Example #1
0
        public async Task <IActionResult> register(RegisterWithEmailViewModel model)
        {
            ViewData["IsLoggedIn"] = IsLoggedIn;
            ViewData[Constants.VIEWDATA_NOPRIVACYCONSENT] = true;
            var pwForm = model.Password;

            model.Password        = String.Empty;
            model.ConfirmPassword = String.Empty;

            if (ModelState.IsValid)
            {
                IdentityResult result        = null;
                var            userFromEmail = await _userManager.FindByEmailAsync(model.Email);

                var userFromUserName = await _userManager.FindByNameAsync(model.UserName);

                // If using somebody else's confirmed e-mail address, send a warning to that e-mail address
                // TODO: log this
                if (userFromEmail?.EmailConfirmed == true)
                {
                    await _emailGenerator.GenerateEmailAsync(userFromEmail.Email, EmailType.EmailAlreadyRegistered);
                }

                // Very specific condition of a user trying to re-register with exactly
                // the same information.  Reset the password.
                if (userFromUserName != null && userFromEmail != null &&
                    userFromUserName.EmailConfirmed == false &&
                    userFromEmail.EmailConfirmed == false &&
                    userFromUserName.NormalizedEmail == userFromEmail.NormalizedEmail &&
                    userFromUserName.NormalizedUserName == userFromEmail.NormalizedUserName
                    )
                {
                    result = await _signInManager.ChangeUserPasswordAsync(userFromEmail, pwForm);
                }
                else
                {
                    if (userFromUserName != null)
                    {
                        result = IdentityResult.Failed(new IdentityError {
                            Description = USER_ALREADY_TAKEN_MESSAGE
                        });
                    }
                    else
                    {
                        if (userFromEmail == null)
                        {
                            userFromEmail = new ApplicationUser
                            {
                                UserName = model.UserName,
                                Email    = model.Email
                            };
                            result = await _userManager.CreateAsync(userFromEmail, pwForm);
                        }
                        else
                        {
                            if (userFromEmail.EmailConfirmed)
                            {
                                // We've warned the real user; pretend like nothing happened
                                // but we need to short-circuit the success
                                return(View("RegisterConfirmation", model));
                            }
                            else
                            {
                                result = await _signInManager.ChangeUserPasswordAsync(userFromEmail, pwForm);
                            }
                        }
                    }
                }

                if (result.Succeeded)
                {
                    var code = await _userManager.GenerateEmailConfirmationTokenAsync(userFromEmail);

                    // Note that Url is null when we create the controller as part of a unit test
                    var link = Url?.Action(nameof(accountController.confirmemail), "account", new { userFromEmail.UserName, code }, Request.Scheme);
                    await _emailGenerator.GenerateEmailAsync(userFromEmail.Email, EmailType.EmailVerification, link);

                    // Note that we do *not* sign in the user

                    return(View("RegisterConfirmation", model));
                }
                else
                {
                    foreach (var error in result.Errors)
                    {
                        ModelState.AddModelError(String.Empty, error.Description);
                    }
                }
            }

            // If we got this far, something failed; redisplay form
            return(View(model));
        }