private void btnViewError_Click(object sender, EventArgs e)
{
if (_devAuthenticationManager.AuthenticateUser(txtPassword.Text) == AuthenticationStatus.Authenticated)
{
_devAuthenticationManager.LogIn(HttpContext.Current);
ProcessTestCommand();
phAuthenticated.Visible = true;
phAuthRequired.Visible = false;
}
else
{
lblResponse.Text = "The password is incorrect.";
}
}
public void ProcessLogin(bool usedRememberMe)
{
const string method = "ProcessLogin";
Page.Validate(LoginFormValidationGroup);
if (!Page.IsValid)
{
return;
}
string userId = UserId;
string password = Password;
if (userId.Length == 0 || password.Length == 0)
{
lblLoginMsg.Text = ValidationErrorMessages.LOGIN_ENTER_DATA;
phLoginMsg.Visible = true;
return;
}
var result = _loginAuthenticationCommand.AuthenticateUser(new LoginCredentials {
LoginId = userId, Password = password
});
_currentUser = result.User;
if (result.User != null)
{
switch (result.Status)
{
case AuthenticationStatus.AuthenticatedWithOverridePassword:
// Authenticated with the override password, so give them access to developer
// features as well (like viewing exception details).
_devAuthenticationManager.LogIn(HttpContext.Current);
goto case AuthenticationStatus.Authenticated;
case AuthenticationStatus.AuthenticatedMustChangePassword:
CompleteAuthenticatedLogin(result.Status, true);
break;
case AuthenticationStatus.Authenticated:
CompleteAuthenticatedLogin(result.Status, false);
break;
case AuthenticationStatus.Disabled:
CompleteDisabledLogin();
break;
case AuthenticationStatus.Deactivated:
// Employers and administrators should not be affected by this flag so try to let them through.
if (_currentUser is Employer || _currentUser is Administrator)
{
CompleteAuthenticatedLogin(result.Status, false);
}
else
{
CompleteDeactivatedLogin(result.Status);
}
break;
}
}
if (result.Status == AuthenticationStatus.Failed)
{
EventSource.Raise(Event.Trace, method, string.Format("User login has failed. LoginId = '{0}'", userId));
lblLoginMsg.Text = ValidationErrorMessages.LOGIN_FAILED_ONE_LINE;
phLoginMsg.Visible = true;
// POST requests from external forms will not populate txtUserId.
// This ensures it's populated when we bounce users after a failure.
if (Request.RequestType == "POST" && !IsPostBack)
{
txtUserId.Text = UserId;
}
SetFocusOnControl(txtPassword);
}
}
AuthenticationResult IAccountsManager.TryAutoLogIn(HttpContextBase context)
{
var credentials = _cookieManager.ParsePersistantUserCookie(context);
if (string.IsNullOrEmpty(credentials.LoginId) || string.IsNullOrEmpty(credentials.Password))
{
return new AuthenticationResult {
Status = AuthenticationStatus.Failed
}
}
;
// Authenticate.
var result = _loginAuthenticationCommand.AuthenticateUser(new LoginCredentials {
LoginId = credentials.LoginId, Password = credentials.Password
});
switch (result.Status)
{
case AuthenticationStatus.Authenticated:
// Automatically log in.
result.Status = AuthenticationStatus.AuthenticatedAutomatically;
_authenticationManager.LogIn(context, result.User, result.Status);
break;
default:
// If it didn't work then ensure the cookies are removed.
_cookieManager.DeletePersistantUserCookie(context);
break;
}
return(result);
}
AuthenticationResult IAccountsManager.LogIn(HttpContextBase context, Login login)
{
// Process the post to check validations etc.
login.Prepare();
login.Validate();
// Authenticate.
var result = _loginAuthenticationCommand.AuthenticateUser(new LoginCredentials {
LoginId = login.LoginId, PasswordHash = LoginCredentials.HashToString(login.Password)
});
switch (result.Status)
{
case AuthenticationStatus.Authenticated:
case AuthenticationStatus.AuthenticatedMustChangePassword:
case AuthenticationStatus.AuthenticatedWithOverridePassword:
case AuthenticationStatus.Deactivated:
// Log in.
_authenticationManager.LogIn(context, result.User, result.Status);
// Remember me.
if (login.RememberMe)
{
_cookieManager.CreatePersistantUserCookie(context, result.User.UserType, new LoginCredentials {
LoginId = login.LoginId, Password = login.Password
}, result.Status);
}
else
{
_cookieManager.DeletePersistantUserCookie(context);
}
// Vertical.
SetVertical(result.User);
break;
}
// Also log them in as a dev if they used the override password.
if (result.Status == AuthenticationStatus.AuthenticatedWithOverridePassword)
{
_devAuthenticationManager.LogIn(context);
}
return(result);
}
void IAccountsManager.LogOut(HttpContextBase context)
{
// Maintain the vertical.
Vertical vertical = null;
var verticalId = ActivityContext.Current.Vertical.Id;
if (verticalId != null)
{
vertical = _verticalsQuery.GetVertical(verticalId.Value);
}
// Clean out remember me and any external authentication cookie.
_cookieManager.DeletePersistantUserCookie(context);
_cookieManager.DeleteExternalCookie(context, vertical == null ? null : vertical.ExternalCookieDomain);
// Log out.
_authenticationManager.LogOut(context);
// Clean up the session but don't abandon it.
context.Session.Clear();
// Reset the vertical.
if (vertical != null)
{
ActivityContext.Current.Set(vertical);
}
}
Member IAccountsManager.Join(HttpContextBase context, MemberAccount account, AccountLoginCredentials accountCredentials, bool requiresActivation)
{
account.Prepare();
account.Validate();
accountCredentials.Prepare();
accountCredentials.Validate();
// Check for an existing login.
if (_loginCredentialsQuery.DoCredentialsExist(new LoginCredentials {
LoginId = accountCredentials.LoginId
}))
{
throw new DuplicateUserException();
}
// Create the member.
var member = CreateMember(account, requiresActivation);
var credentials = new LoginCredentials
{
LoginId = accountCredentials.LoginId,
PasswordHash = LoginCredentials.HashToString(accountCredentials.Password),
};
_memberAccountsCommand.CreateMember(member, credentials, GetMemberAffiliateId());
// Log the user in.
_authenticationManager.LogIn(context, member, AuthenticationStatus.Authenticated);
// Initialise.
_referralsManager.CreateReferral(context.Request, member.Id);
InitialiseMemberProfile(member.Id);
return(member);
}
Employer IAccountsManager.Join(HttpContextBase context, EmployerAccount account, AccountLoginCredentials accountCredentials)
{
accountCredentials.Prepare();
accountCredentials.Validate();
// Check for an existing login.
if (_loginCredentialsQuery.DoCredentialsExist(new LoginCredentials {
LoginId = accountCredentials.LoginId
}))
{
throw new DuplicateUserException();
}
return(Join(
context,
account,
e => _employerAccountsCommand.CreateEmployer(e, new LoginCredentials {
LoginId = accountCredentials.LoginId, PasswordHash = LoginCredentials.HashToString(accountCredentials.Password)
})));
}
Employer IAccountsManager.Join(HttpContextBase context, EmployerAccount account, LinkedInProfile profile)
{
return(Join(
context,
account,
e => _employerAccountsCommand.CreateEmployer(e, profile)));
}