private ISiteMember AddCurrentMemberToPayload(ref PayloadResult result, IPublishedContent member = null)
{
var m = ContextService.MembershipHelper.MapMember(member ?? Members.GetCurrentMember());
result.SetOrUpdate(nameof(PayloadFields.User), m);
return(m);
}
private bool TryBindFromRouteData(
HttpActionContext actionContext,
ModelBindingContext bindingContext,
out PayloadResult result)
{
var values = actionContext.ControllerContext.RouteData.Values
.Where(x => !x.Key.ContainsAny(new[] { "action", "id", "controller" })).ToList();
if (!values.Any())
{
result = null;
return(false);
}
result = new PayloadResult();
foreach (var value in actionContext.ControllerContext.RouteData.Values.Where(
x => !x.Key.ContainsAny(new[] { "action", "id", "controller" })))
{
var json = value.Value as string;
object jsonObject;
result.Values.Add(
value.Key,
json.TryDeserializeObject(SerializerSettings, out jsonObject) ? jsonObject : value.Value);
}
return(true);
}
public IHttpActionResult GetPhotosPost(int?page = null, int?pageSize = null, int?id = null)
{
ISiteMember member;
if (!id.HasValue && Members.IsLoggedIn())
{
var m = Members.GetCurrentMember();
member = ContextService.MembershipHelper.MapMember(m);
}
else if (id.HasValue)
{
var m = Members.GetById(id.Value);
member = ContextService.MembershipHelper.MapMember(m);
}
else
{
var payload = new PayloadResult();
payload.SetMessageType(GenericMessages.Danger);
payload.SetMessage("No member is logged in and no id was passed!");
return(Error(payload, HttpStatusCode.InternalServerError));
}
var photos = member.GetPhotos().Select(
media =>
{
var typedMedia = Umbraco.TypedMedia(media.Id);
var mediaModel = (MemberImageType)CodeFirstHelper.TypedMedia(typedMedia);
return(mediaModel);
}).OrderByDescending(x => x.CreateDate);
var pageNumber = page ?? 1;
var pagedResult = photos.ToPagedList(pageNumber, pageSize ?? 25);
return(Json(new { items = pagedResult, totalPages = pagedResult.PageCount }));
}
public IHttpActionResult GetProfilePost(int?id = null)
{
var payload = new PayloadResult();
ISiteMember member;
if (!id.HasValue && Members.IsLoggedIn())
{
var m = Members.GetCurrentMember();
member = ContextService.MembershipHelper.MapMember(m);
}
else if (id.HasValue)
{
var m = Members.GetById(id.Value);
member = ContextService.MembershipHelper.MapMember(m);
}
else
{
payload.SetMessageType(GenericMessages.Danger);
payload.SetMessage("No member is logged in and no id was passed!");
return(Error(payload, HttpStatusCode.InternalServerError));
}
payload.SetOrUpdate(nameof(PayloadFields.User), member);
return(Json(payload));
}
public IHttpActionResult GetMemberPost()
{
var payload = new PayloadResult();
if (userService.IsAuthenticated())
{
payload.SetOrUpdate(nameof(PayloadFields.User), userService.MapAsMember(userService.CurrentUser));
payload.SetMessageType(GenericMessages.Success);
}
else if (Members.IsLoggedIn())
{
AddCurrentMemberToPayload(ref payload);
payload.SetMessageType(GenericMessages.Success);
}
else
{
payload.SetMessageType(GenericMessages.Danger);
payload.SetMessage(Umbraco.GetDictionaryValue("Members.LoginExpired", "Members.LoginExpired"));
payload.SetOrUpdate(nameof(PayloadFields.Status), MemberStatus.LoginExpired);
return(Error(payload));
}
return(Json(payload));
}
public IHttpActionResult HasAccessPost()
{
var payload = new PayloadResult();
if (userService.IsAuthenticated())
{
ContextService.UserHelper.LoginAsMember();
payload.SetMessageType(GenericMessages.Success);
}
//else if (CurrentPage.DocumentTypeAlias.Equals(nameof(LoginPageModel)))
//{
// payload.SetMessageType(GenericMessages.Success);
//}
else if (Umbraco.IsProtected(CurrentPage.Path))
{
// Do we have a logged in member ?
if (Umbraco.MemberIsLoggedOn() == false)
{
payload.SetMessageType(GenericMessages.Danger);
payload.SetMessage(Umbraco.GetDictionaryValue("Members.LoginExpired", "Members.LoginExpired"));
payload.SetOrUpdate(nameof(PayloadFields.Status), MemberStatus.LoginExpired);
return(Error(payload));
}
// Do we have access to the current page ?
if (Umbraco.MemberHasAccess(CurrentPage.Path) == false)
{
// If we get here the member has no access to this page, redirect them to there start page.
payload.SetMessageType(GenericMessages.Danger);
RedirectCurrentMemberToStartPage(ref payload);
payload.SetOrUpdate(nameof(PayloadFields.Status), MemberStatus.AuthorizationFailure);
}
else
{
// Check if the backoffice user is signed out while the admin member is logged in.
var member = (MemberPublishedContent)Umbraco.MembershipHelper.GetCurrentMember();
if (member.DocumentTypeAlias.Equals(nameof(AdminMember)) && userService.ValidateUser(member.Email))
{
var user = Services.UserService.GetByEmail(member.Email);
// This is a backoffice member lets log them in.
UmbracoContext.Security.PerformLogin(user.Id);
payload.SetOrUpdate(nameof(PayloadFields.Status), MemberStatus.AdminLoggedIn);
}
payload.SetMessageType(GenericMessages.Success);
}
}
else
{
payload.SetMessageType(GenericMessages.Success);
}
return(Json(payload));
}
public ActionResult ForgotPassword(ForgotPasswordViewModel model)
{
var changePasswordSucceeded = true;
var newPassword = MembershipHelper.GeneratePassword();
try
{
if (ModelState.IsValid)
{
var currentUser = MembershipHelper.MapMember(Services.MemberService.GetByEmail(model.EmailAddress));
if (currentUser != null)
{
changePasswordSucceeded = MembershipHelper.ResetPassword(currentUser, newPassword);
}
else
{
changePasswordSucceeded = false;
}
}
}
catch (Exception ex)
{
LogHelper.Error <LoginRegisterController>(string.Format("Error resetting password for {0}", model.EmailAddress), ex);
changePasswordSucceeded = false;
}
if (changePasswordSucceeded)
{
// ToDo: Send email.
//var sb = new StringBuilder();
//sb.AppendFormat("<p>{0}</p>", Umbraco.GetDictionaryValue("Members.ForgotPassword.Email"));
//sb.AppendFormat("<p><b>{0}</b></p>", newPassword);
//var email = new Email
//{
// EmailFrom = Constants.DefaultEmailAddress,
// EmailTo = currentUser.Email,
// NameTo = currentUser.UserName,
// Subject = Umbraco.GetDictionaryValue("Members.ForgotPassword.Subject")
//};
//email.Body = ServiceFactory.EmailService.EmailTemplate(email.NameTo, sb.ToString());
//ServiceFactory.EmailService.SendMail(email);
// We use temp data because we are doing a redirect
var payload = new PayloadResult();
payload.SetMessage(Umbraco.GetDictionaryValue("Members.ForgotPassword.SuccessMessage", "Members.ForgotPassword.SuccessMessage"));
payload.SetMessageType(GenericMessages.Success);
ShowMessage(new PayloadResult(Umbraco.GetDictionaryValue("Members.ForgotPassword.SuccessMessage"), GenericMessages.Success));
return(CurrentUmbracoPage());
}
ModelState.AddModelError(string.Empty, Umbraco.GetDictionaryValue("Members.ForgotPassword.ErrorMessage"));
return(CurrentUmbracoPage());
}
public IHttpActionResult SaveProfilePost(PayloadResult profile)
{
var m = Services.MemberService.GetByEmail(profile.GetValue <string>("email"));
var member = ContextService.MembershipHelper.MapMember(m);
var name = profile.GetValue <string>(nameof(ISiteMember.Name))?.Split(' ');
if (name != null)
{
var firstName = name[0];
if (!string.IsNullOrEmpty(firstName))
{
member.FirstName = name[0];
}
var lastName = string.Join(" ", name.Skip(1));
if (!string.IsNullOrEmpty(lastName))
{
member.LastName = lastName;
}
}
var aboutMe = profile.GetValue <string>(nameof(ISiteMember.AboutMe));
if (aboutMe != null)
{
member.AboutMe = aboutMe;
}
var bio = profile.GetValue <string>(nameof(ISiteMember.Bio));
if (bio != null)
{
member.Bio = bio;
}
var phone = profile.GetValue <string>(nameof(ISiteMember.Phone));
if (phone != null)
{
member.Phone = phone;
}
if (ContextService.UserHelper.IsAuthenticated())
{
var memberField = profile.GetValue <string>(nameof(ISiteMember.MemberField));
if (memberField != null)
{
member.MemberField = memberField;
}
}
return(Json(ContextService.MembershipHelper.SaveMember(member).Success));
}
public IHttpActionResult NewPasswordPost(string token, string password)
{
var result = new PayloadResult();
var tryGetMember = Services.MemberService
.GetMembersByPropertyValue(ContextService.Config.PropSecurityToken, token).SingleOrDefault();
if (tryGetMember == null)
{
result.SetMessageType(GenericMessages.Danger);
result.SetMessage("Forgot password reset token expired, request a new one.");
result.SetOrUpdate(nameof(PayloadFields.Status), MemberStatus.LoginExpired);
return(Error(result));
}
// If the member is locked out we need to undo that.
if (tryGetMember.IsLockedOut)
{
tryGetMember.IsLockedOut = false;
Services.MemberService.Save(tryGetMember);
}
var member = ContextService.MembershipHelper.MapMember(tryGetMember);
member.SecurityToken = string.Empty;
if (!member.SecurityTokenExpireDate.HasValue ||
member.SecurityTokenExpireDate.Value.ToUniversalTime() < DateTime.UtcNow)
{
ContextService.MembershipHelper.ReverseMapMember(member, true);
result.SetMessageType(GenericMessages.Danger);
result.SetMessage("Forgot password reset token expired, request a new one.");
result.SetOrUpdate(nameof(PayloadFields.Status), MemberStatus.LoginExpired);
return(Error(result));
}
ApplicationContext.Services.MemberService.SavePassword(tryGetMember, password);
if (Members.Login(tryGetMember.Username, password) == false)
{
result.SetMessageType(GenericMessages.Danger);
result.SetMessage("Something went wrong");
result.SetOrUpdate(nameof(PayloadFields.Status), MemberStatus.Unknown);
return(Error(result));
}
ContextService.MembershipHelper.ReverseMapMember(member, true);
result.SetMessageType(GenericMessages.Success);
return(Json(result));
}
private bool TryBindFromJson(
HttpActionContext actionContext,
ModelBindingContext bindingContext,
out PayloadResult result)
{
var json = actionContext.Request.Content.ReadAsStringAsync().ConfigureAwait(false).GetAwaiter().GetResult();
if (json.TryDeserializeObject(SerializerSettings, out result))
{
return(true);
}
result = null;
return(false);
}
private void RedirectCurrentMemberToStartPage(ref PayloadResult payload)
{
var member = Umbraco.MembershipHelper.GetCurrentMember();
if (member.DocumentTypeAlias.Equals(nameof(AdminMember)))
{
payload.SetOrUpdate(
nameof(PayloadFields.RedirectTo),
CurrentPage.ToModel <BaseContentModel>().StartPage.Url);
}
else
{
payload.SetOrUpdate(
nameof(PayloadFields.RedirectTo),
CurrentPage.ToModel <BaseContentModel>().StartPage.Url);
}
}
public IHttpActionResult UnlockEventPost(string eventCode)
{
var payload = new PayloadResult();
var memberId = Members.GetCurrentMemberId();
EventPageModel eventPage;
var status = EventRepository.UnlockEvent(eventCode, memberId, out eventPage);
if (status == EventStatus.Unlocked)
{
payload.SetOrUpdate("event", new { name = eventPage.EventName, url = eventPage.Url });
}
payload.SetOrUpdate("status", status);
return(Json(payload));
}
public IHttpActionResult SendConfirmationMailPost(string email)
{
var result = new PayloadResult();
var member = Members.GetByEmail(email);
var wellaMember = ContextService.MembershipHelper.MapMember(member);
wellaMember.SecurityToken = Guid.NewGuid().ToString();
ContextService.MembershipHelper.ReverseMapMember(wellaMember, true);
var loginPage = CurrentPage.ToModel <BaseContentModel>().StartPage.Children <LoginPageModel>().First();
var returnUrl = loginPage.UrlWithDomain() + "?confirmEmailToken=" + wellaMember.SecurityToken;
ContextService.Mailer.SendEmailConfirmation(wellaMember, returnUrl);
result.SetMessage(
Umbraco.GetDictionaryValue("Members.AuthorisationEmailSent", "Members.AuthorisationEmailSent"));
result.SetMessageType(GenericMessages.Success);
return(Json(result));
}
public IHttpActionResult GetMyEventsPost()
{
var currentMemberId = Members.GetCurrentMemberId();
var events = EventRepository.GetEventsForMember(currentMemberId).ToList();
var payload = new PayloadResult();
var activeCourses = events
.Where(x => x.EventActivities.Last().EndDate > DateTime.Now)
.Select(x => new { x.Id, x.EventName, x.Url, x.StartDate, x.EndDate });
var oldCourses = events
.Where(x => x.EventActivities.Last().EndDate < DateTime.Now)
.Select(x => new { x.Id, x.EventName, x.Url, x.StartDate, x.EndDate });
payload.SetOrUpdate("activeEvents", activeCourses);
payload.SetOrUpdate("oldEvents", oldCourses);
return(Json(payload));
}
public IHttpActionResult ForgotPasswordPost(string email)
{
var result = new PayloadResult();
var tryGetMember = Services.MemberService.GetByEmail(email);
if (tryGetMember == null)
{
result.SetMessageType(GenericMessages.Danger);
result.SetOrUpdate(nameof(PayloadFields.Status), MemberStatus.NotRegistered);
result.SetMessage("Something went wrong");
return(Error(result));
}
var member = ContextService.MembershipHelper.MapMember(tryGetMember);
if (member.IsEmailConfirmed == false)
{
// Email is not confirmed send it again!
return(SendConfirmationMailPost(email));
}
// Create a Guid so we can retrieve the user again.
member.SecurityToken = Guid.NewGuid().ToString();
// Expire in 30 minutes
member.SecurityTokenExpireDate = DateTime.Now.AddMinutes(30);
ContextService.MembershipHelper.ReverseMapMember(member, true);
var loginPage = CurrentPage.ToModel <BaseContentModel>().StartPage.Children <LoginPageModel>().First();
var returnUrl = loginPage.UrlWithDomain() + "?token=" + member.SecurityToken;
ContextService.Mailer.SendForgotPassword(member, returnUrl);
result.SetMessageType(GenericMessages.Success);
return(Json(result));
}
public IHttpActionResult ValidateUsernamePost(string username)
{
// force lowercase
username = username.ToLower();
var payload = new PayloadResult();
var safeUsername = username.ToUrlSegment();
if (!safeUsername.Equals(username))
{
var invalidCharacters = username.Where(x => !safeUsername.Any(s => s.Equals(x))).ToList();
var message = string.Empty;
for (var i = 0; i < invalidCharacters.Count; i++)
{
var c = invalidCharacters[i];
message += $"<strong>{c}</strong>";
if (i < invalidCharacters.Count - 1)
{
message += ", ";
}
}
payload.SetMessageType(GenericMessages.Danger);
// payload.SetMessage($"Invalid characters in username: {message}");
payload.SetMessage(message);
return(Json(payload));
}
var usernameTaken = Members.GetByUsername(username) != null;
return(Json(usernameTaken));
}
public void OnGetPayloadComplete(ResultContainer resultContainer)
{
var result = new PayloadResult(resultContainer);
CallbackManager.OnFacebookResponse(result);
}
public ActionResult LogOn(LoginViewModel model)
{
try
{
if (ModelState.IsValid)
{
ISiteMember user = new DefaultSiteMember();
var message = new PayloadResult();
if (Members.Login(model.UserName, model.Password))
{
// Set last login date
user = MembershipHelper.MapMember(Services.MemberService.GetByUsername(model.UserName));
if (user.IsApproved && !user.IsLockedOut)
{
if (Url.IsLocalUrl(model.ReturnUrl) &&
model.ReturnUrl.Length > 1 &&
model.ReturnUrl.StartsWith("/") &&
!model.ReturnUrl.StartsWith("//") &&
!model.ReturnUrl.StartsWith("/\\"))
{
return(Redirect(model.ReturnUrl));
}
message.SetMessage(Umbraco.GetDictionaryValue("Members.LoggedInMessage"));
message.SetMessageType(GenericMessages.Success);
return(RedirectToWellaStartPage());
}
}
// Only show if we have something to actually show to the user
if (!string.IsNullOrEmpty(message.Message))
{
ShowMessage(message);
}
else
{
if (user.IsApproved)
{
ModelState.AddModelError(string.Empty, Umbraco.GetDictionaryValue("Members.Errors.NotApproved"));
}
else if (user.IsLockedOut)
{
ModelState.AddModelError(string.Empty, Umbraco.GetDictionaryValue("Members.Errors.LockedOut"));
}
else
{
ModelState.AddModelError(string.Empty, Umbraco.GetDictionaryValue("Members.Errors.LogonGeneric"));
}
}
}
else
{
ModelState.AddModelError(string.Empty, Umbraco.GetDictionaryValue("Members.Errors.LogonGeneric"));
}
}
catch (Exception ex)
{
LogHelper.Error <IHtmlString>("Error when user logging in", ex);
}
return(CurrentUmbracoPage());
}
public async Task <LoginUserTxnPayload> Execute(
LoginUserTxnInput input,
IConfiguration configuration,
UserManager <IdentityUser> userManager,
SignInManager <IdentityUser> signInManager,
ApplicationDbContext contextMVC,
bool autoCommit)
{
LoginUserTxnPayload _payload = new LoginUserTxnPayload();
//***** Declare variables and messages
string errorMessage = "LoginUserTxn***LOGIN_FAIL";
string okMessage = "LoginUserTxn***LOGIN_PASS";
string errorMessageExceptionCode = "LoginUserTxn***TXN_EXCEPTION";
string errorMessageException = "TXN_EXCEPTION";
// Error handling
bool error = false; // To Handle Only One Error
try
{
// DBContext by convention is a UnitOfWork, track changes and commits when SaveChanges is called
// Multithreading issue: so if we use only one DBContext, it will track all entities (_context.Customer.Add) and commit them when SaveChanges is called,
// No Matter what transactions or client calls SaveChanges.
// Note: Rollback will not remove the entities from the tracker in the context. so better dispose it.
//***** Make The Validations - Be careful : Concurrency. Same name can be saved multiple times if called at the exact same time. Better have an alternate database constraint
if (!error)
{
// To check later - RefreshToken
// https://stackoverflow.com/questions/53659247/using-aspnetusertokens-table-to-store-refresh-token-in-asp-net-core-web-api
var result = await signInManager.PasswordSignInAsync(userName : input.Email, password : input.Password, isPersistent : false, lockoutOnFailure : false);
if (!result.Succeeded)
{
_payload.PayloadResult = PayloadResult.ResultBad(Messages: new List <MessageItem>()
{
new MessageItem {
Code = errorMessage, Message = errorMessage, Detail = ""
}
});
return(_payload);
}
var user = await signInManager.UserManager.FindByEmailAsync(input.Email);
if (user == null)
{
_payload.PayloadResult = PayloadResult.ResultBad(Messages: new List <MessageItem>()
{
new MessageItem {
Code = errorMessage, Message = errorMessage, Detail = ""
}
});
return(_payload);
}
// Get the UserApp
var userApp = await contextMVC.UserApp.Where(x => x.IdentityId == user.Id).FirstOrDefaultAsync();
if (userApp == null)
{
_payload.PayloadResult = PayloadResult.ResultBad(Messages: new List <MessageItem>()
{
new MessageItem {
Code = errorMessage, Message = errorMessage, Detail = ""
}
});
return(_payload);
}
//***** Save and Commit to the Database (Atomic because is same Context DB)
if (!error && autoCommit)
{
await contextMVC.SaveChangesAsync(); // Call it only once so do all other operations first
}
//***** Confirm the Result (Pass | Fail) If gets to here there are not errors then return the new data from database
_payload.PayloadResult = PayloadResult.ResultGood(Messages: new List <MessageItem> {
new MessageItem {
Code = okMessage, Message = okMessage, Detail = ""
}
});
_payload.JWTInfo = await this.CreateTokenAsync(user, userApp, configuration, userManager);
}// if (!error)
}
catch (Exception ex) // Main try
{
System.Diagnostics.Debug.WriteLine("Error: " + ex.Message);
string innerError = (ex.InnerException != null) ? ex.InnerException.Message : "";
System.Diagnostics.Debug.WriteLine("Error Inner: " + innerError);
_payload = new LoginUserTxnPayload
{
PayloadResult = PayloadResult.ResultBad(Messages: new List <MessageItem> {
new MessageItem {
Code = errorMessageExceptionCode, Message = errorMessageException, Detail = ex.Message
}
})
}; // Restart variable to avoid returning any already saved data
}
finally
{
// Save Logs if needed
}
return(_payload);
}
public ActionResult MemberRegisterLogic(RegisterViewModel userModel)
{
var homeRedirect = false;
MembershipCreateStatus createStatus;
var member = WellaContext.MembershipHelper.Register(userModel, out createStatus);
if (createStatus != MembershipCreateStatus.Success)
{
ModelState.AddModelError(string.Empty, ErrorCodeToString(createStatus));
}
else
{
var userMessage = new PayloadResult();
var manuallyAuthoriseMembers = WellaContext.Constants.ManuallyAuthorizeNewMembers;
var memberEmailAuthorisationNeeded = WellaContext.Constants.NewMembersMustConfirmEmail;
// Set the view bag message here
if (manuallyAuthoriseMembers)
{
userMessage.SetMessage(Umbraco.GetDictionaryValue("Members.NowRegisteredNeedApproval"));
userMessage.SetMessageType(GenericMessages.Success);
}
else if (memberEmailAuthorisationNeeded)
{
userMessage.SetMessage(Umbraco.GetDictionaryValue("Members.MemberEmailAuthorisationNeeded"));
userMessage.SetMessageType(GenericMessages.Success);
}
else
{
// If not manually authorise then log the user in
FormsAuthentication.SetAuthCookie(member.Username, true);
userMessage.SetMessage(Umbraco.GetDictionaryValue("Members.NowRegistered"));
userMessage.SetMessageType(GenericMessages.Success);
}
// Show the message
ShowMessage(userMessage);
if (!manuallyAuthoriseMembers && !memberEmailAuthorisationNeeded)
{
homeRedirect = true;
}
try
{
// Only send the email if the admin is not manually authorising emails or it's pointless
SendEmailConfirmationEmail(member);
if (homeRedirect)
{
if (Url.IsLocalUrl(userModel.ReturnUrl) && userModel.ReturnUrl.Length > 1 &&
userModel.ReturnUrl.StartsWith("/") && !userModel.ReturnUrl.StartsWith("//") &&
!userModel.ReturnUrl.StartsWith("/\\"))
{
return(Redirect(userModel.ReturnUrl));
}
return(RedirectToWellaStartPage());
}
}
catch (Exception ex)
{
LogHelper.Error <LoginRegisterController>("Eror during member registering", ex);
FormsAuthentication.SignOut();
ModelState.AddModelError(string.Empty, ex.Message);
}
}
if (userModel.LoginType != LoginType.Standard)
{
return(Redirect(WellaContext.Settings.RegisterUrl));
}
return(CurrentUmbracoPage());
}
public IHttpActionResult SignInMemberPost(string username, string password, bool?remember)
{
var payload = new PayloadResult();
var currentPage = CurrentPage.ToModel <BaseContentModel>();
payload.SetOrUpdate(nameof(PayloadFields.LoginUrl), currentPage.LoginPage.Url);
// Check if this is a backoffice user.
var user = Services.UserService.GetByUsername(username) ?? Services.UserService.GetByEmail(username);
if (user != null && UmbracoContext.Security.ValidateBackOfficeCredentials(user.Username, password))
{
// First lets login as a Backoffice user then member.
UmbracoContext.Security.PerformLogin(user.Id);
// We need to set the user as this request HttpContext has no umbraco data in it for the user.
ContextService.UserHelper.SetCurrentUser(user);
ContextService.UserHelper.LoginAsMember();
payload.SetMessageType(GenericMessages.Success);
//payload.SetOrUpdate(nameof(PayloadFields.RedirectTo), currentPage.StartPage.Url);
payload.SetOrUpdate(nameof(PayloadFields.Status), MemberStatus.AdminLoggedIn);
return(Json(payload));
}
var member = (Members.GetByEmail(username) ?? Members.GetByUsername(username)) as MemberPublishedContent;
var memberMap = ContextService.MembershipHelper.MapMember(member);
// check if this is a Facebook integrated account.
if (memberMap.LoginType != LoginType.Standard && memberMap.LoginType == LoginType.Facebook)
{
payload.SetMessageType(GenericMessages.Danger);
payload.SetMessage("Please use Facebook to login");
payload.SetOrUpdate(nameof(PayloadFields.Status), MemberStatus.FacebookIntegrated);
return(Error(payload, HttpStatusCode.Unauthorized));
}
var validCredentials = Membership.ValidateUser(member.UserName, password);
// ToDo: Refactor this.
if (Members.IsLoggedIn())
{
AddCurrentMemberToPayload(ref payload, member);
payload.SetMessage("Already logged in");
payload.SetMessageType(GenericMessages.Success);
payload.SetOrUpdate(nameof(PayloadFields.Status), MemberStatus.AlreadyLoggedIn);
}
else if (!memberMap.IsEmailConfirmed && validCredentials)
{
AddCurrentMemberToPayload(ref payload, member);
payload.SetMessage(
Umbraco.GetDictionaryValue(
"Members.MemberEmailAuthorisationNeeded",
"Members.MemberEmailAuthorisationNeeded"));
payload.SetMessageType(GenericMessages.Success);
payload.SetOrUpdate(nameof(PayloadFields.Status), MemberStatus.EmailAuthorisationNeeded);
}
else if (Members.Login(member.UserName, password))
{
AddCurrentMemberToPayload(ref payload, member);
payload.SetMessageType(GenericMessages.Success);
payload.SetOrUpdate(nameof(PayloadFields.Status), MemberStatus.LoggedIn);
//payload.SetOrUpdate(nameof(PayloadFields.RedirectTo), CurrentPage.ToModel<BaseContentModel>().StartPage.Url);
}
else
{
// Something went wrong ether the password or username is not correct.
payload.SetMessageType(GenericMessages.Danger);
payload.SetMessage("Användarnamn eller lösenord är felaktigt");
payload.SetOrUpdate(nameof(PayloadFields.Status), MemberStatus.AuthorizationFailure);
return(Error(payload, HttpStatusCode.Unauthorized));
}
return(Json(payload));
}
public async Task <RegisterUserTxnPayload> Execute(
RegisterUserTxnInput input,
UserManager <IdentityUser> userManager,
ApplicationDbContext contextMVC,
bool autoCommit)
{
RegisterUserTxnPayload _payload = new RegisterUserTxnPayload
{
PayloadResult = new PayloadResult
{
Messages = new List <MessageItem>()
}
};
//***** Declare variables and messages
string okMessage = "RegisterUserTxn***USER_REGISTERED";
string errorMessageExceptionCode = "RegisterUserTxn***TXN_EXCEPTION";
string errorMessageException = "TXN_EXCEPTION";
string claimType = "UserType";
string claimUserType1 = "User";
string claimUserType2 = "RegisteredUser";
string validatorCode = "InputValidationError";
string errorWrongConfirmationPassMessage = "RegisterUserTxnInput***Compare***ConfirmPassword"; // To translate to: Password and Confirm Password don't match.
string errorWrongConfirmationPassDetail = "ConfirmPassword"; // To translate to: Password and Confirm Password don't match.
// Error handling
bool error = false; // To Handle Only One Error
try
{
// DBContext by convention is a UnitOfWork, track changes and commits when SaveChanges is called
// Multithreading issue: so if we use only one DBContext, it will track all entities (_context.Customer.Add) and commit them when SaveChanges is called,
// No Matter what transactions or client calls SaveChanges.
// Note: Rollback will not remove the entities from the tracker in the context. so better dispose it.
//***** Make The Validations - Be careful : Concurrency. Same name can be saved multiple times if called at the exact same time. Better have an alternate database constraint
// Validate Model Annotations (if needed)
var validationResults = new List <ValidationResult>();
DataAnnotationsValidator.TryValidateObjectRecursive(input, validationResults);
if (validationResults.Count > 0)
{
// "code": "InputValidationError",
// "message": "RegisterUserTxnInput***LastName***Required", // To be transalated
// "detail": "LastName" // To be used by the FrontEnd
_payload.PayloadResult = PayloadResult.ResultBad(Messages: validationResults.Select(o => new MessageItem {
Code = validatorCode, Message = o.ErrorMessage, Detail = o.MemberNames.FirstOrDefault()
}).ToList());
error = true;
}
// Validate Confirm email, the Annotation is not working
if (!input.Password.Equals(input.ConfirmPassword))
{
_payload.PayloadResult.Messages.Add(new MessageItem {
Code = validatorCode, Message = errorWrongConfirmationPassMessage, Detail = errorWrongConfirmationPassDetail
});
error = true;
}
if (error) // Validations
{
return(_payload);
}
if (!error)
{
var newUser = new IdentityUser {
UserName = input.Email, Email = input.Email
};
var result = await userManager.CreateAsync(newUser, input.Password);
if (!result.Succeeded)
{
/* 1. Password validation: PasswordTooShort, PasswordRequiresNonAlphanumeric, PasswordRequiresLower, PasswordRequiresUpper, PasswordRequiresDigit
* "code": "InputValidationError",
* "message": "RegisterUserTxnInput***PasswordTooShort",
* "detail": "Password"
*
* 2. Any other error validation:
* "code": "RegisterUserTxnInput***DuplicateUserName",
* "message": "RegisterUserTxnInput***DuplicateUserName",
* "detail": ""
*/
_payload.PayloadResult = PayloadResult.ResultBad(Messages: (result.Errors.Select(o => new MessageItem {
Code = o.Code.StartsWith("Password") ? validatorCode : "RegisterUserTxnInput***" + o.Code, Message = "RegisterUserTxnInput***" + o.Code, Detail = o.Code.StartsWith("Password") ? "Password" : ""
})).ToList());
return(_payload);
}
// Create the user in MVC Database
UserApp userApp = new UserApp
{
IdentityId = newUser.Id,
Email = input.Email,
FirstName = input.FirstName,
LastName = input.LastName,
Active = true,
LastSeen = DateTime.Now
};
contextMVC.UserApp.Add(userApp);
//***** Save and Commit to the Database (Atomic because is same Context DB)
if (!error && autoCommit)
{
await contextMVC.SaveChangesAsync(); // Call it only once so do all other operations first
}
// Save the Name Claim into the database, add the claims in the JWT, encrypt the JWT, and use an interceptor in middleware to get this values an use them globally in the request
var _claims = new[]
{
new Claim(ClaimTypes.Name, userApp.Id),
new Claim(ClaimTypes.Email, userApp.Email),
new Claim("Identity", userApp.IdentityId),
new Claim(ClaimTypes.Role, claimUserType1),
new Claim(ClaimTypes.Role, claimUserType2),
new Claim(claimType, claimUserType1) // Create all user equal, add other claims later in database
};
var resultClaims = await userManager.AddClaimsAsync(newUser, _claims); // Save claims in the Database
if (!resultClaims.Succeeded)
{
_payload.PayloadResult = PayloadResult.ResultBad(Messages: (resultClaims.Errors.Select(o => new MessageItem {
Code = "RegisterUserTxn***" + o.Code, Message = "RegisterUserTxn***" + o.Code, Detail = ""
})).ToList());
return(_payload);
}
//***** Confirm the Result (Pass | Fail) If gets to here there are not errors then return the new data from database
_payload.PayloadResult = PayloadResult.ResultGood(Messages: new List <MessageItem> {
new MessageItem {
Code = okMessage, Message = okMessage, Detail = ""
}
});
_payload.User = userApp;
}// if (!error)
}
catch (Exception ex) // Main try
{
System.Diagnostics.Debug.WriteLine("Error: " + ex.Message);
string innerError = (ex.InnerException != null) ? ex.InnerException.Message : "";
System.Diagnostics.Debug.WriteLine("Error Inner: " + innerError);
_payload = new RegisterUserTxnPayload
{
PayloadResult = PayloadResult.ResultBad(Messages: new List <MessageItem> {
new MessageItem {
Code = errorMessageExceptionCode, Message = errorMessageException, Detail = ex.Message
}
})
}; // Restart variable to avoid returning any already saved data
}
finally
{
// Save Logs if needed
}
return(_payload);
}
public IHttpActionResult SignOutPost()
{
var payload = new PayloadResult();
if (Members.IsLoggedIn())
{
payload.SetMessageType(GenericMessages.Success);
payload.SetOrUpdate(nameof(PayloadFields.Status), MemberStatus.LoginExpired);
var loginPage = CurrentPage.ToModel <BaseContentModel>().StartPage.Descendants <LoginPageModel>().First();
payload.SetOrUpdate(nameof(PayloadFields.LoginUrl), loginPage.Url);
Members.Logout();
// httpContext.Result.Request.GetOwinContext()
// .Authentication.SignOut(
// httpContext.Result.GetOwinContext()
// .Authentication.GetAuthenticationTypes()
// .Select(o => o.AuthenticationType)
// .ToArray());
UmbracoContext.Security.ClearCurrentLogin();
var httpContext = TryGetHttpContext();
if (httpContext.Success)
{
httpContext.Result.Session?.Clear();
httpContext.Result.Session?.Abandon();
if (httpContext.Result.Request.Cookies[FormsAuthentication.FormsCookieName] != null)
{
var myCookie = new HttpCookie(FormsAuthentication.FormsCookieName);
myCookie.Expires = DateTime.Now.AddDays(-1);
httpContext.Result.Response.Cookies.Add(myCookie);
}
}
}
else if (userService.IsAuthenticated())
{
payload.SetMessageType(GenericMessages.Success);
payload.SetOrUpdate(nameof(PayloadFields.Status), MemberStatus.LoginExpired);
var loginPage = CurrentPage.ToModel <BaseContentModel>().StartPage.Descendants <LoginPageModel>().First();
payload.SetOrUpdate(nameof(PayloadFields.LoginUrl), loginPage.Url);
UmbracoContext.Security.ClearCurrentLogin();
var httpContext = TryGetHttpContext();
if (httpContext.Success)
{
// var backOfficeUserManager = httpContext.Result.GetOwinContext().GetBackOfficeUserManager();
httpContext.Result.Session?.Clear();
httpContext.Result.Session?.Abandon();
FormsAuthentication.SignOut();
if (httpContext.Result.Request.Cookies[FormsAuthentication.FormsCookieName] != null)
{
var myCookie = new HttpCookie(FormsAuthentication.FormsCookieName);
myCookie.Expires = DateTime.Now.AddDays(-1);
httpContext.Result.Response.Cookies.Add(myCookie);
}
}
}
return(Json(payload));
}
public IHttpActionResult SignUpMemberPost(SignUpMemberPayload payload)
{
var result = new PayloadResult();
if (payload == null)
{
return(Error("payload is null!", HttpStatusCode.InternalServerError));
}
IPublishedContent member = Members.GetByEmail(payload.Email) as MemberPublishedContent;
if (member != null)
{
result.SetMessageType(GenericMessages.Danger);
result.SetOrUpdate(nameof(PayloadFields.Status), MemberStatus.AlreadyRegistered);
result.SetMessage("Email already registered.");
return(Error(result));
}
MembershipCreateStatus memberStatus;
var m = ContextService.MembershipHelper.Register(
payload.Email,
payload.Email,
payload.FirstName,
payload.LastName,
payload.Password,
out memberStatus);
if (memberStatus == MembershipCreateStatus.Success)
{
m.SetValue(ContextService.Config.PropCompany, payload.Company);
m.SetValue(ContextService.Config.PropPhone, payload.Phone);
m.SetValue(ContextService.Config.PropLoginType, LoginType.Standard);
Services.MemberService.Save(m);
member = Members.GetById(m.Id);
var siteMember = AddCurrentMemberToPayload(ref result, member);
// Email auth: Create a Guid so we can retrieve the user again.
siteMember.SecurityToken = Guid.NewGuid().ToString();
ContextService.MembershipHelper.ReverseMapMember(siteMember, true);
var loginPage = CurrentPage.ToModel <BaseContentModel>().StartPage.Children <LoginPageModel>().First();
var returnUrl = loginPage.UrlWithDomain() + "?confirmEmailToken=" + siteMember.SecurityToken;
ContextService.Mailer.SendEmailConfirmation(siteMember, returnUrl);
result.SetMessage(
Umbraco.GetDictionaryValue(
"Members.MemberEmailAuthorisationNeeded",
"Members.MemberEmailAuthorisationNeeded"));
result.SetMessageType(GenericMessages.Success);
result.SetOrUpdate(nameof(PayloadFields.Status), MemberStatus.EmailAuthorisationNeeded);
return(Json(result));
}
if (memberStatus != MembershipCreateStatus.Success)
{
result.SetMessageType(GenericMessages.Danger);
result.SetOrUpdate(nameof(PayloadFields.Status), memberStatus);
return(Error(result, HttpStatusCode.InternalServerError));
}
return(Json(result));
}
