private bool CheckIfMemberNumberExistsAsync(string StaffNumber, string SponsorNumber)
{
if (PensionSetup.GetMemberNumberAsync(StaffNumber, SponsorNumber) == null)
{
return(false);
}
return(true);
}
public async Task <IHttpActionResult> Register(RegisterBindingModel model)
{
if (!ModelState.IsValid)
{
return(Json(new { Status = 400, Message = "There is a problem with your input. Make sure you follow all password rules and all fields are valid." }));
}
string SponsorNumber = PensionSetup.GetSchemeNameAsync(model.SponsorNumber);
if (SponsorNumber == null)
{
//ModelState.AddModelError("invalid_grant", "Sponsor Number does not exists");
return(Json(new { Status = 400, Message = "Sponsor Number does not exists" }));
}
string MemberNumber = PensionSetup.GetMemberNumberAsync(model.StaffNumber, SponsorNumber);
if (MemberNumber == null)
{
//ModelState.AddModelError("invalid_grant", "Staff Number does not exists");
return(Json(new { Status = 400, Message = "Staff Number does not exists" }));
}
//Check if member has email
var Member = PensionSetup.GetMemberDetailsAsync(SponsorNumber, MemberNumber);
if (Member.E_Mail == null)
{
//ModelState.AddModelError("invalid_grant", "We didn't find any email associated to your profile, please contact your system administrator");
return(Json(new { Status = 400, Message = "We didn't find any email associated to your profile, please contact your system administrator" }));
}
var user = new ApplicationUser {
SponsorNumber = model.SponsorNumber, MemberNumber = MemberNumber, UserName = Member.E_Mail, Email = Member.E_Mail
};
IdentityResult result = await UserManager.CreateAsync(user, model.Password);
if (!result.Succeeded)
{
return(GetErrorResult(result));
}
//Send email
string callbackUrl = await SendEmailConfirmationTokenAsync(user.Id, "Confirm your account");
return(Json(new { Status = 200, Message = "We've sent an email to " + Member.E_Mail + ". Open your mail box to confirm your account.", Link = callbackUrl }));
}
public async Task <ActionResult> Login(LoginViewModel model, string returnUrl)
{
if (!ModelState.IsValid)
{
return(View(model));
}
if (AAsync(model.SponsorNumber, model.MemberNumber).Equals(true))
{
if (ViewBag.errorMessage != null)
{
return(View("Error"));
}
var output = await SignInManager.PasswordSignInAsync("*****@*****.**", model.Password, model.RememberMe, shouldLockout : true);
switch (output)
{
case SignInStatus.Success:
return(RedirectToAction("Index", "Admin", null));
case SignInStatus.LockedOut:
return(View("Lockout"));
case SignInStatus.RequiresVerification:
return(RedirectToAction("SendCode", new { ReturnUrl = returnUrl, RememberMe = model.RememberMe }));
case SignInStatus.Failure:
default:
ModelState.AddModelError("", string.Format("Incorrect password."));
return(View(model));
}
}
if (CheckIfSponsorNumberExistsAsync(model.SponsorNumber).Equals(false))
{
if (ViewBag.errorMessage != null)
{
return(View("Error"));
}
if (Session["errorMessage"].ToString() != null)
{
ModelState.AddModelError("exception", Session["errorMessage"].ToString());
return(View(model));
}
ModelState.AddModelError("SponsorExists", "Sponsor Number does not exists");
return(View(model));
}
if (CheckIfMemberNumberExistsAsync(model.MemberNumber, model.SponsorNumber).Equals(false))
{
if (ViewBag.errorMessage != null)
{
return(View("Error"));
}
ModelState.AddModelError("MemberExists", "Member Number does not exists in " + model.SponsorNumber);
return(View(model));
}
//Check if Member is registered
var MemberNumber = PensionSetup.GetMemberNumberAsync(model.MemberNumber, model.SponsorNumber);
if (UserManager.Users.Where(x => x.SponsorNumber == model.SponsorNumber && x.MemberNumber == MemberNumber).Any().Equals(false))
{
ModelState.AddModelError("MemberUnRegistered", "Member is not registered. Please register first");
return(View(model));
}
// Require the user to have a confirmed email before they can log in.
//var user = await UserManager.FindByNameAsync(model.Email);
// Login with Member Number & Sponsor Number instead
var user = UserManager.Users.Where(x => x.SponsorNumber == model.SponsorNumber && x.MemberNumber == MemberNumber).First();
if (user != null)
{
if (!await UserManager.IsEmailConfirmedAsync(user.Id))
{
string callbackUrl = await SendEmailConfirmationTokenAsync(user.Id, "Confirm your account");
// Uncomment to debug locally
// ViewBag.Link = callbackUrl;
ModelState.AddModelError("Unconfirmed", "You must have a confirmed email to log in. Check your email to confirm.");
return(View(model));
}
}
// This doesn't count login failures towards account lockout
// To enable password failures to trigger account lockout, change to shouldLockout: true
var result = await SignInManager.PasswordSignInAsync(user.Email, model.Password, model.RememberMe, shouldLockout : true);
switch (result)
{
case SignInStatus.Success:
return(RedirectToLocal(returnUrl));
case SignInStatus.LockedOut:
return(View("Lockout"));
case SignInStatus.RequiresVerification:
return(RedirectToAction("SendCode", new { ReturnUrl = returnUrl, RememberMe = model.RememberMe }));
case SignInStatus.Failure:
default:
int accessFailedCount = await UserManager.GetAccessFailedCountAsync(user.Id);
int attemptsLeft = UserManager.MaxFailedAccessAttemptsBeforeLockout - accessFailedCount;
string attempts = attemptsLeft == 1 ? "attempt" : "attempts";
ModelState.AddModelError("", string.Format("Invalid login attempt. You have {0} more " + attempts + " before your account gets locked out.", attemptsLeft));
return(View(model));
}
}
public async Task <ActionResult> Register(RegisterViewModel model)
{
if (ModelState.IsValid)
{
if (CheckIfSponsorNumberExistsAsync(model.SponsorNumber).Equals(true))
{
//Staff number equals model.MemberNumber
string StaffNumber = model.MemberNumber;
if (CheckIfMemberNumberExistsAsync(StaffNumber, model.SponsorNumber).Equals(true))
{
string SchemeName = PensionSetup.GetSchemeNameAsync(model.SponsorNumber);
string MemberNumber = PensionSetup.GetMemberNumberAsync(StaffNumber, model.SponsorNumber);
if (UserManager.Users.Where(x => x.SponsorNumber == model.SponsorNumber && x.MemberNumber == MemberNumber).Any())
{
ModelState.AddModelError("MemberRegistered", "Member (" + model.SponsorNumber + " & " + model.MemberNumber + ") is already registered");
return(View(model));
}
else
{
if (model.Email == null)
{
//Try to find one from member details
var Member = PensionSetup.GetMemberDetailsAsync(SchemeName, MemberNumber);
string Email = Member.E_Mail;
if (Email == null)
{
//ViewBag.EmailIsEmpty = true;
ModelState.AddModelError("EmailIsEmpty", "We didn't find any email associated to your profile, please contact your system administrator");
return(View(model));
}
model.Email = Email;
}
var user = new ApplicationUser {
SponsorNumber = model.SponsorNumber, MemberNumber = MemberNumber, UserName = model.Email, Email = model.Email
};
var result = await UserManager.CreateAsync(user, model.Password);
if (result.Succeeded)
{
//await SignInManager.SignInAsync(user, isPersistent: false, rememberBrowser: false);
string callbackUrl = await SendEmailConfirmationTokenAsync(user.Id, "Confirm your account");
ViewBag.Message = "We've sent an email to " + model.Email + ". Check in 5-10 minutes to confirm your account.";
return(View("Info"));
}
//ViewBag.EmailIsEmpty = true;
AddErrors(result);
}
}
else
{
if (ViewBag.errorMessage != null)
{
return(View("Error"));
}
ModelState.AddModelError("MemberExists", "Member Number does not exists in " + model.SponsorNumber);
return(View(model));
}
}
else
{
if (ViewBag.errorMessage != null)
{
return(View("Error"));
}
ModelState.AddModelError("SponsorExists", "Sponsor Number does not exists");
return(View(model));
}
}
// If we got this far, something failed, redisplay form
return(View(model));
}
public override async Task GrantResourceOwnerCredentials(OAuthGrantResourceOwnerCredentialsContext context)
{
var userManager = context.OwinContext.GetUserManager <ApplicationUserManager>();
var data = context.Request.ReadFormAsync();
var param = data.Result.Where(x => x.Key == "SponsorNumber").Select(x => x.Value).FirstOrDefault();
var param2 = data.Result.Where(x => x.Key == "StaffNumber").Select(x => x.Value).FirstOrDefault();
string SponsorNumber = "", StaffNumber = "";
if (param != null && param.Length > 0)
{
SponsorNumber = param[0];
}
if (param2 != null && param2.Length > 0)
{
StaffNumber = param2[0];
}
if (!userManager.Users.Where(x => x.SponsorNumber == SponsorNumber).Any())
{
context.SetError("invalid_grant", "Sponsor Number does not exists");
return;
}
string MemberNumber = PensionSetup.GetMemberNumberAsync(StaffNumber, SponsorNumber);
if (MemberNumber == null)
{
context.SetError("invalid_grant", "Staff Number does not exists");
return;
}
if (!userManager.Users.Where(x => x.MemberNumber == MemberNumber).Any())
{
context.SetError("invalid_grant", "Member Number does not exists");
return;
}
ApplicationUser user = userManager.Users.Where(x => x.SponsorNumber == SponsorNumber && x.MemberNumber == MemberNumber).First();
user = await userManager.FindAsync(user.UserName, context.Password);
if (user == null)
{
context.SetError("invalid_grant", "Invalid login attempt.");
return;
}
if (!await userManager.IsEmailConfirmedAsync(user.Id))
{
context.SetError("invalid_grant", "You must have a confirmed email to log in. Check your email to confirm your account.");
return;
}
ClaimsIdentity oAuthIdentity = await user.GenerateUserIdentityAsync(userManager,
OAuthDefaults.AuthenticationType);
ClaimsIdentity cookiesIdentity = await user.GenerateUserIdentityAsync(userManager,
CookieAuthenticationDefaults.AuthenticationType);
AuthenticationProperties properties = CreateProperties(user.UserName);
AuthenticationTicket ticket = new AuthenticationTicket(oAuthIdentity, properties);
context.Validated(ticket);
context.Request.Context.Authentication.SignIn(cookiesIdentity);
}
