public void OnAuthentication(AuthenticationContext filterContext)
{
var customer = filterContext
.HttpContext
.GetCustomer();
var principal = filterContext
.HttpContext
.GetOwinContext()
.Authentication
.User;
var identity = ClaimsIdentityProvider.CreateClaimsIdentity(customer);
if (customer.IsAdminUser != principal.IsInRole("Admin") ||
customer.IsAdminSuperUser != principal.IsInRole("SuperAdmin"))
{
filterContext
.HttpContext
.GetOwinContext()
.Authentication
.SignIn(identity);
}
}
public ActionResult Create(AccountCreatePostModel model)
{
var customer = HttpContext.GetCustomer();
if (!ModelState.IsValid)
{
return(RedirectToAction(ActionNames.Create));
}
if (!Customer.NewEmailPassesDuplicationRules(model.Account.Email, customer.CustomerID))
{
ModelState.AddModelError(
key: "Account.Email",
errorMessage: "That EMail Address is Already Used By Another Customer");
return(RedirectToAction(ActionNames.Create));
}
switch (ControllerHelper.ValidateAccountPassword(customer, model.Account.Password, model.Account.PasswordConfirmation))
{
case AccountControllerHelper.PasswordValidationResult.DoesNotMatch:
ModelState.AddModelError(
key: "Account.PasswordConfirmation",
errorMessage: "The new passwords do not match!");
return(RedirectToAction(ActionNames.Create));
case AccountControllerHelper.PasswordValidationResult.DoesNotMeetMinimum:
ModelState.AddModelError(
key: "Account.Password",
errorMessage: "The new password you created does not meet the minimum requirements. Please make sure that your password is at least 7 characters long and includes at least one letter and at least one number.");
return(RedirectToAction(ActionNames.Create));
case AccountControllerHelper.PasswordValidationResult.NotStrong:
ModelState.AddModelError(
key: "Account.Password",
errorMessage: "The new password you created is not a strong password. Please make sure that your password is at least 8 characters long and includes at least one upper case character, one lower case character, one number, and one \"symbol\" character (e.g. ?,&,#,$,%,etc).");
return(RedirectToAction(ActionNames.Create));
}
if (AppConfigProvider.GetAppConfigValue <bool>("RequireOver13Checked") && !model.Account.IsOver13)
{
ModelState.AddModelError(
key: "Account.IsOver13",
errorMessage: "You Must Be Over 18 To Purchase or have Parental Consent");
return(RedirectToAction(ActionNames.Create));
}
if (Settings.RequireCaptchaOnCreateAccount)
{
var securityCode = CaptchaStorageService.RetrieveSecurityCode(HttpContext, string.Concat(ControllerNames.Account, ActionNames.Create));
if (!ControllerHelper.IsCaptchaValid(securityCode, model.Account.CaptchaCode))
{
CaptchaStorageService.ClearSecurityCode(HttpContext);
ModelState.AddModelError(
key: "Account.CaptchaCode",
errorMessage: "The letters you entered did not match, please try again.");
return(RedirectToAction(ActionNames.Create));
}
}
var registeredCustomer = ControllerHelper.CreateAccount(model.Account, customer);
ControllerHelper.Login(
signedInCustomer: registeredCustomer,
profile: HttpContext.Profile,
username: model.Account.Email,
password: model.Account.Password,
skinId: registeredCustomer.SkinID,
registering: true);
Request
.GetOwinContext()
.Authentication
.SignOut();
Request
.GetOwinContext()
.Authentication
.SignIn(
properties: new Microsoft.Owin.Security.AuthenticationProperties
{
IsPersistent = true
},
identities: ClaimsIdentityProvider
.CreateClaimsIdentity(registeredCustomer));
// Clear the captcha so additional requests use a different security code.
CaptchaStorageService.ClearSecurityCode(HttpContext);
if (AppConfigProvider.GetAppConfigValue <bool>("SendWelcomeEmail"))
{
SendWelcomeEmailProvider.SendWelcomeEmail(registeredCustomer);
}
NoticeProvider.PushNotice("You have successfully created a new account", NoticeType.Success);
return(RedirectToAction(ActionNames.Index));
}