public ActionResult LogOn(LogOnViewModel model)
{
using (var unitOfWork = UnitOfWorkManager.NewUnitOfWork())
{
var username = model.UserName;
var password = model.Password;
try
{
if (ModelState.IsValid)
{
// We have an event here to help with Single Sign Ons
// You can do manual lookups to check users based on a webservice and validate a user
// Then log them in if they exist or create them and log them in - Have passed in a UnitOfWork
// To allow database changes.
var e = new LoginEventArgs
{
UserName = model.UserName,
Password = model.Password,
RememberMe = model.RememberMe,
ReturnUrl = model.ReturnUrl,
UnitOfWork = unitOfWork
};
EventManager.Instance.FireBeforeLogin(this, e);
if (!e.Cancel)
{
var message = new GenericMessageViewModel();
var user = new MembershipUser();
if (MembershipService.ValidateUser(username, password, System.Web.Security.Membership.MaxInvalidPasswordAttempts))
{
// Set last login date
user = MembershipService.GetUser(username);
if (user.IsApproved && !user.IsLockedOut && !user.IsBanned)
{
FormsAuthentication.SetAuthCookie(username, model.RememberMe);
user.LastLoginDate = DateTime.UtcNow;
if (Url.IsLocalUrl(model.ReturnUrl) && model.ReturnUrl.Length > 1 && model.ReturnUrl.StartsWith("/")
&& !model.ReturnUrl.StartsWith("//") && !model.ReturnUrl.StartsWith("/\\"))
{
return Redirect(model.ReturnUrl);
}
message.Message = LocalizationService.GetResourceString("Members.NowLoggedIn");
message.MessageType = GenericMessages.success;
EventManager.Instance.FireAfterLogin(this, new LoginEventArgs
{
UserName = model.UserName,
Password = model.Password,
RememberMe = model.RememberMe,
ReturnUrl = model.ReturnUrl,
UnitOfWork = unitOfWork
});
return RedirectToAction("Index", "Home", new { area = string.Empty });
}
//else if (!user.IsApproved && SettingsService.GetSettings().ManuallyAuthoriseNewMembers)
//{
// message.Message = LocalizationService.GetResourceString("Members.NowRegisteredNeedApproval");
// message.MessageType = GenericMessages.success;
//}
//else if (!user.IsApproved && SettingsService.GetSettings().NewMemberEmailConfirmation == true)
//{
// message.Message = LocalizationService.GetResourceString("Members.MemberEmailAuthorisationNeeded");
// message.MessageType = GenericMessages.success;
//}
}
// Only show if we have something to actually show to the user
if (!string.IsNullOrEmpty(message.Message))
{
TempData[AppConstants.MessageViewBagName] = message;
}
else
{
// get here Login failed, check the login status
var loginStatus = MembershipService.LastLoginStatus;
switch (loginStatus)
{
case LoginAttemptStatus.UserNotFound:
case LoginAttemptStatus.PasswordIncorrect:
ModelState.AddModelError(string.Empty, LocalizationService.GetResourceString("Members.Errors.PasswordIncorrect"));
break;
case LoginAttemptStatus.PasswordAttemptsExceeded:
ModelState.AddModelError(string.Empty, LocalizationService.GetResourceString("Members.Errors.PasswordAttemptsExceeded"));
break;
case LoginAttemptStatus.UserLockedOut:
ModelState.AddModelError(string.Empty, LocalizationService.GetResourceString("Members.Errors.UserLockedOut"));
break;
case LoginAttemptStatus.Banned:
ModelState.AddModelError(string.Empty, LocalizationService.GetResourceString("Members.NowBanned"));
break;
case LoginAttemptStatus.UserNotApproved:
ModelState.AddModelError(string.Empty, LocalizationService.GetResourceString("Members.Errors.UserNotApproved"));
user = MembershipService.GetUser(username);
SendEmailConfirmationEmail(user);
break;
default:
ModelState.AddModelError(string.Empty, LocalizationService.GetResourceString("Members.Errors.LogonGeneric"));
break;
}
}
}
}
}
finally
{
try
{
unitOfWork.Commit();
}
catch (Exception ex)
{
unitOfWork.Rollback();
LoggingService.Error(ex);
}
}
return View(model);
}
}
public ActionResult FacebookLogin()
{
var resultMessage = new GenericMessageViewModel();
Callback = Request.QueryString["callback"];
ContentTypeAlias = Request.QueryString["contentTypeAlias"];
PropertyAlias = Request.QueryString["propertyAlias"];
if (AuthState != null)
{
var stateValue = Session["MVCForum_" + AuthState] as string[];
if (stateValue != null && stateValue.Length == 3)
{
Callback = stateValue[0];
ContentTypeAlias = stateValue[1];
PropertyAlias = stateValue[2];
}
}
// Get the prevalue options
if (string.IsNullOrEmpty(SiteConstants.Instance.FacebookAppId) ||
string.IsNullOrEmpty(SiteConstants.Instance.FacebookAppSecret))
{
resultMessage.Message = "You need to add the Facebook app credentials";
resultMessage.MessageType = GenericMessages.danger;
}
else
{
// Settings valid move on
// Configure the OAuth client based on the options of the prevalue options
var client = new FacebookOAuthClient
{
AppId = SiteConstants.Instance.FacebookAppId,
AppSecret = SiteConstants.Instance.FacebookAppSecret,
RedirectUri = ReturnUrl
};
// Session expired?
if (AuthState != null && Session["MVCForum_" + AuthState] == null)
{
resultMessage.Message = "Session Expired";
resultMessage.MessageType = GenericMessages.danger;
}
// Check whether an error response was received from Facebook
if (AuthError != null)
{
Session.Remove("MVCForum_" + AuthState);
resultMessage.Message = AuthErrorDescription;
resultMessage.MessageType = GenericMessages.danger;
}
// Redirect the user to the Facebook login dialog
if (AuthCode == null)
{
// Generate a new unique/random state
var state = Guid.NewGuid().ToString();
// Save the state in the current user session
Session["MVCForum_" + state] = new[] { Callback, ContentTypeAlias, PropertyAlias };
// Construct the authorization URL
var url = client.GetAuthorizationUrl(state, "public_profile", "email"); //"user_friends"
// Redirect the user
return Redirect(url);
}
// Exchange the authorization code for a user access token
var userAccessToken = string.Empty;
try
{
userAccessToken = client.GetAccessTokenFromAuthCode(AuthCode);
}
catch (Exception ex)
{
resultMessage.Message = string.Format("Unable to acquire access token<br/>{0}", ex.Message);
resultMessage.MessageType = GenericMessages.danger;
}
try
{
if (string.IsNullOrEmpty(resultMessage.Message))
{
// Initialize the Facebook service (no calls are made here)
var service = FacebookService.CreateFromAccessToken(userAccessToken);
// Declare the options for the call to the API
var options = new FacebookGetUserOptions
{
Identifier = "me",
Fields = new[] { "id", "name", "email", "first_name", "last_name", "gender" }
};
var user = service.Users.GetUser(options);
// Try to get the email - Some FB accounts have protected passwords
var email = user.Body.Email;
if (string.IsNullOrEmpty(email))
{
resultMessage.Message = LocalizationService.GetResourceString("Members.UnableToGetEmailAddress");
resultMessage.MessageType = GenericMessages.danger;
ShowMessage(resultMessage);
return RedirectToAction("LogOn", "Members");
}
// First see if this user has registered already - Use email address
using (UnitOfWorkManager.NewUnitOfWork())
{
var userExists = MembershipService.GetUserByEmail(email);
if (userExists != null)
{
try
{
// Users already exists, so log them in
FormsAuthentication.SetAuthCookie(userExists.UserName, true);
resultMessage.Message = LocalizationService.GetResourceString("Members.NowLoggedIn");
resultMessage.MessageType = GenericMessages.success;
ShowMessage(resultMessage);
return RedirectToAction("Index", "Home");
}
catch (Exception ex)
{
LoggingService.Error(ex);
}
}
else
{
// Not registered already so register them
var viewModel = new MemberAddViewModel
{
Email = email,
LoginType = LoginType.Facebook,
Password = StringUtils.RandomString(8),
UserName = user.Body.Name,
UserAccessToken = userAccessToken
};
// Get the image and save it
var getImageUrl = string.Format("http://graph.facebook.com/{0}/picture?type=square", user.Body.Id);
viewModel.SocialProfileImageUrl = getImageUrl;
//Large size photo https://graph.facebook.com/{facebookId}/picture?type=large
//Medium size photo https://graph.facebook.com/{facebookId}/picture?type=normal
//Small size photo https://graph.facebook.com/{facebookId}/picture?type=small
//Square photo https://graph.facebook.com/{facebookId}/picture?type=square
// Store the viewModel in TempData - Which we'll use in the register logic
TempData[AppConstants.MemberRegisterViewModel] = viewModel;
return RedirectToAction("SocialLoginValidator", "Members");
}
}
}
}
catch (Exception ex)
{
resultMessage.Message = string.Format("Unable to get user information<br/>{0}", ex.Message);
resultMessage.MessageType = GenericMessages.danger;
LoggingService.Error(ex);
}
}
ShowMessage(resultMessage);
return RedirectToAction("LogOn", "Members");
}
protected void ShowMessage(GenericMessageViewModel messageViewModel)
{
//ViewData[AppConstants.MessageViewBagName] = messageViewModel;
TempData[AppConstants.MessageViewBagName] = messageViewModel;
}
public ActionResult MicrosoftLogin()
{
var resultMessage = new GenericMessageViewModel();
var input = new
{
Code = AuthCode,
State = AuthState,
Error = new
{
HasError = !String.IsNullOrWhiteSpace(AuthError),
Text = AuthError,
ErrorDescription = AuthErrorDescription
}
};
// Get the prevalue options
if (string.IsNullOrEmpty(SiteConstants.MicrosoftAppId) ||
string.IsNullOrEmpty(SiteConstants.MicrosoftAppSecret))
{
resultMessage.Message = "You need to add the Microsoft app credentials to the web.config";
resultMessage.MessageType = GenericMessages.danger;
}
else
{
var client = new MicrosoftOAuthClient
{
ClientId = SiteConstants.MicrosoftAppId,
ClientSecret = SiteConstants.MicrosoftAppSecret,
RedirectUri = ReturnUrl
};
// Session expired?
if (input.State != null && Session["MVCForum_" + input.State] == null)
{
resultMessage.Message = "Session Expired";
resultMessage.MessageType = GenericMessages.danger;
}
// Check whether an error response was received from Microsoft
if (input.Error.HasError)
{
Session.Remove("MVCForum_" + input.State);
resultMessage.Message = AuthErrorDescription;
resultMessage.MessageType = GenericMessages.danger;
}
// Redirect the user to the Microsoft login dialog
if (string.IsNullOrWhiteSpace(input.Code))
{
// Generate a new unique/random state
var state = Guid.NewGuid().ToString();
// Save the state in the current user session
Session["MVCForum_" + state] = "/";
// Construct the authorization URL
var url = client.GetAuthorizationUrl(state, WindowsLiveScopes.Emails + WindowsLiveScopes.Birthday);
// Redirect the user
return Redirect(url);
}
// Exchange the authorization code for an access token
MicrosoftTokenResponse accessTokenResponse;
try
{
Session.Remove("MVCForum_" + input.State);
accessTokenResponse = client.GetAccessTokenFromAuthCode(input.Code);
}
catch (Exception ex)
{
accessTokenResponse = null;
resultMessage.Message = string.Format("Unable to acquire access token<br/>{0}", ex.Message);
resultMessage.MessageType = GenericMessages.danger;
}
try
{
if (string.IsNullOrEmpty(resultMessage.Message) || accessTokenResponse != null)
{
//MicrosoftScope debug = accessTokenResponse.Body.Scope.Items;
//accessTokenResponse.Body.AccessToken
//foreach (MicrosoftScope scope in accessTokenResponse.Body.Scope.Items) {
// scope
//}
//accessTokenResponse.Response.Body
// Initialize a new MicrosoftService so we can make calls to the API
var service = MicrosoftService.CreateFromAccessToken(accessTokenResponse.Body.AccessToken);
// Make the call to the Windows Live API / endpoint
var response = service.WindowsLive.GetSelf();
// Get a reference to the response body
var user = response.Body;
var getEmail = user.Emails != null && !string.IsNullOrWhiteSpace(user.Emails.Preferred);
if (!getEmail)
{
resultMessage.Message = LocalizationService.GetResourceString("Members.UnableToGetEmailAddress");
resultMessage.MessageType = GenericMessages.danger;
ShowMessage(resultMessage);
return RedirectToAction("LogOn", "Members");
}
using (UnitOfWorkManager.NewUnitOfWork())
{
var userExists = MembershipService.GetUserByEmail(user.Emails.Preferred);
if (userExists != null)
{
try
{
// Users already exists, so log them in
FormsAuthentication.SetAuthCookie(userExists.UserName, true);
resultMessage.Message = LocalizationService.GetResourceString("Members.NowLoggedIn");
resultMessage.MessageType = GenericMessages.success;
ShowMessage(resultMessage);
return RedirectToAction("Index", "Home");
}
catch (Exception ex)
{
LoggingService.Error(ex);
}
}
else
{
// Not registered already so register them
var viewModel = new MemberAddViewModel
{
Email = user.Emails.Preferred,
LoginType = LoginType.Microsoft,
Password = StringUtils.RandomString(8),
UserName = user.Name,
UserAccessToken = accessTokenResponse.Body.AccessToken,
SocialProfileImageUrl = string.Format("https://apis.live.net/v5.0/{0}/picture", user.Id)
};
//var uri = string.Concat("https://apis.live.net/v5.0/me?access_token=",viewModel.UserAccessToken);
//using (var dl = new WebClient())
//{
// var profile = JObject.Parse(dl.DownloadString(uri));
// var pictureUrl = ;
// if (!string.IsNullOrEmpty(pictureUrl))
// {
// //viewModel.SocialProfileImageUrl = getImageUrl;
// }
//}
// Store the viewModel in TempData - Which we'll use in the register logic
TempData[AppConstants.MemberRegisterViewModel] = viewModel;
return RedirectToAction("SocialLoginValidator", "Members");
}
}
}
else
{
resultMessage.MessageType = GenericMessages.danger;
ShowMessage(resultMessage);
return RedirectToAction("LogOn", "Members");
}
}
catch (Exception ex)
{
resultMessage.Message = string.Format("Unable to get user information<br/>{0}", ex.Message);
resultMessage.MessageType = GenericMessages.danger;
LoggingService.Error(ex);
}
}
ShowMessage(resultMessage);
return RedirectToAction("LogOn", "Members");
}
public ActionResult SendTestEmail()
{
using (var uow = UnitOfWorkManager.NewUnitOfWork())
{
var sb = new StringBuilder();
sb.AppendFormat("<p>{0}</p>",
string.Concat("This is a test email from ", SettingsService.GetSettings().ForumName));
var email = new Email
{
EmailTo = SettingsService.GetSettings().AdminEmailAddress,
NameTo = "Email Test Admin",
Subject = string.Concat("Email Test From ", SettingsService.GetSettings().ForumName)
};
email.Body = _emailService.EmailTemplate(email.NameTo, sb.ToString());
_emailService.SendMail(email);
var message = new GenericMessageViewModel
{
Message = "Test Email Sent",
MessageType = GenericMessages.success
};
try
{
uow.Commit();
}
catch (Exception ex)
{
uow.Rollback();
LoggingService.Error(ex);
message.Message = "Error sending email";
message.MessageType = GenericMessages.danger;
}
TempData[AppConstants.MessageViewBagName] = message;
return RedirectToAction("Index");
}
}
public ActionResult GoogleLogin()
{
var resultMessage = new GenericMessageViewModel();
Callback = Request.QueryString["callback"];
ContentTypeAlias = Request.QueryString["contentTypeAlias"];
PropertyAlias = Request.QueryString["propertyAlias"];
Feature = Request.QueryString["feature"];
if (AuthState != null)
{
var stateValue = Session["MVCForum_" + AuthState] as NameValueCollection;
if (stateValue != null)
{
Callback = stateValue["Callback"];
ContentTypeAlias = stateValue["ContentTypeAlias"];
PropertyAlias = stateValue["PropertyAlias"];
Feature = stateValue["Feature"];
}
}
if (string.IsNullOrEmpty(SiteConstants.GooglePlusAppId) ||
string.IsNullOrEmpty(SiteConstants.GooglePlusAppSecret))
{
resultMessage.Message = "You need to add the Google app credentials";
resultMessage.MessageType = GenericMessages.danger;
}
else
{
// Configure the OAuth client based on the options of the prevalue options
var client = new GoogleOAuthClient
{
ClientId = SiteConstants.GooglePlusAppId,
ClientSecret = SiteConstants.GooglePlusAppSecret,
RedirectUri = ReturnUrl
};
// Session expired?
if (AuthState != null && Session["MVCForum_" + AuthState] == null)
{
resultMessage.Message = "Session Expired";
resultMessage.MessageType = GenericMessages.danger;
}
// Check whether an error response was received from Google
if (AuthError != null)
{
resultMessage.Message = AuthErrorDescription;
resultMessage.MessageType = GenericMessages.danger;
if (AuthState != null) Session.Remove("MVCForum_" + AuthState);
}
// Redirect the user to the Google login dialog
if (AuthCode == null)
{
// Generate a new unique/random state
var state = Guid.NewGuid().ToString();
// Save the state in the current user session
Session["MVCForum_" + state] = new NameValueCollection {
{ "Callback", Callback},
{ "ContentTypeAlias", ContentTypeAlias},
{ "PropertyAlias", PropertyAlias},
{ "Feature", Feature}
};
// Declare the scope
var scope = new[] {
GoogleScopes.OpenId,
GoogleScopes.Email,
GoogleScopes.Profile
};
// Construct the authorization URL
var url = client.GetAuthorizationUrl(state, scope, GoogleAccessType.Offline, GoogleApprovalPrompt.Force);
// Redirect the user
return Redirect(url);
}
var info = new GoogleAccessTokenResponse();
try
{
info = client.GetAccessTokenFromAuthorizationCode(AuthCode);
}
catch (Exception ex)
{
resultMessage.Message = string.Format("Unable to acquire access token<br/>{0}", ex.Message);
resultMessage.MessageType = GenericMessages.danger;
}
try
{
// Initialize the Google service
var service = GoogleService.CreateFromRefreshToken(client.ClientIdFull, client.ClientSecret, info.RefreshToken);
// Get information about the authenticated user
var user = service.GetUserInfo();
using (UnitOfWorkManager.NewUnitOfWork())
{
var userExists = MembershipService.GetUserByEmail(user.Email);
if (userExists != null)
{
// Users already exists, so log them in
FormsAuthentication.SetAuthCookie(userExists.UserName, true);
resultMessage.Message = LocalizationService.GetResourceString("Members.NowLoggedIn");
resultMessage.MessageType = GenericMessages.success;
ShowMessage(resultMessage);
return RedirectToAction("Index", "Home");
}
else
{
// Not registered already so register them
var viewModel = new MemberAddViewModel
{
Email = user.Email,
LoginType = LoginType.Google,
Password = StringUtils.RandomString(8),
UserName = user.Name,
SocialProfileImageUrl = user.Picture,
UserAccessToken = info.RefreshToken
};
// Store the viewModel in TempData - Which we'll use in the register logic
TempData[AppConstants.MemberRegisterViewModel] = viewModel;
return RedirectToAction("SocialLoginValidator", "Members");
}
}
}
catch (Exception ex)
{
resultMessage.Message = string.Format("Unable to get user information<br/>{0}", ex.Message);
resultMessage.MessageType = GenericMessages.danger;
}
}
ShowMessage(resultMessage);
return RedirectToAction("LogOn", "Members");
}
