public async Task<List<string>> Create(ApplicationUser user, string password, string role = null)
{
// If role is null, default
role = role ?? UserRoles.User;
// Set the Password Hash
user.PasswordHash = new PasswordHasher().HashPassword(password);
// Set the employee ID
user.EmployeeId = await GetNextEmployeeId();
// Check to see if the employee Id already exists
if (_userManager.Users.Any(e => e.EmployeeId == user.EmployeeId))
throw new EmployeeIdExistsException();
// Try to create the user
var result = await _userManager.CreateAsync(user);
// Something went wrong creating user, return error
if (!result.Succeeded) return result.Errors.ToList();
// Add User to role
_userManager.AddToRole(user.Id, role);
var code = _userManager.GenerateEmailConfirmationToken(user.Id);
// URL Call back for user to 'click to activate'
var urlHelper = new UrlHelper(HttpContext.Current.Request.RequestContext);
var callbackUrl = urlHelper.Action("ConfirmEmail", "Account", new { userId = user.Id, code }, HttpContext.Current.Request.Url.Scheme);
// Fire off email
_userManager.SendEmail(user.Id, "Confirm your account", "Please confirm your account by clicking <a href=\"" + callbackUrl + "\">here</a>");
// Return a list of errors
return result.Errors.ToList();
}
public async Task DeleteUserAsync(ApplicationUser user)
{
// If not user exists, throw exception
if (user == null) throw new UserNotFoundException();
// Remove user logins
foreach (var login in user.Logins)
{
await _userManager.RemoveLoginAsync(user.Id, new UserLoginInfo(login.LoginProvider, login.ProviderKey));
}
// Get the users roles
var roles = await _userManager.GetRolesAsync(user.Id);
// If the user has any roles
if (roles.Any())
{
foreach (var role in roles)
{
// Remove them
await _userManager.RemoveFromRoleAsync(user.Id, role);
}
}
// If a customer was created by this user, set null on otherside
// of relathionship
foreach (var createdCustomer in user.CreatedCustomers)
{
createdCustomer.CreatedById = null;
}
// remove all references of this user to other users who report to this user
foreach (var subordinate in _userManager.Users.Where(e => e.ReportsTo.Id == user.Id))
{
subordinate.ReportsToId = null;
}
// Delete the user
await _userManager.DeleteAsync(user);
}
// TODO Refactor out _context
public void EditUser(ApplicationUser user, string role)
{
if (_userManager.IsInRole(user.Id, UserRoles.Administrator) && role.Equals(UserRoles.User))
{
_userManager.RemoveFromRole(user.Id, UserRoles.Administrator);
_userManager.AddToRole(user.Id, UserRoles.User);
}
else if (_userManager.IsInRole(user.Id, UserRoles.User) && role.Equals(UserRoles.Administrator))
{
_userManager.RemoveFromRole(user.Id, UserRoles.User);
_userManager.AddToRole(user.Id, UserRoles.Administrator);
}
_userManager.Update(user);
}
public async Task<ActionResult> ExternalLoginConfirmation(ExternalLoginConfirmationViewModel model,
string returnUrl)
{
if (User.Identity.IsAuthenticated)
{
return RedirectToAction("Index", "Manage");
}
if (ModelState.IsValid)
{
// Get the information about the user from the external login provider
var info = await AuthenticationManager.GetExternalLoginInfoAsync();
if (info == null)
{
return View("ExternalLoginFailure");
}
var user = new ApplicationUser {UserName = model.Email, Email = model.Email};
var result = await UserManager.CreateAsync(user);
if (result.Succeeded)
{
result = await UserManager.AddLoginAsync(user.Id, info.Login);
if (result.Succeeded)
{
await SignInManager.SignInAsync(user, false, false);
return RedirectToLocal(returnUrl);
}
}
AddErrors(result);
}
ViewBag.ReturnUrl = returnUrl;
return View(model);
}
