItem exists but MemberProduct doesn't, for orderItem : " + oi.Id); } MemberDomain md = Provider.Database.Read <MemberDomain>("Id = {0}", mp.Id); if (md == null) { throw new APIException("Critical error: MemberProduct exists but MemberDomain doesn't, for memberProduct : " + mp.Id); } if (mp.MemberId != Provider.CurrentMember.Id) { throw new APIException("GetOrderStatus request can only be send by the domain owner"); } return(md.RegistryStatus); }
public bool UpdateDomainNameServers(ReqUpdateDomainNameServers req) { MemberDomain md = Provider.Database.Read <MemberDomain>("DomainName = {0}", req.DomainName); if (md == null) { throw new APIException("Domain name not found: " + req.DomainName); } MemberProduct mp = Provider.Database.Read <MemberProduct>("Id = {0}", md.Id); if (mp == null) { throw new APIException("Critical error: MemberDomain exists but MemberProduct doesn't, for domain : " + req.DomainName); } if (mp.MemberId != Provider.CurrentMember.Id) { throw new APIException("Creditentials not authorized for this domain: " + req.DomainName); } EppAPI eppApi = new EppAPI(); var res = eppApi.HostCheck(new DealerSafe.DTO.Epp.Request.ReqHostCheck { DomainName = req.DomainName, HostNames = req.NameServers }); foreach (var hostInfo in res.HostInfos) { if (hostInfo.Available) { var res2 = eppApi.HostCreate(new DealerSafe.DTO.Epp.Request.ReqHostCreate { DomainName = req.DomainName, HostName = hostInfo.HostName }); } } var res3 = eppApi.DomainUpdate(new DealerSafe.DTO.Epp.Request.ReqDomainUpdate { Rem = new Epp.Protocol.Domains.DomainAddRemType { NameServers = new Epp.Protocol.Domains.NameServerList(md.NameServers.SplitWithTrim(',').Select(ns => new NameServerInfo { HostName = ns })) }, Add = new Epp.Protocol.Domains.DomainAddRemType { NameServers = new Epp.Protocol.Domains.NameServerList(req.NameServers.Select(ns => new NameServerInfo { HostName = ns })) }, DomainName = req.DomainName }); return(true); }
public bool CancelOrderAndRefund(string orderReference) { OrderItem oi = Provider.Database.Read <OrderItem>("Id={0}", orderReference); if (oi == null) { throw new APIException("OrderItem not found. refNo: " + orderReference); } MemberProduct mp = Provider.Database.Read <MemberProduct>("OrderItemId = {0}", oi.Id); if (mp == null) { throw new APIException("Critical error: OrderItem exists but MemberProduct doesn't, for orderItem : " + oi.Id); } if (mp.MemberId != Provider.CurrentMember.Id) { throw new APIException("Cancellation and refund request can only be send by the domain owner"); } MemberDomain md = Provider.Database.Read <MemberDomain>("Id = {0}", mp.Id); if (md == null) { throw new APIException("Critical error: MemberProduct exists but MemberDomain doesn't, for memberProduct : " + mp.Id); } if (mp.StartDate < Provider.Database.Now.AddDays(-5)) { throw new APIException("You can cancel your domain and refund in the first 5 days of your domain registration."); } var job = new Job { Command = JobCommands.DomainCancel, Executer = JobExecuters.Machine, RelatedEntityId = oi.Id, RelatedEntityName = "OrderItem", StartDate = Provider.Database.Now, State = JobStates.NotStarted }; job.Save(); return(true); }
public string SaveMemberDomain(MemberDomainInfo req) { MemberDomain md = new MemberDomain(); req.CopyPropertiesWithSameName(md); md.Id = req.DomainName.Trim(); Provider.Database.Insert("MemberDomain", md); MemberProduct mp = new MemberProduct(); req.CopyPropertiesWithSameName(mp); mp.Id = md.Id; Provider.Database.Insert("MemberProduct", mp); return md.Id; }
private JobStates domainCancel(Job job) { OrderItem oi = Provider.Database.Read <OrderItem>("Id={0}", job.RelatedEntityId); if (oi == null) { throw new APIException("OrderItem not found. refNo: " + job.RelatedEntityId); } MemberProduct mp = Provider.Database.Read <MemberProduct>("OrderItemId = {0}", oi.Id); if (mp == null) { throw new APIException("Critical error: OrderItem exists but MemberProduct doesn't, for orderItem : " + oi.Id); } MemberDomain md = Provider.Database.Read <MemberDomain>("Id = {0}", mp.Id); if (md == null) { throw new APIException("Critical error: MemberProduct exists but MemberDomain doesn't, for memberProduct : " + mp.Id); } if (mp.StartDate < Provider.Database.Now.AddDays(-5)) { throw new APIException("You can cancel your domain and refund in the first 5 days of your domain registration."); } var eppApi = new EppAPI(); eppApi.DomainDelete(new DealerSafe.DTO.Epp.Request.ReqDomainDelete { DomainName = md.DomainName }); md.Delete(); mp.Delete(); oi.Cancel(); return(JobStates.Done); }
public ActionResult Register(string Name, string Email, string Password, string Confirmation, string ReturnUrl, List<ProfileFieldInfo> FieldInfo, string RequestID, string SessionID, int TimeZoneOffset) { AppParams.RefreshAppParameters(); string AfterSingUpRedirectUrl = ""; if (AppSession.Parameters.RegistrationSelfRegistration.Value == "false") { if (AppSession.IsMemberInAdminRole) { } else { if (ReturnUrl == null || ReturnUrl.Trim().Length == 0) ReturnUrl = (ReturnUrl != null && ReturnUrl.Length > 0) ? ReturnUrl : ((AppSession.Parameters.RulesRedirectAfterLogin.Value != null && AppSession.Parameters.RulesRedirectAfterLogin.Value.Length > 0) ? AppSession.Parameters.RulesRedirectAfterLogin.Value : Url.Content("~/")); AuditEvent.AppEventError(AppSession.Parameters.GeneralAdminEmail.Value, "Somebody tries to Register notification but it was switched off. ", AuditEvent.GetSessionDetails()); return new RedirectResult(ReturnUrl); } } RequestResultModel _model = new RequestResultModel(); if (AppSession.IsEmail(Name)) { _model.Message += String.Format("<li>{0}</<li>", GetLabel("Account.CreateAccount.NameLooksLikeEmail")); } if (Name == null || Name.Trim().Length == 0 || ((Password == null || Password.Trim().Length == 0)) || Email == null || Email.Trim().Length == 0 || Password != Confirmation || !AppSession.IsEmail(Email) || (Password != null && Password.Length > 0 && Password.Length <=3) || (Confirmation != null && Confirmation.Length > 0 && Confirmation.Length <=3)) { if (Name == null || Name.Trim().Length == 0) _model.Message += String.Format("<li>{0}</<li>", GetLabel("Account.CreateAccount.NameIsEmpty")); if ((Password == null || Password.Trim().Length == 0)) _model.Message += String.Format("<li>{0}</<li>", GetLabel("Account.CreateAccount.PasswordIsEmty")); if (Email == null || Email.Trim().Length == 0) _model.Message += String.Format("<li>{0}</<li>", GetLabel("Account.CreateAccount.EmailIsEmpty")); if (Email != null && !AppSession.IsEmail(Email)) _model.Message += String.Format("<li>{0}</<li>", GetLabel("Account.CreateAccount.EmailWrongFromat")); if (Password != Confirmation) _model.Message += String.Format("<li>{0}</<li>", GetLabel("Account.CreateAccount.PasswordNoMatch")); if ((Password != null && Password.Length > 0 && Password.Length < AppSession.PasswordMaxLength) || (Confirmation != null && Confirmation.Length > 0 && Confirmation.Length < AppSession.PasswordMaxLength)) { _model.Message += String.Format("<li>{0}</<li>", String.Format(GetLabel("Account.CreateAccount.PasswordLength"), AppSession.PasswordMaxLength)); } } // Check mandatory fields if (FieldInfo != null) { foreach (ProfileFieldInfo Field in FieldInfo) { ProfileField profileField = ProfileFields.GetBy(int.Parse(Field.ID)); if (profileField.IsMandatory == 1 && (Field.Value == null || Field.Value.Trim().Length == 0)) { _model.Message += String.Format("<li>{0}</li>", String.Format(GetLabel("Account.CreateAccount.Mandatory"), profileField.FieldName)); } if (profileField.IsMandatory == 1 && profileField.FieldTypeID == ProfileFieldTypeEnum.CheckBox && Field.Value != null && Field.Value.ToLower() == "false") { _model.Message += String.Format("<li>{0}</li>", String.Format(GetLabel("Account.CreateAccount.Mandatory"), profileField.FieldName)); } } } bool nonAlphaNumeric = Name.Replace(" ", "").All(c => char.IsLetterOrDigit(c)); if (!nonAlphaNumeric) { _model.Message += String.Format("<li>{0}</<li>", GetLabel("Account.CreateAccount.NameNonAlfaNum")); } if (_model.Message.Length > 0) { _model.Message = String.Format("<ul class=\"error-message-list\">{0}</ul>", _model.Message); _model.InfoType = RequestResultInfoType.ErrorOrDanger; return Json(new { Status = RequestResultInfoType.ErrorOrDanger, NotifyType = NotifyType.DialogInline, Html = this.RenderPartialView(@"_RequestResultDialogInLine", _model) }, JsonRequestBehavior.AllowGet); } // Check email format if (!AppSession.IsEmail(Email)) { _model.Title = GetLabel("Account.Controller.Warning"); _model.Message = GetLabel("Account.Controller.WrongEmail"); _model.InfoType = RequestResultInfoType.ErrorOrDanger; AuditEvent.AppEventError(AppParams.GeneralAdminEmail.Value, String.Format(AuditEvent.AccountWrongEmail, Name, Email)); } else { if (!AppSession.IsMailDomainAllowed(Email)) { _model.Title = GetLabel("Account.Controller.Warning"); _model.Message = GetLabel("Account.Controller.DomainNotAllowed"); _model.InfoType = RequestResultInfoType.ErrorOrDanger; AuditEvent.AppEventError(AppParams.GeneralAdminEmail.Value, String.Format(AuditEvent.AccountDomainNotAllowed, Name, Email)); } else { Member Member = Members.GetByEmailOrName(Email, Name); if (Member.MemberID > 0) { _model.Title = GetLabel("Account.Controller.Warning"); _model.Message = GetLabel("Account.Controller.AccountExists"); _model.InfoType = RequestResultInfoType.ErrorOrDanger; AuditEvent.AppEventError(AppParams.GeneralAdminEmail.Value, String.Format(AuditEvent.AccountAccountExists, Name, Email)); } else { // Was account activated ? // Was account blocked ? Member member = new Logic.Objects.Member(); member.Name = Name; member.Email = Email; member.Password = Password; member.IsBuiltIn = false; member.Created = DateTime.UtcNow; member.Save(); try { string ActivateToken = Web.Admin.Logic.StringTool.RandomString(20); if (!SendActivationEmail(Name, Email, ActivateToken)){ throw new Exception("Creating an account notification e-mail has not been send!"); } ActionToken actionToken = new ActionToken(); actionToken.Email = Email; actionToken.Token = HttpUtility.UrlDecode(ActivateToken); actionToken.ActionType = ActionTokenTypes.SelfActivation; actionToken.ReturnURL = AppSession.ReturnUrl != null ? AppSession.ReturnUrl : ( AppSession.Parameters.RulesRedirectAfterLogout.Value != "" ? AppSession.Parameters.RulesRedirectAfterLogout.Value : "") ; actionToken.Save(); if (member.MemberID > 0) { string[] RoleNames = AppParams.RegistrationMemberRegistrationToRoles.Value.Split(new char[] { ';' }, StringSplitOptions.RemoveEmptyEntries); foreach (String RoleName in RoleNames) { Role role = Web.Admin.Logic.Collections.Roles.GetBy(RoleName.Trim()); if (role.RoleID > 0) { MemberRole memberrole = new MemberRole(); memberrole.MemberID = member.MemberID; memberrole.RoleID = role.RoleID; memberrole.Save(); } } } if (FieldInfo != null) { foreach (ProfileFieldInfo Field in FieldInfo) { ProfileField profileField = ProfileFields.GetBy(int.Parse(Field.ID)); MemberProfileField memberProfileField = new MemberProfileField(); memberProfileField.MemberID = member.MemberID; memberProfileField.FieldID = int.Parse(Field.ID); memberProfileField.FieldValue = Field.Value; if (Field.Value == null || Field.Value.Trim().Length == 0) memberProfileField.Delete(); else memberProfileField.Save(); } } Domain _domain = Domains.GetByName(AppSession.SignUpDomain); if (_domain.DomainID > 0) { MemberDomain _memberDomain = new MemberDomain(); _memberDomain.DomainID = _domain.DomainID; _memberDomain.MemberID = member.MemberID; _memberDomain.Save(); } if (AppSession.Parameters.RulesRedirectAfterSignUp.Value != null && AppSession.Parameters.RulesRedirectAfterSignUp.Value.Length > 0) AfterSingUpRedirectUrl = AppSession.Parameters.RulesRedirectAfterSignUp.Value; _model.Title = GetLabel("Account.Controller.Congrat"); _model.Message = GetLabel("Account.Controller.ActivationMailSent"); _model.InfoType = RequestResultInfoType.Success; AuditEvent.AppEventSuccess(AppParams.GeneralAdminEmail.Value, String.Format(AuditEvent.AccountActivationMailSent, Name, Email)); } catch (Exception ex) { try { // Try to delete member if notification was failed. member.Delete(); } catch { } _model.Title = GetLabel("Account.Controller.Warning"); _model.Message = GetLabel("Account.Controller.CantSendNotification"); _model.InfoType = RequestResultInfoType.ErrorOrDanger; AuditEvent.AppEventError(Email ,"Registration: Something went wrong with e-mail notification: " + ex.Message, AuditEvent.GetSessionDetails(ex.StackTrace),true); } } } } return Json(new { Status = _model.InfoType, RedirectTo = AfterSingUpRedirectUrl, NotifyType = NotifyType.DialogInline, Html = this.RenderPartialView(@"_RequestResultDialogInLine", _model) }, JsonRequestBehavior.AllowGet); }
public ActionResult AuthTwitter() { // http://stackoverflow.com/questions/3599621/is-there-a-way-to-get-an-users-email-id-after-verifying-her-twitter-identity-us TwitterConsumer.TwitterConsumerKey = AppSession.Parameters.SocialTwitterConsumerKey.Value; TwitterConsumer.TwitterConsumerSecret = AppSession.Parameters.SocialTwitterConsumerSecret.Value; String RedirectTo = ""; if (TwitterConsumer.IsTwitterConsumerConfigured) { string screenName; int userId; string AccessToken; if (TwitterConsumer.TryFinishSignInWithTwitter(out screenName, out userId, out AccessToken)) { // In a real app, the Twitter username would likely be used // to log the user into the application. String memberName = String.Format("{0}@twitter.com",screenName); Member member = Members.GetByEmail(memberName); if (member.MemberID <= 0) { member.Name = screenName; member.Email = memberName; member.Password = StringTool.RandomString(24); member.TimeZoneID = ""; member.Save(); MemberSocialNetwork memberNetwork = new MemberSocialNetwork(); memberNetwork.MemberID = member.MemberID; memberNetwork.SocialNetworkID = 2; memberNetwork.SocialNetworkUserID = userId.ToString(); memberNetwork.SocialNetworkUserEmail = ""; memberNetwork.SocialNetworkUserName = screenName; memberNetwork.AccessToken = AccessToken; memberNetwork.Save(); if (member.MemberID > 0) { string[] RoleNames = AppParams.SocialTwitterRoles.Value.Split(new char[] { ';' }, StringSplitOptions.RemoveEmptyEntries); foreach (String RoleName in RoleNames) { Role role = Web.Admin.Logic.Collections.Roles.GetBy(RoleName.Trim()); if (role.RoleID > 0) { MemberRole memberrole = new MemberRole(); memberrole.MemberID = member.MemberID; memberrole.RoleID = role.RoleID; memberrole.Save(); } } } } else { member.UpdateLoginTime(); MemberSocialNetwork memberNetwork = MemberSocialNetworks.GetByMemberID(member.MemberID, 2, userId.ToString()); memberNetwork.SocialNetworkID = 2; memberNetwork.SocialNetworkUserID = userId.ToString(); memberNetwork.SocialNetworkUserEmail = ""; memberNetwork.SocialNetworkUserName = screenName; memberNetwork.AccessToken = AccessToken; if (memberNetwork.MemberID <= 0) { memberNetwork.MemberID = member.MemberID; memberNetwork.Save(); } else memberNetwork.UpdateAccessToken(); } Domain _domain = Domains.GetByName(AppSession.SignUpDomain); if (_domain.DomainID > 0) { MemberDomain _memberDomain = new MemberDomain(); _memberDomain.DomainID = _domain.DomainID; _memberDomain.MemberID = member.MemberID; _memberDomain.Save(); } RedirectTo = SignInMember(memberName, member, false, "", "SSI via Twitter."); } else { return TwitterConsumer.StartSignInWithTwitter(true).AsActionResultMvc5(); } } return new RedirectResult(RedirectTo); }
private ActionResult AuthYahoo() { String RedirectTo = ""; OpenIdRelyingParty OpenID = new OpenIdRelyingParty(); var response = OpenID.GetResponse(); if (response == null) { //Let us submit the request to OpenID provider string OpenidIdentifier = "http://me.yahoo.com/"; Identifier ID; if (Identifier.TryParse(OpenidIdentifier, out ID)) { var request = OpenID.CreateRequest(OpenidIdentifier); var fetch = new FetchRequest(); fetch.Attributes.Add(new AttributeRequest(WellKnownAttributes.Contact.Email, true)); fetch.Attributes.Add(new AttributeRequest(WellKnownAttributes.Name.First, true)); fetch.Attributes.Add(new AttributeRequest(WellKnownAttributes.Name.Middle, true)); fetch.Attributes.Add(new AttributeRequest(WellKnownAttributes.Name.Last, true)); fetch.Attributes.Add(new AttributeRequest(WellKnownAttributes.Name.FullName, true)); request.AddExtension(fetch); return request.RedirectingResponse.AsActionResultMvc5(); } throw new Exception(GetLabel("Account.SignIn.InvalidID")); } else { //Let us check the response switch (response.Status) { case AuthenticationStatus.Authenticated: { String MyOpenID = response.ClaimedIdentifier; //check if user exist var fetch = response.GetExtension<FetchResponse>(); string email = String.Empty; string firstName = String.Empty; string lastName = String.Empty; string fullName = String.Empty; if (fetch != null) { email = fetch.GetAttributeValue(WellKnownAttributes.Contact.Email); firstName = fetch.GetAttributeValue(WellKnownAttributes.Name.First); lastName = fetch.GetAttributeValue(WellKnownAttributes.Name.Last); fullName = fetch.GetAttributeValue(WellKnownAttributes.Name.FullName); } // to log the user into the application. String memberName = String.Format(email); Member member = Members.GetByEmail(memberName); if (member.MemberID <= 0) { string Name = String.Format("{0} {1}", firstName, lastName); member.Name = Name != null && Name.Trim().Length > 0 ? Name : fullName; member.Email = memberName; member.Password = StringTool.RandomString(24); member.TimeZoneID = ""; member.Save(); if (member.MemberID > 0) { string[] RoleNames = AppParams.SocialYahooRoles.Value.Split(new char[] { ';' }, StringSplitOptions.RemoveEmptyEntries); foreach (String RoleName in RoleNames) { Role role = Web.Admin.Logic.Collections.Roles.GetBy(RoleName.Trim()); if (role.RoleID > 0) { MemberRole memberrole = new MemberRole(); memberrole.MemberID = member.MemberID; memberrole.RoleID = role.RoleID; memberrole.Save(); } } } } else { member.UpdateLoginTime(); } Domain _domain = Domains.GetByName(AppSession.SignUpDomain); if (_domain.DomainID > 0) { MemberDomain _memberDomain = new MemberDomain(); _memberDomain.DomainID = _domain.DomainID; _memberDomain.MemberID = member.MemberID; _memberDomain.Save(); } RedirectTo = SignInMember(memberName, member, false, "", "SSI via Yahoo."); return new RedirectResult(RedirectTo); } case AuthenticationStatus.Canceled: { throw new Exception(GetLabel("Account.SignIn.CanceledProvider")); } case AuthenticationStatus.Failed: { throw new Exception(response.Exception.Message); } } } return new EmptyResult(); }
private ActionResult AuthFacebook() { // http://developers.facebook.com/docs/reference/api/user/ // https://developers.facebook.com/docs/howtos/login/server-side-re-auth/ String RedirectTo = ""; IAuthorizationState authorization = AppSession.AppFacebookClient.ProcessUserAuthorization(Request); if (authorization == null) { // https://developers.facebook.com/docs/reference/login/#permissions var scope = new List<string>(); scope.Add("email"); scope.Add("user_likes"); scope.Add("read_stream"); scope.Add("user_online_presence"); scope.Add("read_stream"); // Kick off authorization request return AppSession.AppFacebookClient.PrepareRequestUserAuthorization().AsActionResultMvc5(); } else { var request = WebRequest.Create("https://graph.facebook.com/me?access_token=" + Uri.EscapeDataString(authorization.AccessToken) + "&fields=id,name,first_name,last_name,username,email,gender,locale,middle_name,timezone"); using (var response = request.GetResponse()) { using (var responseStream = response.GetResponseStream()) { var graph = FacebookGraph.Deserialize(responseStream); var name = HttpUtility.HtmlEncode(graph.Name); var firstName = HttpUtility.HtmlEncode(graph.FirstName); var lastName = HttpUtility.HtmlEncode(graph.LastName); // to log the user into the application. String memberName = String.Format("{0}.{1}@facebook.com", firstName, lastName); Member member = Members.GetByEmail(memberName); if (member.MemberID <= 0) { member.Name = String.Format("{0} {1}", firstName, lastName); member.Email = memberName; member.Password = StringTool.RandomString(24); member.TimeZoneID = ""; member.Save(); MemberSocialNetwork memberNetwork = new MemberSocialNetwork(); memberNetwork.MemberID = member.MemberID; memberNetwork.SocialNetworkID = 1; memberNetwork.SocialNetworkUserID = graph.Id.ToString(); //memberNetwork.SocialNetworkUserEmail = graph.Email; memberNetwork.SocialNetworkUserName = member.Name; memberNetwork.AccessToken = authorization.AccessToken; memberNetwork.Save(); if (member.MemberID > 0) { string[] RoleNames = AppParams.SocialFacebookRoles.Value.Split(new char[] { ';' }, StringSplitOptions.RemoveEmptyEntries); foreach (String RoleName in RoleNames) { Role role = Web.Admin.Logic.Collections.Roles.GetBy(RoleName.Trim()); if (role.RoleID > 0) { MemberRole memberrole = new MemberRole(); memberrole.MemberID = member.MemberID; memberrole.RoleID = role.RoleID; memberrole.Save(); } } } } else { member.UpdateLoginTime(); MemberSocialNetwork memberNetwork = MemberSocialNetworks.GetByMemberID(member.MemberID, 1, graph.Id.ToString()); memberNetwork.SocialNetworkID = 1; memberNetwork.SocialNetworkUserID = graph.Id.ToString(); //memberNetwork.SocialNetworkUserEmail = graph.Email; memberNetwork.SocialNetworkUserName = member.Name; memberNetwork.AccessToken = authorization.AccessToken; if (memberNetwork.MemberID <= 0) { memberNetwork.MemberID = member.MemberID; memberNetwork.Save(); } else memberNetwork.UpdateAccessToken(); } Domain _domain = Domains.GetByName(AppSession.SignUpDomain); if (_domain.DomainID > 0) { MemberDomain _memberDomain = new MemberDomain(); _memberDomain.DomainID = _domain.DomainID; _memberDomain.MemberID = member.MemberID; _memberDomain.Save(); } RedirectTo = SignInMember(memberName, member, false, "", "SSI via Facebook."); return new RedirectResult(RedirectTo); } } } // return new EmptyResult(); }
public bool Authenticate(ref String Email, String Password) { bool LDAPAuthSuccess = false; bool IsClassicAuth = AppSession.Parameters.LDAPUseOnly.Value == "false"; bool IsLDAPAuth = AppSession.Parameters.LDAPEnabled.Value == "true"; //LDAP Auth if (AppSession.Parameters.LDAPEnabled.Value == "true" && Email.IndexOf("@"+AppSession.Parameters.LDAPDomain.Value) > 0) { LDAPTools ldapTools = new LDAPTools(); ldapTools.UserName = Email; ldapTools.Password = Password; ldapTools.DirectoryPath = AppSession.Parameters.LDAPPath.Value; if (ldapTools.Authenticate()) { LDAPAuthSuccess = true; string memberName = ldapTools.MemberInfo.DisplayName; string memberAllGroups = ldapTools.GetGroups(); /////////////////////////////////////////////////////////////////////////////////////////////////////////// // The member email will be changed because the first part of e-mail can be different with user network id. /////////////////////////////////////////////////////////////////////////////////////////////////////////// Email = ldapTools.MemberInfo.Email; Member memberNew = Members.GetByEmail(Email); if (memberNew.MemberID <= 0) { memberNew.Name = memberName; memberNew.Email = Email; memberNew.Password = StringTool.RandomString(80); memberNew.IsBuiltIn = false; memberNew.Created = DateTime.UtcNow; memberNew.Save(); string Message = String.Format("LDAP member added: {0} {1}", memberName, Email); AuditEvent.AppEventInfo(AppSession.Parameters.GeneralAdminEmail.Value, Message , null, true); // Add signin/sign up domain. Domain _domain = Domains.GetByName(AppSession.SignUpDomain); if (_domain.DomainID > 0) { MemberDomain _memberDomain = new MemberDomain(); _memberDomain.DomainID = _domain.DomainID; _memberDomain.MemberID = memberNew.MemberID; _memberDomain.Save(); } // Create LDAP settings roles if (AppSession.Parameters.LDAPAddToRoles.Value != null && AppSession.Parameters.LDAPAddToRoles.Value.Length > 0) { string[] memberRoles = AppSession.Parameters.LDAPAddToRoles.Value.Split(new string[] { ";" }, StringSplitOptions.RemoveEmptyEntries); foreach (string memberRole in memberRoles) { Web.Admin.Logic.Objects.Role _role = Web.Admin.Logic.Collections.Roles.GetBy(memberRole); if (_role.RoleID > 0) { MemberRole _memberRole = new MemberRole(); _memberRole.MemberID = memberNew.MemberID; _memberRole.RoleID = _role.RoleID; _memberRole.Save(); } } } } // Create LDAP specific roles if (memberAllGroups != null && memberAllGroups.Length > 0 && AppSession.Parameters.LDAPAddRoleGroup.Value == "true") { string[] memberGroups = memberAllGroups.Split(new string[] { "|" }, StringSplitOptions.RemoveEmptyEntries); foreach (string memberGroup in memberGroups) { Web.Admin.Logic.Objects.Role _role = Web.Admin.Logic.Collections.Roles.GetBy(memberGroup); if (_role.RoleID <= 0) { _role.Name = memberGroup; _role.Settings = "LDAP role reflection. Keep key word: [LDAP-Auto-Role] to be synchronized."; _role.BackColor = "6bbb54"; _role.ForeColor = "ffffff"; _role.Save(); string Message = String.Format("LDAP role added: {0}", _role.Name); AuditEvent.AppEventInfo(AppSession.Parameters.GeneralAdminEmail.Value, Message, null, true); }; if (_role.RoleID > 0) { MemberRole _memberRole = new MemberRole(); _memberRole.MemberID = memberNew.MemberID; _memberRole.RoleID = _role.RoleID; _memberRole.Save(); } } } // Synchronize members roles with LDAP [LDAP-Auto-Role] key words. List<Role> _roles = Web.Admin.Logic.Collections.Roles.GetByMemberKeyWordInDescription(memberNew.MemberID, "[LDAP-Auto-Role]"); string[] _groups = memberAllGroups.Split(new string[] { "|" }, StringSplitOptions.RemoveEmptyEntries); foreach (Web.Admin.Logic.Objects.Role _role in _roles) { if (_groups != null && _groups.Length > 0) { if (_groups.Where(t => t.Trim().ToLower() == _role.Name.Trim().ToLower()).FirstOrDefault() == default(String)) { Web.Admin.Logic.Objects.Role removeRoleFromUser = Web.Admin.Logic.Collections.Roles.GetBy(_role.Name); MemberRole _memberRole = new MemberRole(); _memberRole.MemberID = memberNew.MemberID; _memberRole.RoleID = removeRoleFromUser.RoleID; _memberRole.Delete(); } } else { MemberRole _memberRole = new MemberRole(); _memberRole.MemberID = memberNew.MemberID; _memberRole.RoleID = _role.RoleID; _memberRole.Delete(); } } } } //Classic Auth Member member = Members.GetByEmail(Email); if (member.MemberID > 0) { if ( (IsLDAPAuth && LDAPAuthSuccess) || (IsClassicAuth && Member.ComputePasswordHash(Password) == member.Password) ) { MemberAttempt Attempt = MemberAttempts.GetTodayLoginPasswordFail(member.MemberID); if (Attempt.AttemptID > 0) { Attempt.IsAttemptValid = 0; Attempt.Save(); } // Add signin/sign up domain. Domain _domain = Domains.GetByName(AppSession.SignUpDomain); if (_domain.DomainID > 0) { MemberDomain _memberDomain = new MemberDomain(); _memberDomain.DomainID = _domain.DomainID; _memberDomain.MemberID = member.MemberID; _memberDomain.Save(); } member.UpdateLoginTime(); return true; } else { MemberAttempt Attempt = MemberAttempts.GetTodayLoginPasswordFail(member.MemberID); if (Attempt.MemberID <= 0) { Attempt.MemberID = member.MemberID; Attempt.AttemptType = MemberAttemptTypes.LoginPasswordFailed; Attempt.IsAttemptValid = 1; } if (Attempt.Attempts > 0) Attempt.Attempts++; else Attempt.Attempts = 1; Attempt.Save(); if (AppSession.Parameters.RulesPasswordFailedRoles.Value != null && AppSession.Parameters.RulesPasswordFailedRoles.Value.Length > 0 && !AppSession.IsMemberInAdminRole) { Parameter Param = AppSession.Parameters.RulesPasswordFailedAttempts; long value = -1; bool result = long.TryParse(Param.Value, out value); if (result && value > 0 && Attempt.Attempts >= value) { string[] RoleNames = AppSession.Parameters.RulesPasswordFailedRoles.Value.Split(new char[] { ';' }, StringSplitOptions.RemoveEmptyEntries); foreach (String RoleName in RoleNames) { Role role = Web.Admin.Logic.Collections.Roles.GetBy(RoleName); if (role.RoleID > 0) { MemberRole memberrole = new MemberRole(); memberrole.MemberID = member.MemberID; memberrole.RoleID = role.RoleID; memberrole.Save(); } } } } return false; } } else return false; }
public JsonResult SaveMember(MemberInfo Info) { RequestResultModel _model = new RequestResultModel(); _model.InfoType = RequestResultInfoType.ErrorOrDanger; _model.Message = ""; Member member = null; if (AppSession.IsEmail(Info.Name)) { _model.Message += String.Format("<li>{0}</<li>", "The member's name looks like an e-mail address. Please change it."); } if (Info.Name == null || Info.Name.Trim().Length == 0 || ((Info.Password == null || Info.Password.Trim().Length == 0 ) && Info.MemberID == 0) || Info.Email == null || Info.Email.Trim().Length == 0 || Info.Password != Info.Confirmation || !AppSession.IsEmail(Info.Email)) { if (Info.Name == null || Info.Name.Trim().Length == 0) _model.Message += String.Format("<li>{0}</li>","Name is empty. Please, enter member name."); if ((Info.Password == null || Info.Password.Trim().Length == 0) && Info.MemberID == 0) _model.Message += String.Format("<li>{0}</li>","Password is empty. Please, enter member password."); if (Info.Email == null || Info.Email.Trim().Length == 0) _model.Message += String.Format("<li>{0}</li>","Email is empty. Please, enter member email."); if (Info.Email!= null && !AppSession.IsEmail(Info.Email)) _model.Message += String.Format("<li>{0}</li>","Email has wrong format. Please, check it."); if (Info.Password != Info.Confirmation) _model.Message += String.Format("<li>{0}</li>","Password does not match confirmation. Please, check it."); Member Member = Web.Admin.Logic.Collections.Members.GetBy(Info.MemberID); AuditEvent.AppEventWarning(Profile.Member.Email, String.Format(AuditEvent.SavingMemberInfo, Member.Name, Member.Email, _model.Message)); } // Check mandatory fields if (Info.FieldInfo != null) { foreach (ProfileFieldInfo Field in Info.FieldInfo) { ProfileField profileField = ProfileFields.GetBy(int.Parse(Field.ID)); if (profileField.IsMandatory == 1 && (Field.Value == null || Field.Value.Trim().Length == 0)) { _model.Message += String.Format("<li>{0}</li>", String.Format(GetLabel("Account.CreateAccount.Mandatory"), profileField.FieldName)); } if (profileField.IsMandatory == 1 && profileField.FieldTypeID == ProfileFieldTypeEnum.CheckBox && Field.Value != null && Field.Value.ToLower() == "false") { _model.Message += String.Format("<li>{0}</li>", String.Format(GetLabel("Account.CreateAccount.Mandatory"), profileField.FieldName)); } } } bool nonAlphaNumeric = Info.Name.Replace(" ", "").All(c => char.IsLetterOrDigit(c)); if (!nonAlphaNumeric) { _model.Message += String.Format("<li>{0}</<li>", "The name contains non-alpha numeric characters (#@!$ etc...). Please change it."); } if (_model.Message.Length > 0) { _model.Message = String.Format("<ul class=\"error-message-list\">{0}</ul>", _model.Message); _model.InfoType = RequestResultInfoType.ErrorOrDanger; return Json(new { Status = RequestResultInfoType.ErrorOrDanger, NotifyType = NotifyType.DialogInline, Html = this.RenderPartialView(@"_RequestResultDialogInLine", _model) }, JsonRequestBehavior.AllowGet); } if (Info.MemberID > 0) member = Web.Admin.Logic.Collections.Members.GetBy(Info.MemberID); Member existsMember = Web.Admin.Logic.Collections.Members.GetByEmailOrName(Info.Email.Trim(), Info.Name.Trim()); if (Info.MemberID <= 0 && existsMember.MemberID > 0) { _model.Title = "Warning"; _model.InfoType = RequestResultInfoType.ErrorOrDanger; _model.Message = String.Format("Member \"{0}\" <{1}> already exists. Please, change member email and try again.", existsMember.Name, existsMember.Email); AuditEvent.AppEventWarning(Profile.Member.Email, _model.Message); return Json(new { NotifyType = NotifyType.DialogInline, Html = this.RenderPartialView(@"_RequestResultDialogInLine", _model) }, JsonRequestBehavior.AllowGet); } else if (Info.MemberID > 0) { if (existsMember.MemberID > 0 && Info.MemberID != existsMember.MemberID) { _model.Title = "Warning"; _model.InfoType = RequestResultInfoType.ErrorOrDanger; _model.Message = String.Format("Member \"{0}\" <{1}> already exists. Please, change member email and try again.", existsMember.Name, existsMember.Email); AuditEvent.AppEventWarning(Profile.Member.Email, _model.Message); return Json(new { NotifyType = NotifyType.DialogInline, Html = this.RenderPartialView(@"_RequestResultDialogInLine", _model) }, JsonRequestBehavior.AllowGet); } if (!member.IsBuiltIn) { member.Name = Info.Name; member.IsBuiltIn = false; } else { member.IsBuiltIn = true; } member.Email = Info.Email; member.Password = Info.Password; member.TimeZoneID = Info.TimeZoneID; member.Save(); if (member.Password != null && member.Password.Length > 0){ member.SavePassword(); } if (Info.FieldInfo != null) { List<MemberProfileField> memberProfileFields = MemberProfileFields.GetByMember(member.MemberID); foreach (ProfileFieldInfo Field in Info.FieldInfo) { ProfileField profileField = ProfileFields.GetBy(int.Parse(Field.ID)); MemberProfileField memberProfileField = MemberProfileFields.GetField(memberProfileFields, int.Parse(Field.ID)); if (profileField.Encrypted == 1 && memberProfileField.FieldValue != null && memberProfileField.FieldValue.Length > 0) { memberProfileField.FieldValue = Encryptor.DecryptStringAES(memberProfileField.FieldValue, AppSession.EncryptionKey); } if (memberProfileField != null) { memberProfileField.MemberID = member.MemberID; memberProfileField.FieldID = int.Parse(Field.ID); memberProfileField.FieldValue = Field.Value != null ? Field.Value.Trim() : Field.Value; if (profileField.Encrypted == 1 && memberProfileField.FieldValue != null && memberProfileField.FieldValue.Length > 0) { memberProfileField.FieldValue = Encryptor.EncryptStringAES(memberProfileField.FieldValue, AppSession.EncryptionKey); } memberProfileField.Save(); } } } List<Domain> _domains = Domains.Get(); foreach (Domain _domain in _domains) { MemberDomain _memberDomain = new MemberDomain(); _memberDomain.DomainID = _domain.DomainID; _memberDomain.MemberID = member.MemberID; if (Info.Domains != null) { if (Info.Domains.Where(t => t == _domain.DomainID).FirstOrDefault() != default(int)) _memberDomain.Save(); else _memberDomain.Delete(); } else _memberDomain.Delete(); } _model = new RequestResultModel(); _model.Message = String.Format("\"{0}\"<{1}> has been updated.",member.Name,member.Email); _model.HideInSeconds = 2000; AuditEvent.AppEventSuccess(Profile.Member.Email, _model.Message); return Json(new { NotifyType = NotifyType.PageInline, Html = this.RenderPartialView(@"_RequestResultPageInLine", _model) }, JsonRequestBehavior.AllowGet); } else { Member memberExists = Web.Admin.Logic.Collections.Members.GetByEmail(Info.Email); if (memberExists.MemberID > 0) { _model.Title = "Warning"; _model.InfoType = RequestResultInfoType.ErrorOrDanger; _model.Message = String.Format("\"{0}\" <{1}> already exists. Please, change member email and try again.", memberExists.Name, memberExists.Email); AuditEvent.AppEventWarning(Profile.Member.Email, _model.Message); return Json(new { NotifyType = NotifyType.DialogInline, Html = this.RenderPartialView(@"_RequestResultDialogInLine", _model) }, JsonRequestBehavior.AllowGet); } Member Member = new Member(); Member.Name = Info.Name; Member.Email = Info.Email; Member.Password = Info.Password; Member.IsBuiltIn = false; Member.TimeZoneID = Info.TimeZoneID; Member.Save(); if (Info.FieldInfo != null) { List<MemberProfileField> memberProfileFields = MemberProfileFields.GetByMember(Member.MemberID); foreach (ProfileFieldInfo Field in Info.FieldInfo) { ProfileField profileField = ProfileFields.GetBy(int.Parse(Field.ID)); MemberProfileField memberProfileField = MemberProfileFields.GetField(memberProfileFields, int.Parse(Field.ID)); memberProfileField.MemberID = member.MemberID; memberProfileField.FieldID = int.Parse(Field.ID); memberProfileField.FieldValue = Field.Value; memberProfileField.Save(); } } _model.InfoType = RequestResultInfoType.Success; _model.Message = String.Format("\"{0}\"<{1}> has been created.", Member.Name, Member.Email); AuditEvent.AppEventSuccess(Profile.Member.Email, _model.Message); return Json(new { NotifyType = NotifyType.PageInline, Html = this.RenderPartialView(@"_RequestResultPageInLine", _model), MemberID = Member.MemberID }, JsonRequestBehavior.AllowGet); } }
public bool Authenticate(ref String Email, String Password) { bool LDAPAuthSuccess = false; bool IsClassicAuth = AppSession.Parameters.LDAPUseOnly.Value == "false"; bool IsLDAPAuth = AppSession.Parameters.LDAPEnabled.Value == "true"; //LDAP Auth if (AppSession.Parameters.LDAPEnabled.Value == "true" && Email.IndexOf("@" + AppSession.Parameters.LDAPDomain.Value) > 0) { LDAPTools ldapTools = new LDAPTools(); ldapTools.UserName = Email; ldapTools.Password = Password; ldapTools.DirectoryPath = AppSession.Parameters.LDAPPath.Value; if (ldapTools.Authenticate()) { LDAPAuthSuccess = true; string memberName = ldapTools.MemberInfo.DisplayName; string memberAllGroups = ldapTools.GetGroups(); /////////////////////////////////////////////////////////////////////////////////////////////////////////// // The member email will be changed because the first part of e-mail can be different with user network id. /////////////////////////////////////////////////////////////////////////////////////////////////////////// Email = ldapTools.MemberInfo.Email; Member memberNew = Members.GetByEmail(Email); if (memberNew.MemberID <= 0) { memberNew.Name = memberName; memberNew.Email = Email; memberNew.Password = StringTool.RandomString(80); memberNew.IsBuiltIn = false; memberNew.Created = DateTime.UtcNow; memberNew.Save(); string Message = String.Format("LDAP member added: {0} {1}", memberName, Email); AuditEvent.AppEventInfo(AppSession.Parameters.GeneralAdminEmail.Value, Message, null, true); // Add signin/sign up domain. Domain _domain = Domains.GetByName(AppSession.SignUpDomain); if (_domain.DomainID > 0) { MemberDomain _memberDomain = new MemberDomain(); _memberDomain.DomainID = _domain.DomainID; _memberDomain.MemberID = memberNew.MemberID; _memberDomain.Save(); } // Create LDAP settings roles if (AppSession.Parameters.LDAPAddToRoles.Value != null && AppSession.Parameters.LDAPAddToRoles.Value.Length > 0) { string[] memberRoles = AppSession.Parameters.LDAPAddToRoles.Value.Split(new string[] { ";" }, StringSplitOptions.RemoveEmptyEntries); foreach (string memberRole in memberRoles) { Web.Admin.Logic.Objects.Role _role = Web.Admin.Logic.Collections.Roles.GetBy(memberRole); if (_role.RoleID > 0) { MemberRole _memberRole = new MemberRole(); _memberRole.MemberID = memberNew.MemberID; _memberRole.RoleID = _role.RoleID; _memberRole.Save(); } } } } // Create LDAP specific roles if (memberAllGroups != null && memberAllGroups.Length > 0 && AppSession.Parameters.LDAPAddRoleGroup.Value == "true") { string[] memberGroups = memberAllGroups.Split(new string[] { "|" }, StringSplitOptions.RemoveEmptyEntries); foreach (string memberGroup in memberGroups) { Web.Admin.Logic.Objects.Role _role = Web.Admin.Logic.Collections.Roles.GetBy(memberGroup); if (_role.RoleID <= 0) { _role.Name = memberGroup; _role.Settings = "LDAP role reflection. Keep key word: [LDAP-Auto-Role] to be synchronized."; _role.BackColor = "6bbb54"; _role.ForeColor = "ffffff"; _role.Save(); string Message = String.Format("LDAP role added: {0}", _role.Name); AuditEvent.AppEventInfo(AppSession.Parameters.GeneralAdminEmail.Value, Message, null, true); } ; if (_role.RoleID > 0) { MemberRole _memberRole = new MemberRole(); _memberRole.MemberID = memberNew.MemberID; _memberRole.RoleID = _role.RoleID; _memberRole.Save(); } } } // Synchronize members roles with LDAP [LDAP-Auto-Role] key words. List <Role> _roles = Web.Admin.Logic.Collections.Roles.GetByMemberKeyWordInDescription(memberNew.MemberID, "[LDAP-Auto-Role]"); string[] _groups = memberAllGroups.Split(new string[] { "|" }, StringSplitOptions.RemoveEmptyEntries); foreach (Web.Admin.Logic.Objects.Role _role in _roles) { if (_groups != null && _groups.Length > 0) { if (_groups.Where(t => t.Trim().ToLower() == _role.Name.Trim().ToLower()).FirstOrDefault() == default(String)) { Web.Admin.Logic.Objects.Role removeRoleFromUser = Web.Admin.Logic.Collections.Roles.GetBy(_role.Name); MemberRole _memberRole = new MemberRole(); _memberRole.MemberID = memberNew.MemberID; _memberRole.RoleID = removeRoleFromUser.RoleID; _memberRole.Delete(); } } else { MemberRole _memberRole = new MemberRole(); _memberRole.MemberID = memberNew.MemberID; _memberRole.RoleID = _role.RoleID; _memberRole.Delete(); } } } } //Classic Auth Member member = Members.GetByEmail(Email); if (member.MemberID > 0) { if ((IsLDAPAuth && LDAPAuthSuccess) || (IsClassicAuth && Member.ComputePasswordHash(Password) == member.Password) ) { MemberAttempt Attempt = MemberAttempts.GetTodayLoginPasswordFail(member.MemberID); if (Attempt.AttemptID > 0) { Attempt.IsAttemptValid = 0; Attempt.Save(); } // Add signin/sign up domain. Domain _domain = Domains.GetByName(AppSession.SignUpDomain); if (_domain.DomainID > 0) { MemberDomain _memberDomain = new MemberDomain(); _memberDomain.DomainID = _domain.DomainID; _memberDomain.MemberID = member.MemberID; _memberDomain.Save(); } member.UpdateLoginTime(); return(true); } else { MemberAttempt Attempt = MemberAttempts.GetTodayLoginPasswordFail(member.MemberID); if (Attempt.MemberID <= 0) { Attempt.MemberID = member.MemberID; Attempt.AttemptType = MemberAttemptTypes.LoginPasswordFailed; Attempt.IsAttemptValid = 1; } if (Attempt.Attempts > 0) { Attempt.Attempts++; } else { Attempt.Attempts = 1; } Attempt.Save(); if (AppSession.Parameters.RulesPasswordFailedRoles.Value != null && AppSession.Parameters.RulesPasswordFailedRoles.Value.Length > 0 && !AppSession.IsMemberInAdminRole) { Parameter Param = AppSession.Parameters.RulesPasswordFailedAttempts; long value = -1; bool result = long.TryParse(Param.Value, out value); if (result && value > 0 && Attempt.Attempts >= value) { string[] RoleNames = AppSession.Parameters.RulesPasswordFailedRoles.Value.Split(new char[] { ';' }, StringSplitOptions.RemoveEmptyEntries); foreach (String RoleName in RoleNames) { Role role = Web.Admin.Logic.Collections.Roles.GetBy(RoleName); if (role.RoleID > 0) { MemberRole memberrole = new MemberRole(); memberrole.MemberID = member.MemberID; memberrole.RoleID = role.RoleID; memberrole.Save(); } } } } return(false); } } else { return(false); } }