public ActionResult ForgotPassword(ForgotPassword model) { if (ModelState.IsValid) { //get user by email address var user = Db.SingleOrDefault <User>(new { model.Email, IsDeleted = false }); //if no matching user, error if (user == null) { ModelState.AddModelErrorFor <ForgotPassword>(x => x.Email, "A user could not be found with that email address"); return(View(model)); } // Create token and send email var token = new PasswordRetrieval(user, Guid.NewGuid()); Db.Save(token); Metrics.Increment(Metric.Users_SendPasswordResetEmail); _mailController.ForgotPassword(new ViewModels.Mail.ForgotPassword { To = user.Email, Token = token.Token }).Deliver(); return(View("ForgotPasswordConfirmation")); } return(View(model)); }
public ActionResult Login(Login model) { if (ModelState.IsValid) { var user = Db.Query <User>("select top 1 * from [{0}] where (Username=@Username OR Email=@Username) and Password=@Password and IsDeleted=0".Fmt(Db.GetTableName <User>()), new { model.Username, Password = model.Password.ToSHAHash() }).SingleOrDefault(); if (user != null) { _authenticationService.SetLoginCookie(user, model.RememberMe); Metrics.Increment(Metric.Users_SuccessfulLogin); if (Url.IsLocalUrl(model.ReturnUrl)) { return(Redirect(model.ReturnUrl)); } return(RedirectToAction("Index", "Home")); } ModelState.AddModelErrorFor <Login>(x => x.Username, string.Format("The user name or password provided is incorrect. Did you <a href='{0}'>forget your password?</a>", Url.Account().ForgotPassword())); } Metrics.Increment(Metric.Users_FailedLogin); // If we got this far, something failed, redisplay form model.Password = null; //clear the password so they have to re-enter it return(View(model)); }
public ActionResult Avatar(AvatarViewModel model, string ExternalImageURL) { switch (model.AvatarType) { case AvatarType.Url: if (string.IsNullOrWhiteSpace(model.Url)) { ModelState.AddModelError("Url", "Enter an avatar url."); } break; case AvatarType.Upload: List <string> validFormats = new List <string> { "image/png", "image/x-png", "image/gif", "image/x-gif", "image/jpeg", "image/x-jpeg", "image/jpg", "image/x-jpg", }; if (model.Image == null || model.Image.ContentLength == 0) { ModelState.AddModelErrorFor <AvatarViewModel>(m => m.Image.FileName, "Please select an image to upload."); } else if (!validFormats.Contains(model.Image.ContentType)) { ModelState.AddModelErrorFor <AvatarViewModel>(m => m.Image, "Invalid file format; only gif,png,jpeg,jpg are allowed."); } break; case AvatarType.None: default: break; } if (IsModelValidAndPersistErrors()) { switch (model.AvatarType) { case AvatarType.Upload: string uploadedFileName = _fileServices.UploadAvatar(model.Image); _userServices.UpdateAvatarToUpload(_currentUser.UserID, uploadedFileName); break; case AvatarType.Url: _userServices.UpdateAvatarToUrl(_currentUser.UserID, model.Url); break; case AvatarType.None: default: _userServices.UpdateAvatarToNone(_currentUser.UserID); break; } SetSuccess("Profile Settings Updated"); } return(RedirectToSelf()); }
public ActionResult Register(Register model) { if (ModelState.IsValid) { if (_authenticationService.ReservedUsernames.Any(x => model.Username.Equals(x, StringComparison.OrdinalIgnoreCase))) { ModelState.AddModelErrorFor <Register>(x => x.Username, "Username is unavailable"); } else { var user = Db.Query <User>("select top 1 * from [{0}] where IsDeleted=0 AND (Username=@Username OR Email=@Email)".Fmt(Db.GetTableName <User>()), new { model.Username, model.Email } ).SingleOrDefault(); if (user != null) { if (user.Username.Equals(model.Username, StringComparison.OrdinalIgnoreCase)) { ModelState.AddModelErrorFor <Register>(x => x.Username, "Username is already in use"); } if (user.Email.Equals(model.Email, StringComparison.OrdinalIgnoreCase)) { ModelState.AddModelErrorFor <Register>(x => x.Email, "A user with that email exists"); } } } } if (ModelState.IsValid) { var newUser = Mapper.Map <User>(model); newUser.Password = model.Password.ToSHAHash(); _userService.Save(newUser); Metrics.Increment(Metric.Users_Register); _mailController.Welcome(new ViewModels.Mail.Welcome { Username = newUser.Username, To = newUser.Email }).Deliver(); // Auto login the user _authenticationService.SetLoginCookie(newUser, false); NotifySuccess("Your account has been created and you have been logged in. Enjoy!"); return(Redirect(Url.Home().Index())); } // If we got this far, something failed, redisplay form model.Password = null; //clear the password so they have to re-enter it return(View(model)); }
public ActionResult Register(RegisterViewModel model) { int usernameMin = SiteConfig.UsernameMin.ToInt(); int usernameMax = SiteConfig.UsernameMax.ToInt(); int passwordMinimum = SiteConfig.PasswordMin.ToInt(); if (model.Username == null || model.Username.Length > usernameMax || model.Username.Length < usernameMin) { string message = string.Format("Username length must be between {0} and {1} characters long", usernameMin, usernameMax); ModelState.AddModelErrorFor <RegisterViewModel>(m => m.Username, message); } else if (_userServices.GetUser(model.Username) != null) { ModelState.AddModelErrorFor <RegisterViewModel>(m => m.Username, "Username already taken"); } if (_userServices.EmailInUse(model.Email)) { ModelState.AddModelErrorFor <RegisterViewModel>(m => m.Email, "Email is already in use by another user"); } if (model.Password == null || model.Password.Length < passwordMinimum) { string message = string.Format("Password must be at least {0}", passwordMinimum); ModelState.AddModelErrorFor <RegisterViewModel>(m => m.Password, message); } if (IsModelValidAndPersistErrors()) { string ActivationType = SiteConfig.AccountActivation.Value; User user = _userServices.Register(model.Username, model.Password, model.Email); string CreateSucess = "User <b>" + user.Username + "</b> was created."; if (ActivationType == "Email") { CreateSucess += " An activation email has been sent to <b>" + user.Email + "</b> with details on how to activate the account"; string confirm_url = Url.Action("ActivateUser", "Auth", new { uname = user.Username, code = user.ActivationCode }); _emailServices.Registration(user, confirm_url); } else if (ActivationType == "Admin") { CreateSucess += " Admin activation is required. You will not be able to login until an admin activates your account"; } SetSuccess(CreateSucess); return(RedirectToAction("Login")); } return(RedirectToSelf()); }
public ActionResult Register(RegisterViewModel model) { if (_userService.EmailInUse(model.Email)) { ModelState.AddModelErrorFor <RegisterViewModel>(m => m.Email, "Email is already in use by another user."); } if (IsModelValidAndPersistErrors()) { User user = _userService.Register(model.Email, model.Password, Request.UserHostAddress); SetSuccess("Account successfully created."); WelcomeEmail welcomeEmail = Emailer.Welcome(user.Email, model.Password, Url.Action("Login", "Security")); welcomeEmail.SendAsync(); return(RedirectToAction("Login")); } return(RedirectToSelf()); }
public ActionResult Login(LoginViewModel model) { if (ModelState.IsValid) { bool valid = _securityService.ValidateLogin(model.Email, model.Password, Request.UserHostAddress); if (valid) { FormsAuthentication.SetAuthCookie(model.Email, model.RememberMe); SetSuccess("You have been logged in."); return(RedirectToRoute(new { controller = "Home", action = "Index" })); } else { ModelState.AddModelErrorFor <LoginViewModel>(m => m.Email, "Invalid login information."); } } PersistModelState(); return(RedirectToSelf()); }
public ActionResult ResetPassword(ResetPasswordViewModel model) { PasswordResetRequest passwordResetRequest = null; try { passwordResetRequest = _securityService.IssuePasswordResetRequest(model.Email); } catch { ModelState.AddModelErrorFor <ResetPasswordViewModel>(m => m.Email, "Email was not found."); } if (IsModelValidAndPersistErrors()) { string code = passwordResetRequest.Code.ToString(); string resetUrl = Url.RouteUrl(new { action = "DoResetPassword", controller = "Security", email = model.Email, code = code }); var email = Emailer.PasswordResetRequest(model.Email, resetUrl); email.SendAsync(); SetSuccess("A password reset link was sent to the email provided. Please check your email and your spam folders for the link."); } return(RedirectToSelf()); }