Example #1
0
        public async Task <IHttpActionResult> Register(RegisterUserViewModel model)
        {
            try
            {
                if (!ModelState.IsValid)
                {
                    return(BadRequest(ModelState));
                }

                CommandWorker.RegisterUser(model);

                // Create new Account
                IdentityUser user = new IdentityUser
                {
                    UserName = model.UserName
                };

                string            decryptedPwd = Codec.DecryptStringAES(model.Password);
                IdentityResult    result       = UserManager.Create(user, decryptedPwd);
                IHttpActionResult errorResult  = GetErrorResult(result);

                if (errorResult != null)
                {
                    return(errorResult);
                }

                await MailProvider.GetMailprovider().SendActivationEmail(model.Email, model.UserName, decryptedPwd, model.ActivationKey, Request.Headers.Referrer.AbsoluteUri);

                //TODO: Remove -> Register a user does NOT require to return a User (needs an activation step)
                User discuser = await QueryWorker.GetUserByUserName(model.UserName);

                return(Ok(discuser));
            }
            catch (Exception e)
            {
                return(BadDisciturRequest(e.Message));
            }
        }
Example #2
0
        //[Mag14.Controllers.AccountController.JsonResultWebApiFilter]
        public override async Task GrantResourceOwnerCredentials(OAuthGrantResourceOwnerCredentialsContext context)
        {
            using (UserManager <IdentityUser> userManager = _userManagerFactory())
            {
                // Sent encrypted password to decrypt with the same algorithm
                IdentityUser user = await userManager.FindAsync(context.UserName, Codec.DecryptStringAES(context.Password));

                if (user == null)
                {
                    context.SetError("discerr03", "The user name or password is incorrect.");
                    //context.SetError("invalid_grant", "The user name or password is incorrect.");
                    return;
                }

                // TODO: remove bastard instantiation with DI
                UserActivation activation = await(new DisciturContext()).UserActivations.FindAsync(context.UserName);

                if (activation != null)
                {
                    context.SetError("not_activated", "The account is not activated.");
                    return;
                }

                ClaimsIdentity oAuthIdentity = await userManager.CreateIdentityAsync(user, context.Options.AuthenticationType);

                ClaimsIdentity cookiesIdentity = await userManager.CreateIdentityAsync(user, CookieAuthenticationDefaults.AuthenticationType);

                AuthenticationProperties properties = CreateProperties(user.UserName);
                AuthenticationTicket     ticket     = new AuthenticationTicket(oAuthIdentity, properties);
                context.Validated(ticket);
                context.Request.Context.Authentication.SignIn(cookiesIdentity);

                try
                {
                    User _user = await QueryWorker.GetUserByUserName(user.UserName);

                    CommandWorker.LogInUser(_user.UserId, DateTime.Now);
                }
                // TODO: gestire l'eccezione di validazione (per loginripetute ello stesso giorno
                catch (Exception) { }
            }
        }