public IHttpActionResult GetMemberPost() { var payload = new PayloadResult(); if (userService.IsAuthenticated()) { payload.SetOrUpdate(nameof(PayloadFields.User), userService.MapAsMember(userService.CurrentUser)); payload.SetMessageType(GenericMessages.Success); } else if (Members.IsLoggedIn()) { AddCurrentMemberToPayload(ref payload); payload.SetMessageType(GenericMessages.Success); } else { payload.SetMessageType(GenericMessages.Danger); payload.SetMessage(Umbraco.GetDictionaryValue("Members.LoginExpired", "Members.LoginExpired")); payload.SetOrUpdate(nameof(PayloadFields.Status), MemberStatus.LoginExpired); return(Error(payload)); } return(Json(payload)); }
public IHttpActionResult HasAccessPost() { var payload = new PayloadResult(); if (userService.IsAuthenticated()) { ContextService.UserHelper.LoginAsMember(); payload.SetMessageType(GenericMessages.Success); } //else if (CurrentPage.DocumentTypeAlias.Equals(nameof(LoginPageModel))) //{ // payload.SetMessageType(GenericMessages.Success); //} else if (Umbraco.IsProtected(CurrentPage.Path)) { // Do we have a logged in member ? if (Umbraco.MemberIsLoggedOn() == false) { payload.SetMessageType(GenericMessages.Danger); payload.SetMessage(Umbraco.GetDictionaryValue("Members.LoginExpired", "Members.LoginExpired")); payload.SetOrUpdate(nameof(PayloadFields.Status), MemberStatus.LoginExpired); return(Error(payload)); } // Do we have access to the current page ? if (Umbraco.MemberHasAccess(CurrentPage.Path) == false) { // If we get here the member has no access to this page, redirect them to there start page. payload.SetMessageType(GenericMessages.Danger); RedirectCurrentMemberToStartPage(ref payload); payload.SetOrUpdate(nameof(PayloadFields.Status), MemberStatus.AuthorizationFailure); } else { // Check if the backoffice user is signed out while the admin member is logged in. var member = (MemberPublishedContent)Umbraco.MembershipHelper.GetCurrentMember(); if (member.DocumentTypeAlias.Equals(nameof(AdminMember)) && userService.ValidateUser(member.Email)) { var user = Services.UserService.GetByEmail(member.Email); // This is a backoffice member lets log them in. UmbracoContext.Security.PerformLogin(user.Id); payload.SetOrUpdate(nameof(PayloadFields.Status), MemberStatus.AdminLoggedIn); } payload.SetMessageType(GenericMessages.Success); } } else { payload.SetMessageType(GenericMessages.Success); } return(Json(payload)); }
public IHttpActionResult NewPasswordPost(string token, string password) { var result = new PayloadResult(); var tryGetMember = Services.MemberService .GetMembersByPropertyValue(ContextService.Config.PropSecurityToken, token).SingleOrDefault(); if (tryGetMember == null) { result.SetMessageType(GenericMessages.Danger); result.SetMessage("Forgot password reset token expired, request a new one."); result.SetOrUpdate(nameof(PayloadFields.Status), MemberStatus.LoginExpired); return(Error(result)); } // If the member is locked out we need to undo that. if (tryGetMember.IsLockedOut) { tryGetMember.IsLockedOut = false; Services.MemberService.Save(tryGetMember); } var member = ContextService.MembershipHelper.MapMember(tryGetMember); member.SecurityToken = string.Empty; if (!member.SecurityTokenExpireDate.HasValue || member.SecurityTokenExpireDate.Value.ToUniversalTime() < DateTime.UtcNow) { ContextService.MembershipHelper.ReverseMapMember(member, true); result.SetMessageType(GenericMessages.Danger); result.SetMessage("Forgot password reset token expired, request a new one."); result.SetOrUpdate(nameof(PayloadFields.Status), MemberStatus.LoginExpired); return(Error(result)); } ApplicationContext.Services.MemberService.SavePassword(tryGetMember, password); if (Members.Login(tryGetMember.Username, password) == false) { result.SetMessageType(GenericMessages.Danger); result.SetMessage("Something went wrong"); result.SetOrUpdate(nameof(PayloadFields.Status), MemberStatus.Unknown); return(Error(result)); } ContextService.MembershipHelper.ReverseMapMember(member, true); result.SetMessageType(GenericMessages.Success); return(Json(result)); }
private ISiteMember AddCurrentMemberToPayload(ref PayloadResult result, IPublishedContent member = null) { var m = ContextService.MembershipHelper.MapMember(member ?? Members.GetCurrentMember()); result.SetOrUpdate(nameof(PayloadFields.User), m); return(m); }
public IHttpActionResult GetProfilePost(int?id = null) { var payload = new PayloadResult(); ISiteMember member; if (!id.HasValue && Members.IsLoggedIn()) { var m = Members.GetCurrentMember(); member = ContextService.MembershipHelper.MapMember(m); } else if (id.HasValue) { var m = Members.GetById(id.Value); member = ContextService.MembershipHelper.MapMember(m); } else { payload.SetMessageType(GenericMessages.Danger); payload.SetMessage("No member is logged in and no id was passed!"); return(Error(payload, HttpStatusCode.InternalServerError)); } payload.SetOrUpdate(nameof(PayloadFields.User), member); return(Json(payload)); }
public IHttpActionResult UnlockEventPost(string eventCode) { var payload = new PayloadResult(); var memberId = Members.GetCurrentMemberId(); EventPageModel eventPage; var status = EventRepository.UnlockEvent(eventCode, memberId, out eventPage); if (status == EventStatus.Unlocked) { payload.SetOrUpdate("event", new { name = eventPage.EventName, url = eventPage.Url }); } payload.SetOrUpdate("status", status); return(Json(payload)); }
private void RedirectCurrentMemberToStartPage(ref PayloadResult payload) { var member = Umbraco.MembershipHelper.GetCurrentMember(); if (member.DocumentTypeAlias.Equals(nameof(AdminMember))) { payload.SetOrUpdate( nameof(PayloadFields.RedirectTo), CurrentPage.ToModel <BaseContentModel>().StartPage.Url); } else { payload.SetOrUpdate( nameof(PayloadFields.RedirectTo), CurrentPage.ToModel <BaseContentModel>().StartPage.Url); } }
public IHttpActionResult GetMyEventsPost() { var currentMemberId = Members.GetCurrentMemberId(); var events = EventRepository.GetEventsForMember(currentMemberId).ToList(); var payload = new PayloadResult(); var activeCourses = events .Where(x => x.EventActivities.Last().EndDate > DateTime.Now) .Select(x => new { x.Id, x.EventName, x.Url, x.StartDate, x.EndDate }); var oldCourses = events .Where(x => x.EventActivities.Last().EndDate < DateTime.Now) .Select(x => new { x.Id, x.EventName, x.Url, x.StartDate, x.EndDate }); payload.SetOrUpdate("activeEvents", activeCourses); payload.SetOrUpdate("oldEvents", oldCourses); return(Json(payload)); }
public IHttpActionResult ForgotPasswordPost(string email) { var result = new PayloadResult(); var tryGetMember = Services.MemberService.GetByEmail(email); if (tryGetMember == null) { result.SetMessageType(GenericMessages.Danger); result.SetOrUpdate(nameof(PayloadFields.Status), MemberStatus.NotRegistered); result.SetMessage("Something went wrong"); return(Error(result)); } var member = ContextService.MembershipHelper.MapMember(tryGetMember); if (member.IsEmailConfirmed == false) { // Email is not confirmed send it again! return(SendConfirmationMailPost(email)); } // Create a Guid so we can retrieve the user again. member.SecurityToken = Guid.NewGuid().ToString(); // Expire in 30 minutes member.SecurityTokenExpireDate = DateTime.Now.AddMinutes(30); ContextService.MembershipHelper.ReverseMapMember(member, true); var loginPage = CurrentPage.ToModel <BaseContentModel>().StartPage.Children <LoginPageModel>().First(); var returnUrl = loginPage.UrlWithDomain() + "?token=" + member.SecurityToken; ContextService.Mailer.SendForgotPassword(member, returnUrl); result.SetMessageType(GenericMessages.Success); return(Json(result)); }
public IHttpActionResult SignUpMemberPost(SignUpMemberPayload payload) { var result = new PayloadResult(); if (payload == null) { return(Error("payload is null!", HttpStatusCode.InternalServerError)); } IPublishedContent member = Members.GetByEmail(payload.Email) as MemberPublishedContent; if (member != null) { result.SetMessageType(GenericMessages.Danger); result.SetOrUpdate(nameof(PayloadFields.Status), MemberStatus.AlreadyRegistered); result.SetMessage("Email already registered."); return(Error(result)); } MembershipCreateStatus memberStatus; var m = ContextService.MembershipHelper.Register( payload.Email, payload.Email, payload.FirstName, payload.LastName, payload.Password, out memberStatus); if (memberStatus == MembershipCreateStatus.Success) { m.SetValue(ContextService.Config.PropCompany, payload.Company); m.SetValue(ContextService.Config.PropPhone, payload.Phone); m.SetValue(ContextService.Config.PropLoginType, LoginType.Standard); Services.MemberService.Save(m); member = Members.GetById(m.Id); var siteMember = AddCurrentMemberToPayload(ref result, member); // Email auth: Create a Guid so we can retrieve the user again. siteMember.SecurityToken = Guid.NewGuid().ToString(); ContextService.MembershipHelper.ReverseMapMember(siteMember, true); var loginPage = CurrentPage.ToModel <BaseContentModel>().StartPage.Children <LoginPageModel>().First(); var returnUrl = loginPage.UrlWithDomain() + "?confirmEmailToken=" + siteMember.SecurityToken; ContextService.Mailer.SendEmailConfirmation(siteMember, returnUrl); result.SetMessage( Umbraco.GetDictionaryValue( "Members.MemberEmailAuthorisationNeeded", "Members.MemberEmailAuthorisationNeeded")); result.SetMessageType(GenericMessages.Success); result.SetOrUpdate(nameof(PayloadFields.Status), MemberStatus.EmailAuthorisationNeeded); return(Json(result)); } if (memberStatus != MembershipCreateStatus.Success) { result.SetMessageType(GenericMessages.Danger); result.SetOrUpdate(nameof(PayloadFields.Status), memberStatus); return(Error(result, HttpStatusCode.InternalServerError)); } return(Json(result)); }
public IHttpActionResult SignOutPost() { var payload = new PayloadResult(); if (Members.IsLoggedIn()) { payload.SetMessageType(GenericMessages.Success); payload.SetOrUpdate(nameof(PayloadFields.Status), MemberStatus.LoginExpired); var loginPage = CurrentPage.ToModel <BaseContentModel>().StartPage.Descendants <LoginPageModel>().First(); payload.SetOrUpdate(nameof(PayloadFields.LoginUrl), loginPage.Url); Members.Logout(); // httpContext.Result.Request.GetOwinContext() // .Authentication.SignOut( // httpContext.Result.GetOwinContext() // .Authentication.GetAuthenticationTypes() // .Select(o => o.AuthenticationType) // .ToArray()); UmbracoContext.Security.ClearCurrentLogin(); var httpContext = TryGetHttpContext(); if (httpContext.Success) { httpContext.Result.Session?.Clear(); httpContext.Result.Session?.Abandon(); if (httpContext.Result.Request.Cookies[FormsAuthentication.FormsCookieName] != null) { var myCookie = new HttpCookie(FormsAuthentication.FormsCookieName); myCookie.Expires = DateTime.Now.AddDays(-1); httpContext.Result.Response.Cookies.Add(myCookie); } } } else if (userService.IsAuthenticated()) { payload.SetMessageType(GenericMessages.Success); payload.SetOrUpdate(nameof(PayloadFields.Status), MemberStatus.LoginExpired); var loginPage = CurrentPage.ToModel <BaseContentModel>().StartPage.Descendants <LoginPageModel>().First(); payload.SetOrUpdate(nameof(PayloadFields.LoginUrl), loginPage.Url); UmbracoContext.Security.ClearCurrentLogin(); var httpContext = TryGetHttpContext(); if (httpContext.Success) { // var backOfficeUserManager = httpContext.Result.GetOwinContext().GetBackOfficeUserManager(); httpContext.Result.Session?.Clear(); httpContext.Result.Session?.Abandon(); FormsAuthentication.SignOut(); if (httpContext.Result.Request.Cookies[FormsAuthentication.FormsCookieName] != null) { var myCookie = new HttpCookie(FormsAuthentication.FormsCookieName); myCookie.Expires = DateTime.Now.AddDays(-1); httpContext.Result.Response.Cookies.Add(myCookie); } } } return(Json(payload)); }
public IHttpActionResult SignInMemberPost(string username, string password, bool?remember) { var payload = new PayloadResult(); var currentPage = CurrentPage.ToModel <BaseContentModel>(); payload.SetOrUpdate(nameof(PayloadFields.LoginUrl), currentPage.LoginPage.Url); // Check if this is a backoffice user. var user = Services.UserService.GetByUsername(username) ?? Services.UserService.GetByEmail(username); if (user != null && UmbracoContext.Security.ValidateBackOfficeCredentials(user.Username, password)) { // First lets login as a Backoffice user then member. UmbracoContext.Security.PerformLogin(user.Id); // We need to set the user as this request HttpContext has no umbraco data in it for the user. ContextService.UserHelper.SetCurrentUser(user); ContextService.UserHelper.LoginAsMember(); payload.SetMessageType(GenericMessages.Success); //payload.SetOrUpdate(nameof(PayloadFields.RedirectTo), currentPage.StartPage.Url); payload.SetOrUpdate(nameof(PayloadFields.Status), MemberStatus.AdminLoggedIn); return(Json(payload)); } var member = (Members.GetByEmail(username) ?? Members.GetByUsername(username)) as MemberPublishedContent; var memberMap = ContextService.MembershipHelper.MapMember(member); // check if this is a Facebook integrated account. if (memberMap.LoginType != LoginType.Standard && memberMap.LoginType == LoginType.Facebook) { payload.SetMessageType(GenericMessages.Danger); payload.SetMessage("Please use Facebook to login"); payload.SetOrUpdate(nameof(PayloadFields.Status), MemberStatus.FacebookIntegrated); return(Error(payload, HttpStatusCode.Unauthorized)); } var validCredentials = Membership.ValidateUser(member.UserName, password); // ToDo: Refactor this. if (Members.IsLoggedIn()) { AddCurrentMemberToPayload(ref payload, member); payload.SetMessage("Already logged in"); payload.SetMessageType(GenericMessages.Success); payload.SetOrUpdate(nameof(PayloadFields.Status), MemberStatus.AlreadyLoggedIn); } else if (!memberMap.IsEmailConfirmed && validCredentials) { AddCurrentMemberToPayload(ref payload, member); payload.SetMessage( Umbraco.GetDictionaryValue( "Members.MemberEmailAuthorisationNeeded", "Members.MemberEmailAuthorisationNeeded")); payload.SetMessageType(GenericMessages.Success); payload.SetOrUpdate(nameof(PayloadFields.Status), MemberStatus.EmailAuthorisationNeeded); } else if (Members.Login(member.UserName, password)) { AddCurrentMemberToPayload(ref payload, member); payload.SetMessageType(GenericMessages.Success); payload.SetOrUpdate(nameof(PayloadFields.Status), MemberStatus.LoggedIn); //payload.SetOrUpdate(nameof(PayloadFields.RedirectTo), CurrentPage.ToModel<BaseContentModel>().StartPage.Url); } else { // Something went wrong ether the password or username is not correct. payload.SetMessageType(GenericMessages.Danger); payload.SetMessage("Användarnamn eller lösenord är felaktigt"); payload.SetOrUpdate(nameof(PayloadFields.Status), MemberStatus.AuthorizationFailure); return(Error(payload, HttpStatusCode.Unauthorized)); } return(Json(payload)); }