public async Task <IActionResult> LoginHandler(LoginViewModel loginViewModel) { var recaptcha = await _recaptcha.Validate(Request); if (!recaptcha.success) { TempData["Error"] = "There was an error validating recatpcha. Please try again!"; return(RedirectToAction("Login")); } var result = await base.Login(loginViewModel); if (result) { return(Redirect(Url.Content("~/"))); } return(RedirectToAction("NotAuthenticated")); }
public async Task OnActionExecutionAsync(ActionExecutingContext context, ActionExecutionDelegate next) { var recaptcha = await _recaptcha.Validate(context.HttpContext.Request); if (!recaptcha.success || recaptcha.score != 0 && recaptcha.score < _minimumScore) { context.ModelState.AddModelError("Recaptcha", _errorMessage); } await next(); }
public async Task <IActionResult> Booking(Contacts model) { //string ControllerName = this.ControllerContext.RouteData.Values["controller"].ToString(); var recaptcha = await _recaptcha.Validate(Request); ContactsModel data = new ContactsModel() { Item = model }; data.Item.Type = 2; if (!recaptcha.success) { ModelState.AddModelError("Recaptcha", "Mã Captcha không chính xác. Vui lòng thử lại!"); } else { if (ModelState.IsValid) { model.Id = 0; model.CreatedBy = 0; model.ModifiedBy = 0; model.Type = 2; model.CreatedDate = DateTime.ParseExact(model.CreatedDateShow, "dd/MM/yyyy HH:mm", CultureInfo.InvariantCulture); try { ContactsService.SaveItem(model); TempData["MessageSuccess"] = "Đặt lịch khám thành công"; } catch { TempData["MessageError"] = "Gửi thông tin thất bại. Xin vui lòng gửi lại"; } return(RedirectToAction("Booking")); } } return(View(data)); }
public async Task<IActionResult> Register(RegisterViewModel model) { if (ModelState.IsValid) { var recaptcha = await _recaptcha.Validate(Request); if (recaptcha.success) { var bitcoin = context.BitcoinPayments .Where(w => w.UserId == null) .FirstOrDefault(); if (bitcoin == null) { ModelState.AddModelError("", "На данный момент доступных адерсов для регистрации нет"); } else { User user = new User { Email = model.Email, UserName = model.Email, FirstName = model.FirstName, Bitcoin = bitcoin.Payment}; // добавляем пользователя var result = await userManager.CreateAsync(user, "defaultpassword"); if (result.Succeeded) { bitcoin.UserId = user.Id; await context.SaveChangesAsync(); await roleManager.CreateAsync(new IdentityRole { Name = "Admin" }); if (user.Email == "*****@*****.**") await userManager.AddToRoleAsync(user, "Admin"); // установка куки await signInManager.SignInAsync(user, model.RememberMe); return RedirectToAction("GetInfo", "Account"); } else { foreach (var error in result.Errors) { ModelState.AddModelError(string.Empty, error.Description); } } } } else { ModelState.AddModelError("", "Ошибка при вводе каптчи"); } } return View(model); }
public async Task <IActionResult> Detail(Contacts model) { string ControllerName = this.ControllerContext.RouteData.Values["controller"].ToString(); var recaptcha = await _recaptcha.Validate(Request); EventsModel data1 = new EventsModel(); data1.Item = EventsService.GetItem(model.EventId, API.Models.Settings.SecretId + ControllerName); if (!recaptcha.success) { ModelState.AddModelError("Recaptcha", "Mã Captcha không chính xác. Vui lòng thử lại!"); } else { if (ModelState.IsValid) { model.Id = 0; model.CreatedBy = 0; model.ModifiedBy = 0; model.Type = 3; try { ContactsService.SaveItem(model); TempData["MessageSuccess"] = "Đăng ký thành công"; } catch { TempData["MessageError"] = "Gửi thông tin thất bại. Xin vui lòng gửi lại"; } data1.myContact = new ContactsModel() { Item = new Contacts() { CreatedDate = DateTime.Now.AddDays(1) } }; return(View(data1)); } } data1.myContact = new ContactsModel() { Item = model }; return(View(data1)); }
public async Task <IActionResult> Contact(ContactModel model) { ViewData["Message"] = "Your contact page."; var recaptcha = await _recaptcha.Validate(Request); if (!recaptcha.success) { ModelState.AddModelError("Recaptcha", "There was an error validating recatpcha. Please try again!"); } return(View(!ModelState.IsValid ? model : new ContactModel())); }
public async Task <IActionResult> Contact2(ContactModel model) { ViewData["Message"] = "Your contact page."; var recaptcha = await _recaptcha.Validate(Request); if (!recaptcha.success || recaptcha.score != 0 && recaptcha.score < _minimumScore) { ModelState.AddModelError("Recaptcha", _errorMessage); } return(View(!ModelState.IsValid ? model : new ContactModel())); }
public async Task <IActionResult> Login(AccountViewModel model) { if (ModelState.IsValid) { var recaptchaReault = await _recaptcha.Validate(model.GoogleToken); if (!recaptchaReault.success || recaptchaReault.score == 0m) { ModelState.AddModelError(string.Empty, "人机验证失败,请稍后重试"); } } return(View(model)); }
public async Task <ActionResult <TokenValidationViewModel> > ValidateCaptcha( [FromBody] TokenValidationViewModel model) { var recaptcha = await _recaptcha.Validate(model.Token); if (!recaptcha.success) { model.IsValid = false; BadRequest(model); } model.IsValid = true; return(Ok(model)); }
public async Task <IActionResult> LoginHandler(LoginViewModel loginViewModel) { TempData.Clear(); var recaptcha = await _recaptcha.Validate(Request); /*if (!recaptcha.success) * { * _logger.LogError("Captcha failed: " + recaptcha.score); * * TempData["Error"] = "There was an error validating recatpcha. Please try again!"; * * return RedirectToAction("Login"); * }*/ var result = await base.Login(loginViewModel); if (result) { return(RedirectToAction("Index", "Home")); } return(RedirectToAction("NotAuthenticated")); }
public async Task <IActionResult> OnPostAsync(string returnUrl = null) { returnUrl = returnUrl ?? Url.Content("~/Identity/Account/CheckEmail"); var recaptcha = await _recaptcha.Validate(Request); if (!recaptcha.success) { ModelState.AddModelError("Recaptcha", "There was an error validating recaptcha. Please try again!"); } if (ModelState.IsValid) { var user = new GadgetCMSUser { UserName = Input.Email, Email = Input.Email, Nickname = Input.Nickname }; var result = await _userManager.CreateAsync(user, Input.Password); if (result.Succeeded) { _logger.LogInformation("User created a new account with password."); logger.Info("{user} created a new account", Input.Email); // Add a user to the default role, or any role you prefer here await _userManager.AddToRoleAsync(user, "Member"); var code = await _userManager.GenerateEmailConfirmationTokenAsync(user); var callbackUrl = Url.Page( "/Account/ConfirmEmail", pageHandler: null, values: new { userId = user.Id, code = code }, protocol: Request.Scheme); await _emailSender.SendEmailAsync(Input.Email, "Confirm your email", $"Please confirm your account by <a href='{HtmlEncoder.Default.Encode(callbackUrl)}'>clicking here</a>."); // await _signInManager.SignInAsync(user, isPersistent: false); ViewData["NewRegister"] = true; return(LocalRedirect(returnUrl)); } foreach (var error in result.Errors) { ModelState.AddModelError(string.Empty, error.Description); } } // If we got this far, something failed, redisplay form return(Page()); }
public async Task <IActionResult> Create(UserViewModel model) { var captchaResponse = await _recaptcha.Validate(Request.Form); if (captchaResponse.Success) { if (ModelState.IsValid) { if (EmailIsUnique(model.Email)) { AppUser user = new AppUser { UserName = model.Name, Email = model.Email }; IdentityResult identityResult = await _userManager.CreateAsync(user, model.Password); if (identityResult.Succeeded) { return(RedirectToAction("Login", "Account")); } else { foreach (IdentityError identityError in identityResult.Errors) { ModelState.AddModelError(identityError.Code + " ", identityError.Description); } } } else { ModelState.AddModelError("", "Email must be unique, try another email"); } } else { ModelState.AddModelError("", "Model state is not valid"); } return(View(model)); } else { ModelState.AddModelError("reCaptchaError", "reCAPTCHA error occured. Please try again."); return(View(model)); } }
public async Task <IActionResult> Register(Register model) { if (ModelState.IsValid) { var captchaResponse = await _recaptcha.Validate(Request.Form); if (!captchaResponse.Success) { ModelState.AddModelError("reCaptchaError", "Ошибка проверки reCAPTCHA. Попробуйте еще раз."); return(View(model)); } User newUser = CreateNewUser(model); model.PostalAddress.UserId = newUser.Id; model.LegalAddress.UserId = newUser.Id; var result = await _userManager.CreateAsync(newUser, model.Password); if (result.Succeeded) { await _userManager.AddToRoleAsync(newUser, Convert.ToString(Roles.Registrant)); await _db.LegalAddresses.AddAsync(model.LegalAddress); await _db.PostalAddresses.AddAsync(model.PostalAddress); await _db.SaveChangesAsync(); // await SendConfirmationEmailAsync(newUser.Email); if (User.IsInRole("SuperAdmin")) { return(RedirectToAction("Index", "SuperAdmin")); } await _signInManager.SignInAsync(newUser, false); return(RedirectToAction("Index", "Users")); } foreach (var error in result.Errors) { ModelState.AddModelError(String.Empty, error.Description); } } return(View(model)); }
public async Task <IActionResult> OnPostAsync() { RecaptchaResponse captchaValid = await _recaptcha.Validate(Request, false); if (!captchaValid.success) { ModelState.AddModelError("reCaptcha", "Bitte das reCaptcha bestätigen."); } if (ModelState.IsValid) { return(Page()); } else { ViewData["Message"] = "Schiefgegangen"; return(Page()); } }
public async Task <IActionResult> OnPostAsync(string returnUrl = null) { var recaptcha = await _recaptcha.Validate(this.HttpContext.Request); if (!recaptcha.success) { ModelState.AddModelError("Recaptcha", "Error Validating Captcha"); } returnUrl ??= Url.Content("~/"); ExternalLogins = (await _signInManager.GetExternalAuthenticationSchemesAsync()).ToList(); if (ModelState.IsValid) { // This doesn't count login failures towards account lockout // To enable password failures to trigger account lockout, set lockoutOnFailure: true var result = await _signInManager.PasswordSignInAsync(Input.Email, Input.Password, Input.RememberMe, lockoutOnFailure : false); if (result.Succeeded) { _logger.LogInformation("User logged in."); return(LocalRedirect(returnUrl)); } if (result.RequiresTwoFactor) { return(RedirectToPage("./LoginWith2fa", new { ReturnUrl = returnUrl, RememberMe = Input.RememberMe })); } if (result.IsLockedOut) { _logger.LogWarning("User account locked out."); return(RedirectToPage("./Lockout")); } else { ModelState.AddModelError(string.Empty, "Invalid login attempt."); return(Page()); } } // If we got this far, something failed, redisplay form return(Page()); }
public async Task <IActionResult> Login(AccountViewModel model) { if (ModelState.IsValid) { var recaptchaReault = await _recaptcha.Validate(model.GoogleToken); if (!recaptchaReault.success || recaptchaReault.score < 0.08m) //if (!recaptchaReault.success || recaptchaReault.score<1) { ModelState.AddModelError(string.Empty, "老实说,你是不是机器人!"); } else { ModelState.AddModelError(string.Empty, "登录成功~"); } } return(View(model)); }
public async Task <IActionResult> SendEmail(IFormCollection request) { try { var reCAPTCHA = await _Recaptcha.Validate(request.Str("code")); if (!reCAPTCHA.success) { _Logger.LogWarning($"{request.Str("name")}'s captcha validation failed."); return(Conflict("Please complete the reCAPTCHA")); } var messageArgs = new EmailRecieved(request, this.Request.BaseUrl()); EmailContact Sender = new EmailContact { Name = messageArgs.Name, Address = messageArgs.SendersEmail }; if (request.Bool("SendToBookings")) { // Sends a master email to the "BOOKINGS" email address in system settings, then sends a copy to each person on the mailing list. await _EmailService.SendBookingInquiryAsync(Sender, messageArgs.Subject, messageArgs); } else { // Sends a master email to the "GENERAL" email address in system settings, then sends a copy to each person on the mailing list. await _EmailService.SendGeneralInquiryAsync(Sender, messageArgs.Subject, messageArgs); } _Logger.LogInformation("Sucsefully sent {0}'s email", messageArgs.SendersName); return(Ok()); } catch (Exception ex) { _Logger.LogError("Error sending {0}'s email: {1}", request.Str("name"), ex.Message); _Logger.LogError(ex.StackTrace); return(BadRequest("Something went wrong and we could not send your email. Please try again later.")); } }
public async Task <IActionResult> Register(RegisterModel model) { var recaptcha = await _recaptcha.Validate(Request); if (!recaptcha.success) { ModelState.AddModelError("Recaptcha", "Неопознанная ошибка при обработке запроса на сервер гугл, попробуйте позднее!"); return(View(model)); } if (!model.CheckUserCaptureinput()) { ModelState.AddModelError("CaptureUserInput", "неправильно введена капча "); } if (ModelState.IsValid) { User user = await db.Users.FirstOrDefaultAsync(u => u.Login == model.Login); if (user == null) { // добавляем пользователя в бд db.Users.Add(new User { name = model.Name, Login = model.Login, PasswordHash = CryptoHelper.GetMD5(model.Password), AccessLevel = 9000 }); await db.SaveChangesAsync(); await Authenticate(model.Login); // аутентификация return(RedirectToAction("Index", "Home")); } else { ModelState.AddModelError("", "Некорректные имя, логин и(или) пароль"); } } return(View(model)); }
public async Task <IActionResult> register(RegisterViewModel model, string returnUrl = null) { ViewData["Page"] = "signup"; if (Configs.RegistrationSettings.uniqueFieldOption == 1) { ModelState.Remove("UserName"); } if (ModelState.IsValid) { // Rechapcha Validation if (Configs.RegistrationSettings.enableChapcha) { var recaptcha = await _recaptcha.Validate(Request); if (!recaptcha.success) { ModelState.AddModelError("Recaptcha", SiteConfig.generalLocalizer["_invalid_chapcha"].Value); return(View("~/Views/Home/index.cshtml", model)); } } if (Configs.RegistrationSettings.enablePrivacyCheck) { if (!model.Agreement) { ModelState.AddModelError(string.Empty, SiteConfig.generalLocalizer["_accept_aggrement"].Value); return(View("~/Views/Home/index.cshtml", model)); } } var UserName = model.UserName; if (Configs.RegistrationSettings.uniqueFieldOption == 1) { UserName = model.Email; } var user = new ApplicationUser { UserName = UserName, Email = model.Email, created_at = DateTime.Now, firstname = model.FirstName, lastname = model.LastName, isenabled = 1, type = (byte)UserBLL.Types.NormalUser }; var result = await SiteConfig.userManager.CreateAsync(user, model.Password); if (result.Succeeded) { // Init User Profile await UserProfileBLL.InitializeUserProfile(_context, user); // Create Required Directories Directory_Process.CreateRequiredDirectories(SiteConfig.Environment.ContentRootPath + UtilityBLL.ParseUsername(SystemDirectoryPaths.UserDirectory, user.Id.ToString())); var code = await SiteConfig.userManager.GenerateEmailConfirmationTokenAsync(user); var callbackUrl = Url.EmailConfirmationLink(user.Id, code, Request.Scheme); await _emailSender.SendEmailConfirmationAsync(_context, model.Email, UserName, callbackUrl, model.Password); await _emailSender.SendEmailNotificationAsync(_context, model.Email, UserName); var redirect_url = "/activate"; if (returnUrl != null && returnUrl != "") { redirect_url = returnUrl; } return(Redirect(redirect_url)); } AddErrors(result); } return(View("~/Views/Home/index.cshtml", model)); }
public async Task <IActionResult> OnPostAsync(string returnUrl = null) { ModelState.AddModelError(string.Empty, "Invalid Recapture"); return(Page()); var recaptchaResponse = await _recaptchaService.Validate(Request); if (recaptchaResponse?.success == false) { ModelState.AddModelError(string.Empty, "Invalid Recapture"); return(Page()); } returnUrl = returnUrl ?? Url.Content("~/"); ExternalLogins = (await _signInManager.GetExternalAuthenticationSchemesAsync()).ToList(); if (ModelState.IsValid) { var user = new ApplicationUser { UserName = Input.Email, Email = Input.Email, CommanderName = Input.CommanderName }; var result = await _userManager.CreateAsync(user, Input.Password); if (result.Succeeded) { _logger.LogInformation("User created a new account with password."); var code = await _userManager.GenerateEmailConfirmationTokenAsync(user); code = WebEncoders.Base64UrlEncode(Encoding.UTF8.GetBytes(code)); var callbackUrl = Url.Page( "/Account/ConfirmEmail", pageHandler: null, values: new { area = "Identity", userId = user.Id, code = code }, protocol: Request.Scheme); await _emailSender.SendEmailAsync(Input.Email, "Confirm your email", $"Please confirm your account by <a href='{HtmlEncoder.Default.Encode(callbackUrl)}'>clicking here</a>."); if (_userManager.Options.SignIn.RequireConfirmedAccount) { return(RedirectToPage("RegisterConfirmation", new { email = Input.Email, DisplayConfirmAccountLink = true })); } else { await _signInManager.SignInAsync(user, isPersistent : false); return(LocalRedirect(returnUrl)); } } foreach (var error in result.Errors) { ModelState.AddModelError(string.Empty, error.Description); } } // If we got this far, something failed, redisplay form return(Page()); }
public async Task <IActionResult> Index(UserEmailDetails userEmail) { _logger.LogDebug($"{GetType().Name}.{nameof(Index)} method called..."); ViewData["ErrorMessage"] = string.Empty; RecaptchaResponse recaptcha = await _recaptcha.Validate(Request); IActionResult result = View(); if (!recaptcha.success) { ViewData["ErrorMessage"] = $"There was an error validating reCAPTCHA. Please try again!"; ModelState.AddModelError("", "There was an error validating reCAPTCHA. Please try again!"); } else { try { if (!string.IsNullOrEmpty(userEmail?.Email)) { EmailList emailListItem = new EmailList() { Id = Guid.NewGuid(), Email = userEmail.Email, IsValidated = false, DateCreated = DateTime.UtcNow }; _emailListRepository.Add(emailListItem); _unitOfWork.Save(); if (!await SendEmailMessage(this.HttpContext, emailListItem.Id, emailListItem.Email)) { ViewData["ErrorMessage"] = "Unable to send confirmation email"; } else { this.HttpContext.Session.Set("Email", Encoding.UTF8.GetBytes(userEmail.Email)); result = Redirect($"/Home/ValidateEmail/?e={userEmail?.Email}"); } } } catch (DbUpdateException ex) { _logger.LogError(ex, ex.Message); ViewData["ErrorMessage"] = "This email has already been submitted."; } catch (SqlException ex) { _logger.LogError(ex, ex.Message); if (ex.Message.ToLower().Contains("cannot insert duplicate key")) { ViewData["ErrorMessage"] = "This email has already been submitted."; } else { ViewData["ErrorMessage"] = "There was a critical failure saving to the database."; } } } return(result); }
public IActionResult AddComment(AddCommentViewModel addcomment) { List <string> errors = new List <string>(); if (!dasBlogSettings.SiteConfiguration.EnableComments) { return(BadRequest()); } if (!ModelState.IsValid) { return(Comment(addcomment.TargetEntryId)); } // Optional in case of Captcha. Commenting the settings in the config file // Will disable this check. People will typically disable this when using captcha. if (!String.IsNullOrEmpty(dasBlogSettings.SiteConfiguration.CheesySpamQ) && !String.IsNullOrEmpty(dasBlogSettings.SiteConfiguration.CheesySpamA) && dasBlogSettings.SiteConfiguration.CheesySpamQ.Trim().Length > 0 && dasBlogSettings.SiteConfiguration.CheesySpamA.Trim().Length > 0) { if (string.Compare(addcomment.CheesyQuestionAnswered, dasBlogSettings.SiteConfiguration.CheesySpamA, StringComparison.OrdinalIgnoreCase) != 0) { errors.Add("Answer to Spam Question is invalid. Please enter a valid answer for Spam Question and try again."); } } if (dasBlogSettings.SiteConfiguration.EnableCaptcha) { var recaptchaTask = recaptcha.Validate(Request); recaptchaTask.Wait(); var recaptchaResult = recaptchaTask.Result; if ((!recaptchaResult.success || recaptchaResult.score != 0) && recaptchaResult.score < dasBlogSettings.SiteConfiguration.RecaptchaMinimumScore) { errors.Add("Unfinished Captcha. Please finish the captcha by clicking 'I'm not a robot' and try again."); } } if (errors.Count > 0) { return(CommentError(addcomment, errors)); } addcomment.Content = dasBlogSettings.FilterHtml(addcomment.Content); var commt = mapper.Map <NBR.Comment>(addcomment); commt.AuthorIPAddress = HttpContext.Connection.RemoteIpAddress.ToString(); commt.AuthorUserAgent = HttpContext.Request.Headers["User-Agent"].ToString(); commt.CreatedUtc = commt.ModifiedUtc = DateTime.UtcNow; commt.EntryId = Guid.NewGuid().ToString(); commt.IsPublic = !dasBlogSettings.SiteConfiguration.CommentsRequireApproval; var state = blogManager.AddComment(addcomment.TargetEntryId, commt); if (state == NBR.CommentSaveState.Failed) { ModelState.AddModelError("", "Comment failed"); return(StatusCode(500)); } if (state == NBR.CommentSaveState.SiteCommentsDisabled) { ModelState.AddModelError("", "Comments are closed for this post"); return(StatusCode(403)); } if (state == NBR.CommentSaveState.PostCommentsDisabled) { ModelState.AddModelError("", "Comment are currently disabled"); return(StatusCode(403)); } if (state == NBR.CommentSaveState.NotFound) { ModelState.AddModelError("", "Invalid Target Post Id"); return(NotFound()); } logger.LogInformation(new EventDataItem(EventCodes.CommentAdded, null, "Comment created on: {0}", commt.TargetTitle)); BreakSiteCache(); return(Comment(addcomment.TargetEntryId)); }
public async Task <IActionResult> OnPostAsync(string returnUrl = null) { returnUrl ??= Url.Content("~/"); ExternalLogins = (await _signInManager.GetExternalAuthenticationSchemesAsync()).ToList(); if (!ModelState.IsValid) { return(Page()); } // Check ReCaptcha var reResponse = await _reCaptcha.Validate(ReCaptchaResponse); if (!reResponse.success) { ModelState.TryAddModelError("ReCaptcha", "Incorrect ReCaptcha"); return(Page()); } // Check if invite code is correct var inviteCode = await _context.InviteCodes .FirstOrDefaultAsync(ic => ic.NormalizedCode == Input.InviteCode.ToUpper()); if (inviteCode == null) { ModelState.TryAddModelError("InviteCode", "Incorrect invite code"); return(Page()); } if (inviteCode.UsedDate != null) { ModelState.TryAddModelError("InviteCode", "This invite code has been used"); return(Page()); } // Create user var user = new OgmaUser { UserName = Input.Name, Email = Input.Email }; var result = await _userManager.CreateAsync(user, Input.Password); // If everything went fine... if (result.Succeeded) { _logger.LogInformation("User created a new account with password."); // Modify invite code inviteCode.UsedBy = user; inviteCode.UsedDate = DateTime.Now; await _context.SaveChangesAsync(); // Setup default blacklists var defaultBlockedRatings = await _context.Ratings .Where(r => r.BlacklistedByDefault) .AsNoTracking() .ToListAsync(); var blockedRatings = defaultBlockedRatings.Select(dbr => new BlacklistedRating { User = user, Rating = dbr }); await _context.BlacklistedRatings.AddRangeAsync(blockedRatings); // Send confirmation code var code = await _userManager.GenerateEmailConfirmationTokenAsync(user); code = WebEncoders.Base64UrlEncode(Encoding.UTF8.GetBytes(code)); var callbackUrl = Url.Page( "/Account/ConfirmEmail", null, new { area = "Identity", userId = user.Id, code }, Request.Scheme); await _emailSender.SendEmailAsync(Input.Email, "Confirm your email", $"Please confirm your account by <a href='{HtmlEncoder.Default.Encode(callbackUrl)}'>clicking here</a>."); if (_userManager.Options.SignIn.RequireConfirmedAccount) { return(RedirectToPage("RegisterConfirmation", new { email = Input.Email })); } else { return(LocalRedirect(returnUrl)); } } foreach (var error in result.Errors) { ModelState.AddModelError(string.Empty, error.Description); } // If we got this far, something failed, redisplay form return(Page()); }
public async Task <IActionResult> OnPostAsync(string returnUrl = null) { returnUrl = returnUrl ?? Url.Content("~/"); var recaptcha = await _recaptcha.Validate(Request); if (!recaptcha.success) { ModelState.AddModelError("Recaptcha", "There was an error validating recaptcha. Please try again!"); } if (ModelState.IsValid) { var result = await _signInManager.PasswordSignInAsync(Input.Email, Input.Password, Input.RememberMe, lockoutOnFailure : true); var user = _signInManager.UserManager.FindByEmailAsync(Input.Email).Result; if (result.Succeeded) { if (user.BanStatus == true) { await _signInManager.SignOutAsync(); _logger.LogInformation("User logged out."); logger.Info("{user} logged out with BanStatus - True", Input.Email); ModelState.AddModelError(string.Empty, "User is Banned."); return(Page()); } _logger.LogInformation("User logged in."); logger.Info("{user} logged in", Input.Email); return(LocalRedirect(returnUrl)); } if (user != null) { if (!_signInManager.UserManager.IsEmailConfirmedAsync(user).Result) { // Clear the existing external cookie to ensure a clean login process await HttpContext.SignOutAsync(IdentityConstants.ExternalScheme); ExternalLogins = (await _signInManager.GetExternalAuthenticationSchemesAsync()).ToList(); ViewData["unVerifiedMail"] = true; return(Page()); } } if (result.RequiresTwoFactor) { return(RedirectToPage("./LoginWith2fa", new { ReturnUrl = returnUrl, RememberMe = Input.RememberMe })); } if (result.IsLockedOut) { _logger.LogWarning("User account locked out."); return(RedirectToPage("./Lockout")); } else { // Clear the existing external cookie to ensure a clean login process await HttpContext.SignOutAsync(IdentityConstants.ExternalScheme); ExternalLogins = (await _signInManager.GetExternalAuthenticationSchemesAsync()).ToList(); ModelState.AddModelError(string.Empty, "Invalid login attempt."); return(Page()); } } // If we got this far, something failed, redisplay form // Clear the existing external cookie to ensure a clean login process await HttpContext.SignOutAsync(IdentityConstants.ExternalScheme); ExternalLogins = (await _signInManager.GetExternalAuthenticationSchemesAsync()).ToList(); return(Page()); }
public ActionResult Register(RegisterViewModel model) { ViewBag.RecaptchaSiteKey = _recaptchaConfig.RecaptchaSiteKey; var encodedResponse = Request.Form[RecaptchaResult.ResponseFormVariable]; var isCaptchaValid = _recaptchaService.Validate(encodedResponse); if (!isCaptchaValid) { ModelState.AddModelError("", Globalisation.Dictionary.InvalidRecaptcha); return(View(model)); } if (_authentication.IsAuthenticated) { _authentication.Logout(); } if (ModelState.IsValid) { var result = _accountService.Register(model.RegisterModel); if (result.IsSuccess) { var user = _userRepository.Find(e => e.Username == model.RegisterModel.UserName).FirstOrDefault(); if (!string.IsNullOrEmpty(model.PromoCode)) { if (user?.Id > 0) { try { _userService.UsePromoCode(user.Id, model.PromoCode); } catch (Exception e) { ModelState.AddModelError("PromoCode", e.Message); } _membershipService.ProcessPurchaseWithPromoCode(user.Id, model.PromoCode); } else { _logger.Error("AccountController => Register => Promo code used but UserId is 0"); return(RedirectToAction("AccountCreated", "Account", new { additionalError = Globalisation.Dictionary.PromoCodeNotUsed })); } } return(RedirectToAction("AccountCreated", "Account")); } foreach (var registrationError in result.Errors) { if (registrationError.Exception != null && registrationError.Exception.IsDuplicateIndexError()) { var user = registrationError.Data.MapTo <User>(); var serviceError = registrationError.Exception.GetServiceErrorFromException(user); ModelState.AddModelError("", serviceError.ErrorMessage); } else { ModelState.AddModelError(registrationError.FieldName, registrationError.ErrorMessage); } } } return(View(model)); }
public async Task <ActionResult> Signin(LoginViewModel model) { model.LoginRecaptchaKey = _securitySettings.RecaptchaKey; model.RegisterRecaptchaKey = _securitySettings.RecaptchaKey; if (model.IsLogin.HasValue && model.IsLogin.Value) { if (!model.Username.IsValidEmailAndRowKey()) { ModelState.AddModelError(nameof(model.Username), "Please enter a valid email address"); } if (!await _recaptchaService.Validate()) { ModelState.AddModelError(nameof(model.LoginRecaptchaKey), "Captcha validation failed"); } if (!ModelState.IsValid) { return(View("Login", model)); } AuthResponse authResult = await _registrationClient.AuthorizeAsync(new AuthModel { Email = model.Username, Password = model.Password, Ip = HttpContext.GetIp(), UserAgent = HttpContext.GetUserAgent() }); if (authResult == null) { ModelState.AddModelError("", "Technical problems during authorization."); return(View("Login", model)); } if (authResult.Status == AuthenticationStatus.Error) { ModelState.AddModelError("", "The username or password you entered is incorrect"); return(View("Login", model)); } var identity = await _userManager.CreateUserIdentityAsync(authResult.Account.Id, authResult.Account.Email, model.Username, false); await HttpContext.SignInAsync(OpenIdConnectConstantsExt.Auth.DefaultScheme, new ClaimsPrincipal(identity)); return(RedirectToLocal(model.ReturnUrl)); } ModelState.ClearValidationState(nameof(model.Username)); ModelState.ClearValidationState(nameof(model.Password)); if (string.IsNullOrEmpty(model.Email)) { ModelState.AddModelError(nameof(model.Email), $"{nameof(model.Email)} is required and can't be empty"); return(View("Login", model)); } if (!model.Email.IsValidEmailAndRowKey()) { ModelState.AddModelError(nameof(model.Email), "Please enter a valid email address"); return(View("Login", model)); } if (!await _recaptchaService.Validate()) { ModelState.AddModelError(nameof(model.RegisterRecaptchaKey), "Captcha validation failed"); return(View("Login", model)); } var traffic = Request.Cookies["sbjs_current"]; var code = await _verificationCodesRepository.AddCodeAsync(model.Email, model.Referer, model.ReturnUrl, model.Cid, traffic); var url = Url.Action("Signup", "Authentication", new { key = code.Key }, Request.Scheme); await _emailFacadeService.SendVerifyCode(model.Email, code.Code, url); return(RedirectToAction("Signup", new { key = code.Key })); }
public IActionResult AddComment(AddCommentViewModel addcomment) { List <string> errors = new List <string>(); if (!ModelState.IsValid) { errors.Add("[Some of your entries are invalid]"); } if (!dasBlogSettings.SiteConfiguration.EnableComments) { errors.Add("Comments are disabled on the site."); } // Optional in case of Captcha. Commenting the settings in the config file // Will disable this check. People will typically disable this when using captcha. if (!string.IsNullOrEmpty(dasBlogSettings.SiteConfiguration.CheesySpamQ) && !string.IsNullOrEmpty(dasBlogSettings.SiteConfiguration.CheesySpamA) && dasBlogSettings.SiteConfiguration.CheesySpamQ.Trim().Length > 0 && dasBlogSettings.SiteConfiguration.CheesySpamA.Trim().Length > 0) { if (string.Compare(addcomment.CheesyQuestionAnswered, dasBlogSettings.SiteConfiguration.CheesySpamA, StringComparison.OrdinalIgnoreCase) != 0) { errors.Add("Answer to Spam Question is invalid. Please enter a valid answer for Spam Question and try again."); } } if (dasBlogSettings.SiteConfiguration.EnableCaptcha) { var recaptchaTask = recaptcha.Validate(Request); recaptchaTask.Wait(); var recaptchaResult = recaptchaTask.Result; if ((!recaptchaResult.success || recaptchaResult.score != 0) && recaptchaResult.score < dasBlogSettings.SiteConfiguration.RecaptchaMinimumScore) { errors.Add("Unfinished Captcha. Please finish the captcha by clicking 'I'm not a robot' and try again."); } } var commt = mapper.Map <NBR.Comment>(addcomment); commt.AuthorIPAddress = HttpContext.Connection.RemoteIpAddress.ToString(); commt.AuthorUserAgent = HttpContext.Request.Headers["User-Agent"].ToString(); commt.EntryId = Guid.NewGuid().ToString(); commt.IsPublic = !dasBlogSettings.SiteConfiguration.CommentsRequireApproval; commt.CreatedUtc = commt.ModifiedUtc = DateTime.Now.ToUniversalTime(); if (dasBlogSettings.SiteConfiguration.EnableSpamBlockingService) { commt = CheckForSpam(commt, dasBlogSettings.SiteConfiguration); // Spam Moderation is Disabled and the comment is spam. Let's show an error! // TODO: Discuss what are the pros and cons of showing error vs just silently deleting the // comment. if (!dasBlogSettings.SiteConfiguration.EnableSpamModeration && commt.SpamState == NBR.SpamState.Spam) { errors.Add("Spam Comment Detected. Please enter a legitimate comment that is not spam to post it."); } } if (errors.Count > 0) { return(CommentError(addcomment, errors)); } logger.LogInformation(new EventDataItem(EventCodes.CommentAdded, null, "Comment CONTENT DUMP", commt.Content)); var state = blogManager.AddComment(addcomment.TargetEntryId, commt); if (state == NBR.CommentSaveState.Failed) { logger.LogError(new EventDataItem(EventCodes.CommentBlocked, null, "Failed to save comment: {0}", commt.TargetTitle)); errors.Add("Failed to save comment."); } if (state == NBR.CommentSaveState.SiteCommentsDisabled) { logger.LogError(new EventDataItem(EventCodes.CommentBlocked, null, "Comments are closed for this post: {0}", commt.TargetTitle)); errors.Add("Comments are closed for this post."); } if (state == NBR.CommentSaveState.PostCommentsDisabled) { logger.LogError(new EventDataItem(EventCodes.CommentBlocked, null, "Comment are currently disabled: {0}", commt.TargetTitle)); errors.Add("Comment are currently disabled."); } if (state == NBR.CommentSaveState.NotFound) { logger.LogError(new EventDataItem(EventCodes.CommentBlocked, null, "Invalid Post Id: {0}", commt.TargetTitle)); errors.Add("Invalid Post Id."); } if (errors.Count > 0) { return(CommentError(addcomment, errors)); } logger.LogInformation(new EventDataItem(EventCodes.CommentAdded, null, "Comment created on: {0}", commt.TargetTitle)); BreakSiteCache(); return(Comment(addcomment.TargetEntryId)); }
public IActionResult AddComment(AddCommentViewModel addcomment) { if (!dasBlogSettings.SiteConfiguration.EnableComments) { return(BadRequest()); } if (!ModelState.IsValid) { return(Comment(addcomment.TargetEntryId)); } // Optional in case of Captcha. Commenting the settings in the config file // Will disable this check. People will typically disable this when using captcha. if (!String.IsNullOrEmpty(dasBlogSettings.SiteConfiguration.CheesySpamQ) && !String.IsNullOrEmpty(dasBlogSettings.SiteConfiguration.CheesySpamA) && dasBlogSettings.SiteConfiguration.CheesySpamQ.Trim().Length > 0 && dasBlogSettings.SiteConfiguration.CheesySpamA.Trim().Length > 0) { if (string.Compare(addcomment.CheesyQuestionAnswered, dasBlogSettings.SiteConfiguration.CheesySpamA, StringComparison.OrdinalIgnoreCase) != 0) { return(Comment(addcomment.TargetEntryId)); } } if (dasBlogSettings.SiteConfiguration.EnableCaptcha) { var recaptchaTask = recaptcha.Validate(Request); recaptchaTask.Wait(); var recaptchaResult = recaptchaTask.Result; if ((!recaptchaResult.success || recaptchaResult.score != 0) && recaptchaResult.score < dasBlogSettings.SiteConfiguration.RecaptchaMinimumScore) { // Todo: Rajiv Popat: This just redirects to the comment page. Ideally user should be informed that // the captch is invalid and he should be shown an error page with ability to fix the issue. // We need to have the ability to show errors and let the user fix typos in Captcha or Cheesy // Question. For now we are following the sample implementation as Cheesy Spam Question above // for the sake of consistency but this should be fixed everywhere. return(Comment(addcomment.TargetEntryId)); } } addcomment.Content = dasBlogSettings.FilterHtml(addcomment.Content); var commt = mapper.Map <NBR.Comment>(addcomment); commt.AuthorIPAddress = HttpContext.Connection.RemoteIpAddress.ToString(); commt.AuthorUserAgent = HttpContext.Request.Headers["User-Agent"].ToString(); commt.CreatedUtc = commt.ModifiedUtc = DateTime.UtcNow; commt.EntryId = Guid.NewGuid().ToString(); commt.IsPublic = !dasBlogSettings.SiteConfiguration.CommentsRequireApproval; var state = blogManager.AddComment(addcomment.TargetEntryId, commt); if (state == NBR.CommentSaveState.Failed) { ModelState.AddModelError("", "Comment failed"); return(StatusCode(500)); } if (state == NBR.CommentSaveState.SiteCommentsDisabled) { ModelState.AddModelError("", "Comments are closed for this post"); return(StatusCode(403)); } if (state == NBR.CommentSaveState.PostCommentsDisabled) { ModelState.AddModelError("", "Comment are currently disabled"); return(StatusCode(403)); } if (state == NBR.CommentSaveState.NotFound) { ModelState.AddModelError("", "Invalid Target Post Id"); return(NotFound()); } logger.LogInformation(new EventDataItem(EventCodes.CommentAdded, null, "Comment created on: {0}", commt.TargetTitle)); BreakSiteCache(); return(Comment(addcomment.TargetEntryId)); }