public IHttpActionResult GetMemberPost() { var payload = new PayloadResult(); if (userService.IsAuthenticated()) { payload.SetOrUpdate(nameof(PayloadFields.User), userService.MapAsMember(userService.CurrentUser)); payload.SetMessageType(GenericMessages.Success); } else if (Members.IsLoggedIn()) { AddCurrentMemberToPayload(ref payload); payload.SetMessageType(GenericMessages.Success); } else { payload.SetMessageType(GenericMessages.Danger); payload.SetMessage(Umbraco.GetDictionaryValue("Members.LoginExpired", "Members.LoginExpired")); payload.SetOrUpdate(nameof(PayloadFields.Status), MemberStatus.LoginExpired); return(Error(payload)); } return(Json(payload)); }
public IHttpActionResult HasAccessPost() { var payload = new PayloadResult(); if (userService.IsAuthenticated()) { ContextService.UserHelper.LoginAsMember(); payload.SetMessageType(GenericMessages.Success); } //else if (CurrentPage.DocumentTypeAlias.Equals(nameof(LoginPageModel))) //{ // payload.SetMessageType(GenericMessages.Success); //} else if (Umbraco.IsProtected(CurrentPage.Path)) { // Do we have a logged in member ? if (Umbraco.MemberIsLoggedOn() == false) { payload.SetMessageType(GenericMessages.Danger); payload.SetMessage(Umbraco.GetDictionaryValue("Members.LoginExpired", "Members.LoginExpired")); payload.SetOrUpdate(nameof(PayloadFields.Status), MemberStatus.LoginExpired); return(Error(payload)); } // Do we have access to the current page ? if (Umbraco.MemberHasAccess(CurrentPage.Path) == false) { // If we get here the member has no access to this page, redirect them to there start page. payload.SetMessageType(GenericMessages.Danger); RedirectCurrentMemberToStartPage(ref payload); payload.SetOrUpdate(nameof(PayloadFields.Status), MemberStatus.AuthorizationFailure); } else { // Check if the backoffice user is signed out while the admin member is logged in. var member = (MemberPublishedContent)Umbraco.MembershipHelper.GetCurrentMember(); if (member.DocumentTypeAlias.Equals(nameof(AdminMember)) && userService.ValidateUser(member.Email)) { var user = Services.UserService.GetByEmail(member.Email); // This is a backoffice member lets log them in. UmbracoContext.Security.PerformLogin(user.Id); payload.SetOrUpdate(nameof(PayloadFields.Status), MemberStatus.AdminLoggedIn); } payload.SetMessageType(GenericMessages.Success); } } else { payload.SetMessageType(GenericMessages.Success); } return(Json(payload)); }
public IHttpActionResult NewPasswordPost(string token, string password) { var result = new PayloadResult(); var tryGetMember = Services.MemberService .GetMembersByPropertyValue(ContextService.Config.PropSecurityToken, token).SingleOrDefault(); if (tryGetMember == null) { result.SetMessageType(GenericMessages.Danger); result.SetMessage("Forgot password reset token expired, request a new one."); result.SetOrUpdate(nameof(PayloadFields.Status), MemberStatus.LoginExpired); return(Error(result)); } // If the member is locked out we need to undo that. if (tryGetMember.IsLockedOut) { tryGetMember.IsLockedOut = false; Services.MemberService.Save(tryGetMember); } var member = ContextService.MembershipHelper.MapMember(tryGetMember); member.SecurityToken = string.Empty; if (!member.SecurityTokenExpireDate.HasValue || member.SecurityTokenExpireDate.Value.ToUniversalTime() < DateTime.UtcNow) { ContextService.MembershipHelper.ReverseMapMember(member, true); result.SetMessageType(GenericMessages.Danger); result.SetMessage("Forgot password reset token expired, request a new one."); result.SetOrUpdate(nameof(PayloadFields.Status), MemberStatus.LoginExpired); return(Error(result)); } ApplicationContext.Services.MemberService.SavePassword(tryGetMember, password); if (Members.Login(tryGetMember.Username, password) == false) { result.SetMessageType(GenericMessages.Danger); result.SetMessage("Something went wrong"); result.SetOrUpdate(nameof(PayloadFields.Status), MemberStatus.Unknown); return(Error(result)); } ContextService.MembershipHelper.ReverseMapMember(member, true); result.SetMessageType(GenericMessages.Success); return(Json(result)); }
public IHttpActionResult GetProfilePost(int?id = null) { var payload = new PayloadResult(); ISiteMember member; if (!id.HasValue && Members.IsLoggedIn()) { var m = Members.GetCurrentMember(); member = ContextService.MembershipHelper.MapMember(m); } else if (id.HasValue) { var m = Members.GetById(id.Value); member = ContextService.MembershipHelper.MapMember(m); } else { payload.SetMessageType(GenericMessages.Danger); payload.SetMessage("No member is logged in and no id was passed!"); return(Error(payload, HttpStatusCode.InternalServerError)); } payload.SetOrUpdate(nameof(PayloadFields.User), member); return(Json(payload)); }
public IHttpActionResult GetPhotosPost(int?page = null, int?pageSize = null, int?id = null) { ISiteMember member; if (!id.HasValue && Members.IsLoggedIn()) { var m = Members.GetCurrentMember(); member = ContextService.MembershipHelper.MapMember(m); } else if (id.HasValue) { var m = Members.GetById(id.Value); member = ContextService.MembershipHelper.MapMember(m); } else { var payload = new PayloadResult(); payload.SetMessageType(GenericMessages.Danger); payload.SetMessage("No member is logged in and no id was passed!"); return(Error(payload, HttpStatusCode.InternalServerError)); } var photos = member.GetPhotos().Select( media => { var typedMedia = Umbraco.TypedMedia(media.Id); var mediaModel = (MemberImageType)CodeFirstHelper.TypedMedia(typedMedia); return(mediaModel); }).OrderByDescending(x => x.CreateDate); var pageNumber = page ?? 1; var pagedResult = photos.ToPagedList(pageNumber, pageSize ?? 25); return(Json(new { items = pagedResult, totalPages = pagedResult.PageCount })); }
public ActionResult ForgotPassword(ForgotPasswordViewModel model) { var changePasswordSucceeded = true; var newPassword = MembershipHelper.GeneratePassword(); try { if (ModelState.IsValid) { var currentUser = MembershipHelper.MapMember(Services.MemberService.GetByEmail(model.EmailAddress)); if (currentUser != null) { changePasswordSucceeded = MembershipHelper.ResetPassword(currentUser, newPassword); } else { changePasswordSucceeded = false; } } } catch (Exception ex) { LogHelper.Error <LoginRegisterController>(string.Format("Error resetting password for {0}", model.EmailAddress), ex); changePasswordSucceeded = false; } if (changePasswordSucceeded) { // ToDo: Send email. //var sb = new StringBuilder(); //sb.AppendFormat("<p>{0}</p>", Umbraco.GetDictionaryValue("Members.ForgotPassword.Email")); //sb.AppendFormat("<p><b>{0}</b></p>", newPassword); //var email = new Email //{ // EmailFrom = Constants.DefaultEmailAddress, // EmailTo = currentUser.Email, // NameTo = currentUser.UserName, // Subject = Umbraco.GetDictionaryValue("Members.ForgotPassword.Subject") //}; //email.Body = ServiceFactory.EmailService.EmailTemplate(email.NameTo, sb.ToString()); //ServiceFactory.EmailService.SendMail(email); // We use temp data because we are doing a redirect var payload = new PayloadResult(); payload.SetMessage(Umbraco.GetDictionaryValue("Members.ForgotPassword.SuccessMessage", "Members.ForgotPassword.SuccessMessage")); payload.SetMessageType(GenericMessages.Success); ShowMessage(new PayloadResult(Umbraco.GetDictionaryValue("Members.ForgotPassword.SuccessMessage"), GenericMessages.Success)); return(CurrentUmbracoPage()); } ModelState.AddModelError(string.Empty, Umbraco.GetDictionaryValue("Members.ForgotPassword.ErrorMessage")); return(CurrentUmbracoPage()); }
public IHttpActionResult ForgotPasswordPost(string email) { var result = new PayloadResult(); var tryGetMember = Services.MemberService.GetByEmail(email); if (tryGetMember == null) { result.SetMessageType(GenericMessages.Danger); result.SetOrUpdate(nameof(PayloadFields.Status), MemberStatus.NotRegistered); result.SetMessage("Something went wrong"); return(Error(result)); } var member = ContextService.MembershipHelper.MapMember(tryGetMember); if (member.IsEmailConfirmed == false) { // Email is not confirmed send it again! return(SendConfirmationMailPost(email)); } // Create a Guid so we can retrieve the user again. member.SecurityToken = Guid.NewGuid().ToString(); // Expire in 30 minutes member.SecurityTokenExpireDate = DateTime.Now.AddMinutes(30); ContextService.MembershipHelper.ReverseMapMember(member, true); var loginPage = CurrentPage.ToModel <BaseContentModel>().StartPage.Children <LoginPageModel>().First(); var returnUrl = loginPage.UrlWithDomain() + "?token=" + member.SecurityToken; ContextService.Mailer.SendForgotPassword(member, returnUrl); result.SetMessageType(GenericMessages.Success); return(Json(result)); }
public IHttpActionResult SendConfirmationMailPost(string email) { var result = new PayloadResult(); var member = Members.GetByEmail(email); var wellaMember = ContextService.MembershipHelper.MapMember(member); wellaMember.SecurityToken = Guid.NewGuid().ToString(); ContextService.MembershipHelper.ReverseMapMember(wellaMember, true); var loginPage = CurrentPage.ToModel <BaseContentModel>().StartPage.Children <LoginPageModel>().First(); var returnUrl = loginPage.UrlWithDomain() + "?confirmEmailToken=" + wellaMember.SecurityToken; ContextService.Mailer.SendEmailConfirmation(wellaMember, returnUrl); result.SetMessage( Umbraco.GetDictionaryValue("Members.AuthorisationEmailSent", "Members.AuthorisationEmailSent")); result.SetMessageType(GenericMessages.Success); return(Json(result)); }
public IHttpActionResult ValidateUsernamePost(string username) { // force lowercase username = username.ToLower(); var payload = new PayloadResult(); var safeUsername = username.ToUrlSegment(); if (!safeUsername.Equals(username)) { var invalidCharacters = username.Where(x => !safeUsername.Any(s => s.Equals(x))).ToList(); var message = string.Empty; for (var i = 0; i < invalidCharacters.Count; i++) { var c = invalidCharacters[i]; message += $"<strong>{c}</strong>"; if (i < invalidCharacters.Count - 1) { message += ", "; } } payload.SetMessageType(GenericMessages.Danger); // payload.SetMessage($"Invalid characters in username: {message}"); payload.SetMessage(message); return(Json(payload)); } var usernameTaken = Members.GetByUsername(username) != null; return(Json(usernameTaken)); }
public ActionResult LogOn(LoginViewModel model) { try { if (ModelState.IsValid) { ISiteMember user = new DefaultSiteMember(); var message = new PayloadResult(); if (Members.Login(model.UserName, model.Password)) { // Set last login date user = MembershipHelper.MapMember(Services.MemberService.GetByUsername(model.UserName)); if (user.IsApproved && !user.IsLockedOut) { if (Url.IsLocalUrl(model.ReturnUrl) && model.ReturnUrl.Length > 1 && model.ReturnUrl.StartsWith("/") && !model.ReturnUrl.StartsWith("//") && !model.ReturnUrl.StartsWith("/\\")) { return(Redirect(model.ReturnUrl)); } message.SetMessage(Umbraco.GetDictionaryValue("Members.LoggedInMessage")); message.SetMessageType(GenericMessages.Success); return(RedirectToWellaStartPage()); } } // Only show if we have something to actually show to the user if (!string.IsNullOrEmpty(message.Message)) { ShowMessage(message); } else { if (user.IsApproved) { ModelState.AddModelError(string.Empty, Umbraco.GetDictionaryValue("Members.Errors.NotApproved")); } else if (user.IsLockedOut) { ModelState.AddModelError(string.Empty, Umbraco.GetDictionaryValue("Members.Errors.LockedOut")); } else { ModelState.AddModelError(string.Empty, Umbraco.GetDictionaryValue("Members.Errors.LogonGeneric")); } } } else { ModelState.AddModelError(string.Empty, Umbraco.GetDictionaryValue("Members.Errors.LogonGeneric")); } } catch (Exception ex) { LogHelper.Error <IHtmlString>("Error when user logging in", ex); } return(CurrentUmbracoPage()); }
public ActionResult MemberRegisterLogic(RegisterViewModel userModel) { var homeRedirect = false; MembershipCreateStatus createStatus; var member = WellaContext.MembershipHelper.Register(userModel, out createStatus); if (createStatus != MembershipCreateStatus.Success) { ModelState.AddModelError(string.Empty, ErrorCodeToString(createStatus)); } else { var userMessage = new PayloadResult(); var manuallyAuthoriseMembers = WellaContext.Constants.ManuallyAuthorizeNewMembers; var memberEmailAuthorisationNeeded = WellaContext.Constants.NewMembersMustConfirmEmail; // Set the view bag message here if (manuallyAuthoriseMembers) { userMessage.SetMessage(Umbraco.GetDictionaryValue("Members.NowRegisteredNeedApproval")); userMessage.SetMessageType(GenericMessages.Success); } else if (memberEmailAuthorisationNeeded) { userMessage.SetMessage(Umbraco.GetDictionaryValue("Members.MemberEmailAuthorisationNeeded")); userMessage.SetMessageType(GenericMessages.Success); } else { // If not manually authorise then log the user in FormsAuthentication.SetAuthCookie(member.Username, true); userMessage.SetMessage(Umbraco.GetDictionaryValue("Members.NowRegistered")); userMessage.SetMessageType(GenericMessages.Success); } // Show the message ShowMessage(userMessage); if (!manuallyAuthoriseMembers && !memberEmailAuthorisationNeeded) { homeRedirect = true; } try { // Only send the email if the admin is not manually authorising emails or it's pointless SendEmailConfirmationEmail(member); if (homeRedirect) { if (Url.IsLocalUrl(userModel.ReturnUrl) && userModel.ReturnUrl.Length > 1 && userModel.ReturnUrl.StartsWith("/") && !userModel.ReturnUrl.StartsWith("//") && !userModel.ReturnUrl.StartsWith("/\\")) { return(Redirect(userModel.ReturnUrl)); } return(RedirectToWellaStartPage()); } } catch (Exception ex) { LogHelper.Error <LoginRegisterController>("Eror during member registering", ex); FormsAuthentication.SignOut(); ModelState.AddModelError(string.Empty, ex.Message); } } if (userModel.LoginType != LoginType.Standard) { return(Redirect(WellaContext.Settings.RegisterUrl)); } return(CurrentUmbracoPage()); }
public IHttpActionResult SignUpMemberPost(SignUpMemberPayload payload) { var result = new PayloadResult(); if (payload == null) { return(Error("payload is null!", HttpStatusCode.InternalServerError)); } IPublishedContent member = Members.GetByEmail(payload.Email) as MemberPublishedContent; if (member != null) { result.SetMessageType(GenericMessages.Danger); result.SetOrUpdate(nameof(PayloadFields.Status), MemberStatus.AlreadyRegistered); result.SetMessage("Email already registered."); return(Error(result)); } MembershipCreateStatus memberStatus; var m = ContextService.MembershipHelper.Register( payload.Email, payload.Email, payload.FirstName, payload.LastName, payload.Password, out memberStatus); if (memberStatus == MembershipCreateStatus.Success) { m.SetValue(ContextService.Config.PropCompany, payload.Company); m.SetValue(ContextService.Config.PropPhone, payload.Phone); m.SetValue(ContextService.Config.PropLoginType, LoginType.Standard); Services.MemberService.Save(m); member = Members.GetById(m.Id); var siteMember = AddCurrentMemberToPayload(ref result, member); // Email auth: Create a Guid so we can retrieve the user again. siteMember.SecurityToken = Guid.NewGuid().ToString(); ContextService.MembershipHelper.ReverseMapMember(siteMember, true); var loginPage = CurrentPage.ToModel <BaseContentModel>().StartPage.Children <LoginPageModel>().First(); var returnUrl = loginPage.UrlWithDomain() + "?confirmEmailToken=" + siteMember.SecurityToken; ContextService.Mailer.SendEmailConfirmation(siteMember, returnUrl); result.SetMessage( Umbraco.GetDictionaryValue( "Members.MemberEmailAuthorisationNeeded", "Members.MemberEmailAuthorisationNeeded")); result.SetMessageType(GenericMessages.Success); result.SetOrUpdate(nameof(PayloadFields.Status), MemberStatus.EmailAuthorisationNeeded); return(Json(result)); } if (memberStatus != MembershipCreateStatus.Success) { result.SetMessageType(GenericMessages.Danger); result.SetOrUpdate(nameof(PayloadFields.Status), memberStatus); return(Error(result, HttpStatusCode.InternalServerError)); } return(Json(result)); }
public IHttpActionResult SignOutPost() { var payload = new PayloadResult(); if (Members.IsLoggedIn()) { payload.SetMessageType(GenericMessages.Success); payload.SetOrUpdate(nameof(PayloadFields.Status), MemberStatus.LoginExpired); var loginPage = CurrentPage.ToModel <BaseContentModel>().StartPage.Descendants <LoginPageModel>().First(); payload.SetOrUpdate(nameof(PayloadFields.LoginUrl), loginPage.Url); Members.Logout(); // httpContext.Result.Request.GetOwinContext() // .Authentication.SignOut( // httpContext.Result.GetOwinContext() // .Authentication.GetAuthenticationTypes() // .Select(o => o.AuthenticationType) // .ToArray()); UmbracoContext.Security.ClearCurrentLogin(); var httpContext = TryGetHttpContext(); if (httpContext.Success) { httpContext.Result.Session?.Clear(); httpContext.Result.Session?.Abandon(); if (httpContext.Result.Request.Cookies[FormsAuthentication.FormsCookieName] != null) { var myCookie = new HttpCookie(FormsAuthentication.FormsCookieName); myCookie.Expires = DateTime.Now.AddDays(-1); httpContext.Result.Response.Cookies.Add(myCookie); } } } else if (userService.IsAuthenticated()) { payload.SetMessageType(GenericMessages.Success); payload.SetOrUpdate(nameof(PayloadFields.Status), MemberStatus.LoginExpired); var loginPage = CurrentPage.ToModel <BaseContentModel>().StartPage.Descendants <LoginPageModel>().First(); payload.SetOrUpdate(nameof(PayloadFields.LoginUrl), loginPage.Url); UmbracoContext.Security.ClearCurrentLogin(); var httpContext = TryGetHttpContext(); if (httpContext.Success) { // var backOfficeUserManager = httpContext.Result.GetOwinContext().GetBackOfficeUserManager(); httpContext.Result.Session?.Clear(); httpContext.Result.Session?.Abandon(); FormsAuthentication.SignOut(); if (httpContext.Result.Request.Cookies[FormsAuthentication.FormsCookieName] != null) { var myCookie = new HttpCookie(FormsAuthentication.FormsCookieName); myCookie.Expires = DateTime.Now.AddDays(-1); httpContext.Result.Response.Cookies.Add(myCookie); } } } return(Json(payload)); }
public IHttpActionResult SignInMemberPost(string username, string password, bool?remember) { var payload = new PayloadResult(); var currentPage = CurrentPage.ToModel <BaseContentModel>(); payload.SetOrUpdate(nameof(PayloadFields.LoginUrl), currentPage.LoginPage.Url); // Check if this is a backoffice user. var user = Services.UserService.GetByUsername(username) ?? Services.UserService.GetByEmail(username); if (user != null && UmbracoContext.Security.ValidateBackOfficeCredentials(user.Username, password)) { // First lets login as a Backoffice user then member. UmbracoContext.Security.PerformLogin(user.Id); // We need to set the user as this request HttpContext has no umbraco data in it for the user. ContextService.UserHelper.SetCurrentUser(user); ContextService.UserHelper.LoginAsMember(); payload.SetMessageType(GenericMessages.Success); //payload.SetOrUpdate(nameof(PayloadFields.RedirectTo), currentPage.StartPage.Url); payload.SetOrUpdate(nameof(PayloadFields.Status), MemberStatus.AdminLoggedIn); return(Json(payload)); } var member = (Members.GetByEmail(username) ?? Members.GetByUsername(username)) as MemberPublishedContent; var memberMap = ContextService.MembershipHelper.MapMember(member); // check if this is a Facebook integrated account. if (memberMap.LoginType != LoginType.Standard && memberMap.LoginType == LoginType.Facebook) { payload.SetMessageType(GenericMessages.Danger); payload.SetMessage("Please use Facebook to login"); payload.SetOrUpdate(nameof(PayloadFields.Status), MemberStatus.FacebookIntegrated); return(Error(payload, HttpStatusCode.Unauthorized)); } var validCredentials = Membership.ValidateUser(member.UserName, password); // ToDo: Refactor this. if (Members.IsLoggedIn()) { AddCurrentMemberToPayload(ref payload, member); payload.SetMessage("Already logged in"); payload.SetMessageType(GenericMessages.Success); payload.SetOrUpdate(nameof(PayloadFields.Status), MemberStatus.AlreadyLoggedIn); } else if (!memberMap.IsEmailConfirmed && validCredentials) { AddCurrentMemberToPayload(ref payload, member); payload.SetMessage( Umbraco.GetDictionaryValue( "Members.MemberEmailAuthorisationNeeded", "Members.MemberEmailAuthorisationNeeded")); payload.SetMessageType(GenericMessages.Success); payload.SetOrUpdate(nameof(PayloadFields.Status), MemberStatus.EmailAuthorisationNeeded); } else if (Members.Login(member.UserName, password)) { AddCurrentMemberToPayload(ref payload, member); payload.SetMessageType(GenericMessages.Success); payload.SetOrUpdate(nameof(PayloadFields.Status), MemberStatus.LoggedIn); //payload.SetOrUpdate(nameof(PayloadFields.RedirectTo), CurrentPage.ToModel<BaseContentModel>().StartPage.Url); } else { // Something went wrong ether the password or username is not correct. payload.SetMessageType(GenericMessages.Danger); payload.SetMessage("Användarnamn eller lösenord är felaktigt"); payload.SetOrUpdate(nameof(PayloadFields.Status), MemberStatus.AuthorizationFailure); return(Error(payload, HttpStatusCode.Unauthorized)); } return(Json(payload)); }