public static void InitializeIdentity(ApplicationDbContext context)
{
#region Contracts
if (context == null) throw new ArgumentNullException();
#endregion
// Default - User
const string adminUserName = "******";
const string adminUserPassword = "******";
const string guestUserName = "******";
const string guestUserPassword = "******";
// Default - Role
const string adminRoleName = "Admin";
const string guestRoleName = "Guest";
// Default - Permission
const string aboutPermissionName = "AboutAccess";
const string contactPermissionName = "ContactAccess";
// Manager
var userManager = HttpContext.Current.GetOwinContext().Get<ApplicationUserManager>();
var roleManager = HttpContext.Current.GetOwinContext().Get<ApplicationRoleManager>();
var permissionManager = HttpContext.Current.GetOwinContext().Get<ApplicationPermissionManager>();
// User
var adminUser = userManager.FindByName(adminUserName);
if (adminUser == null)
{
adminUser = new ApplicationUser { UserName = adminUserName, Email = adminUserName };
userManager.Create(adminUser, adminUserPassword);
userManager.SetLockoutEnabled(adminUser.Id, false);
}
var guestUser = userManager.FindByName(guestUserName);
if (guestUser == null)
{
guestUser = new ApplicationUser { UserName = guestUserName, Email = guestUserName };
userManager.Create(guestUser, guestUserPassword);
userManager.SetLockoutEnabled(guestUser.Id, false);
}
// Role
var adminRole = roleManager.FindByName(adminRoleName);
if (adminRole == null)
{
adminRole = new ApplicationRole(adminRoleName);
roleManager.Create(adminRole);
}
var guestRole = roleManager.FindByName(guestRoleName);
if (guestRole == null)
{
guestRole = new ApplicationRole(guestRoleName);
roleManager.Create(guestRole);
}
// Permission
var aboutPermission = permissionManager.FindByName(aboutPermissionName);
if (aboutPermission == null)
{
aboutPermission = new ApplicationPermission(aboutPermissionName);
permissionManager.Create(aboutPermission);
}
var contactPermission = permissionManager.FindByName(contactPermissionName);
if (contactPermission == null)
{
contactPermission = new ApplicationPermission(contactPermissionName);
permissionManager.Create(contactPermission);
}
// UserAddToRole
IList<string> rolesForUser = null;
rolesForUser = userManager.GetRoles(adminUser.Id);
if (rolesForUser.Contains(adminRole.Name) == false)
{
userManager.AddToRole(adminUser.Id, adminRole.Name);
}
rolesForUser = userManager.GetRoles(guestUser.Id);
if (rolesForUser.Contains(guestRole.Name) == false)
{
userManager.AddToRole(guestUser.Id, guestRole.Name);
}
// PermissionAddToRole
IList<string> rolesForPermission = null;
rolesForPermission = permissionManager.GetRolesById(aboutPermission.Id);
if (rolesForPermission.Contains(adminRole.Name) == false)
{
permissionManager.AddToRole(aboutPermission.Id, adminRole.Name);
}
rolesForPermission = permissionManager.GetRolesById(contactPermission.Id);
if (rolesForPermission.Contains(adminRole.Name) == false)
{
permissionManager.AddToRole(contactPermission.Id, adminRole.Name);
}
}
public override Task<ClaimsIdentity> CreateUserIdentityAsync(ApplicationUser user)
{
return user.GenerateUserIdentityAsync(this.UserManager as ApplicationUserManager);
}
public async Task<ActionResult> ExternalLoginConfirmation(ExternalLoginConfirmationViewModel model, string returnUrl)
{
if (User.Identity.IsAuthenticated)
{
return RedirectToAction("Index", "Manage");
}
if (ModelState.IsValid)
{
// 從外部登入提供者處取得使用者資訊
var info = await AuthenticationManager.GetExternalLoginInfoAsync();
if (info == null)
{
return View("ExternalLoginFailure");
}
var user = new ApplicationUser { UserName = model.Email, Email = model.Email };
var result = await UserManager.CreateAsync(user);
if (result.Succeeded)
{
result = await UserManager.AddLoginAsync(user.Id, info.Login);
if (result.Succeeded)
{
await SignInManager.SignInAsync(user, isPersistent: false, rememberBrowser: false);
return RedirectToLocal(returnUrl);
}
}
AddErrors(result);
}
ViewBag.ReturnUrl = returnUrl;
return View(model);
}
public async Task<ActionResult> Create(RegisterViewModel userViewModel, params string[] selectedRoles)
{
if (ModelState.IsValid)
{
var user = new ApplicationUser { UserName = userViewModel.Email, Email = userViewModel.Email };
var adminresult = await UserManager.CreateAsync(user, userViewModel.Password);
//Add User to the selected Roles
if (adminresult.Succeeded)
{
if (selectedRoles != null)
{
var result = await UserManager.AddToRolesAsync(user.Id, selectedRoles);
if (!result.Succeeded)
{
ModelState.AddModelError("", result.Errors.First());
ViewBag.RoleId = new SelectList(await RoleManager.Roles.ToListAsync(), "Name", "Name");
return View();
}
}
}
else
{
ModelState.AddModelError("", adminresult.Errors.First());
ViewBag.RoleId = new SelectList(RoleManager.Roles, "Name", "Name");
return View();
}
return RedirectToAction("Index");
}
ViewBag.RoleId = new SelectList(RoleManager.Roles, "Name", "Name");
return View();
}
public async Task<ActionResult> Register(RegisterViewModel model)
{
if (ModelState.IsValid)
{
var user = new ApplicationUser { UserName = model.Email, Email = model.Email };
var result = await UserManager.CreateAsync(user, model.Password);
if (result.Succeeded)
{
await SignInManager.SignInAsync(user, isPersistent:false, rememberBrowser:false);
// 如需如何啟用帳戶確認和密碼重設的詳細資訊,請造訪 http://go.microsoft.com/fwlink/?LinkID=320771
// 傳送包含此連結的電子郵件
// string code = await UserManager.GenerateEmailConfirmationTokenAsync(user.Id);
// var callbackUrl = Url.Action("ConfirmEmail", "Account", new { userId = user.Id, code = code }, protocol: Request.Url.Scheme);
// await UserManager.SendEmailAsync(user.Id, "確認您的帳戶", "請按一下此連結確認您的帳戶 <a href=\"" + callbackUrl + "\">這裏</a>");
return RedirectToAction("Index", "Home");
}
AddErrors(result);
}
// 如果執行到這裡,發生某項失敗,則重新顯示表單
return View(model);
}