public ActionResult Disassociate(string provider, string providerUserId)
{
string ownerAccount = OAuthWebSecurity.GetUserName(provider, providerUserId);
ManageMessageId? message = null;
// Only disassociate the account if the currently logged in user is the owner
if (ownerAccount == User.Identity.Name)
{
// Use a transaction to prevent the user from deleting their last login credential
using (var transaction = new SafeTransaction(TransactionScopeOption.Required, IsolationLevel.Serializable))
{
bool hasLocalAccount = OAuthWebSecurity.HasLocalAccount(WebSecurity.GetUserId(User.Identity.Name));
if (hasLocalAccount || OAuthWebSecurity.GetAccountsFromUserName(User.Identity.Name).Count > 1)
{
OAuthWebSecurity.DeleteAccount(provider, providerUserId);
transaction.Complete();
message = ManageMessageId.RemoveLoginSuccess;
}
}
}
return RedirectToAction("Manage", new { message });
}
public ActionResult ExternalLoginConfirmation(RegisterExternalLoginModel model, string returnUrl)
{
string provider = null;
string providerUserId = null;
if (User.Identity.IsAuthenticated || !OAuthWebSecurity.TryDeserializeProviderUserId(model.ExternalLoginData, out provider, out providerUserId))
{
return RedirectToAction("Manage");
}
if (ModelState.IsValid)
{
var config = Infrastructure.ApplicationConfigurationSection.GetConfig();
// Get the default administrator to add they to 'Administrators' group
var adminName = config.DefaultAdminUserName;
var adminProviderName = config.DefaultAdminProvider;
// Insert a new user into the database
var context = DependencyResolver.Current.GetService<Data.DatabaseContext>();
var user = context.Users.FirstOrDefault(u => u.UserName.ToLower() == model.UserName.ToLower());
// Check if user already exists
if (user == null)
{
using (var transaction = new SafeTransaction())
{
// Insert name into the profile table
context.Users.Add(new UserEntity { UserName = model.UserName, DateRegistered = ServerTime.Now });
context.SaveChanges();
OAuthWebSecurity.CreateOrUpdateAccount(provider, providerUserId, model.UserName);
OAuthWebSecurity.Login(provider, providerUserId, createPersistentCookie: false);
transaction.Complete();
}
// setup default admin at the first login
if (!String.IsNullOrEmpty(model.OriginalUserName) && model.OriginalUserName.Equals(adminName) && provider.Equals(adminProviderName))
Roles.AddUserToRole(model.UserName, Infrastructure.AppConstants.AdministratorsGroup);
return RedirectToLocal(returnUrl);
}
else
{
ModelState.AddModelError("UserName", "User name already exists. Please enter a different user name.");
}
}
ViewBag.ProviderDisplayName = OAuthWebSecurity.GetOAuthClientData(provider).DisplayName;
ViewBag.ReturnUrl = returnUrl;
return View(model);
}