protected void Application_Start()
{
AreaRegistration.RegisterAllAreas();
WebApiConfig.Register(GlobalConfiguration.Configuration);
FilterConfig.RegisterGlobalFilters(GlobalFilters.Filters);
RouteConfig.RegisterRoutes(RouteTable.Routes);
BundleConfig.RegisterBundles(BundleTable.Bundles);
AuthConfig.RegisterAuth();
Database.SetInitializer<MembershipContext>(new MembershipInitializer());
MembershipContext context = new MembershipContext();
context.Database.Initialize(true);
}
public ActionResult Authenticate(TwoFactorModel model, string userName, bool rememberMe, string returnUrl)
{
if (ModelState.IsValid)
{
User user;
using (var db = new MembershipContext())
{
user = db.Users.FirstOrDefault(u => string.Compare(u.UserName, userName, true) == 0);
};
bool userIsValid = TwoFactorPasswordGenerator.GenerateTimeBasedPassword(user.TwoFactorSecret) == model.TwoFactorCode;
if (userIsValid)
{
FormsAuthentication.SetAuthCookie(user.UserName, rememberMe);
return RedirectToLocal(returnUrl);
}
}
// If we got this far, something failed, redisplay form
ModelState.AddModelError("", "The Google Authenticator code is invalid.");
return View(model);
}
public SimpleMembershipInitializer()
{
Database.SetInitializer<MembershipContext>(null);
try
{
using (var context = new MembershipContext())
{
if (!context.Database.Exists())
{
// Create the SimpleMembership database without Entity Framework migration schema
((IObjectContextAdapter)context).ObjectContext.CreateDatabase();
}
}
WebSecurity.InitializeDatabaseConnection("DefaultConnection", "Users", "UserId", "UserName", autoCreateTables: true);
}
catch (Exception ex)
{
throw new InvalidOperationException("The ASP.NET Simple Membership database could not be initialized. For more information, please see http://go.microsoft.com/fwlink/?LinkId=256588", ex);
}
}
public override void AddUsersToRoles(string[] usernames, string[] roleNames)
{
using (var db = new MembershipContext())
{
var strComparer = new StringEqualityComparer();
var users = db.Users.Where(u => usernames.Contains(u.UserName, strComparer)).Include(u => u.Roles).ToList();
Role[] roles = db.Roles.Where(r => roleNames.Contains(r.RoleName, strComparer)).Select(r => r.RoleId).ToArray();
if ((users != null && users.Count > 0) && (roles != null && roles.Length > 0))
{
foreach (var user in users)
{
Role[] userRoles = user.Roles.Select(r => r.RoleId).ToArray();
Role[] missingRoles = roles.Where(r => !userRoles.Contains(r)).ToArray();
for (int i = 0; i < missingRoles.Length; i++)
{
user.Roles.Add(new UserUserRole() { RoleId = missingRoles[i] });
}
}
db.SaveChanges();
}
}
}
public ActionResult Login(LoginModel model, string returnUrl)
{
if (ModelState.IsValid)
{
User user;
bool userIsValid = false;
using (var db = new MembershipContext())
{
user = db.Users.FirstOrDefault(u => string.Compare(u.UserName, model.UserName, true) == 0);
var memProvider = (EqmMembershipProvider)Membership.Provider;
userIsValid = memProvider.ValidateUser(user, model.Password);
if (userIsValid)
{
user.LastLoginDate = DateTime.Now;
db.SaveChanges();
}
};
if (userIsValid && !user.IsGoogleAuthenticatorEnabled)
{
FormsAuthentication.SetAuthCookie(model.UserName, model.RememberMe);
return RedirectToLocal(returnUrl);
}
else if (userIsValid && user.IsGoogleAuthenticatorEnabled)
{
// redirect to the Google two-factor view
return RedirectToAction("Authenticate", "TwoFactor", new { UserName = model.UserName, RememberMe = model.RememberMe, ReturnUrl = returnUrl });
}
}
// If we got this far, something failed, redisplay form
ModelState.AddModelError("", "The user name or password provided is incorrect.");
return View(model);
}
public override DateTime GetCreateDate(string userName)
{
User user;
using (var db = new MembershipContext())
{
user = db.Users.FirstOrDefault(u => string.Compare(u.UserName, userName, true) == 0);
};
return user != null ? user.CreationDate : DateTime.MinValue;
}
public override string[] GetRolesForUser(string username)
{
string[] roles = new string[0];
using (var db = new MembershipContext())
{
var user = db.Users.Include(u => u.Roles).FirstOrDefault(u => string.Compare(u.UserName, username, true) == 0);
Role[] userRoles = user != null
? (from r in user.Roles select r.RoleId).ToArray()
: new Role[0];
roles = userRoles.Length > 0
? (from r in db.Roles where userRoles.Contains(r.RoleId) select r.RoleName).ToArray()
: new string[0];
}
return roles;
}
public override void RemoveUsersFromRoles(string[] usernames, string[] roleNames)
{
using (var db = new MembershipContext())
{
var strComparer = new StringEqualityComparer();
UserUserRole[] userRoles = (from u in db.Users
join ur in db.UserRoles on u.UserId equals ur.UserId
join r in db.Roles on ur.RoleId equals r.RoleId
where usernames.Contains(u.UserName, strComparer)
&& roleNames.Contains(r.RoleName, strComparer)
select ur).ToArray();
DbSet<UserUserRole> dbSet = db.Set<UserUserRole>();
foreach (var uRole in userRoles)
{
if (db.Entry(uRole).State == System.Data.EntityState.Detached)
dbSet.Attach(uRole);
dbSet.Remove(uRole);
}
if (userRoles.Length > 0) db.SaveChanges();
}
}
public override bool RoleExists(string roleName)
{
bool roleExists = false;
using (var db = new MembershipContext())
{
roleExists = db.Roles.FirstOrDefault(r => string.Compare(r.RoleName, roleName, true) == 0) != null;
}
return roleExists;
}
public override string[] GetUsersInRole(string roleName)
{
string[] userNames = new string[0];
using (var db = new MembershipContext())
{
var role = db.Roles.FirstOrDefault(r => string.Compare(r.RoleName, roleName, true) == 0);
if (role != null)
{
userNames = (from u in db.Users
join ur in db.UserRoles on u.UserId equals ur.UserId
where ur.RoleId == role.RoleId
select u.UserName).ToArray();
}
}
return userNames;
}
public override bool IsUserInRole(string username, string roleName)
{
bool isUserInRole = false;
using (var db = new MembershipContext())
{
User user = (from u in db.Users
join ur in db.UserRoles on u.UserId equals ur.UserId
join r in db.Roles on ur.RoleId equals r.RoleId
where (string.Compare(u.UserName, username, true) == 0
&& string.Compare(r.RoleName, roleName, true) == 0)
select u).FirstOrDefault();
isUserInRole = user != null;
}
return isUserInRole;
}
public override MembershipUser GetUser(object providerUserKey, bool userIsOnline)
{
User user;
using (var db = new MembershipContext())
{
user = db.Users.FirstOrDefault(u => u.UserId == Convert.ToInt32(providerUserKey));
};
var memberUser = user != null ? new EqmMembershipUser(this.Name, user) : new EqmMembershipUser();
if (userIsOnline) memberUser.LastActivityDate = DateTime.Now;
return memberUser;
}
public override MembershipUser GetUser(string username, bool userIsOnline)
{
User user;
using (var db = new MembershipContext())
{
user = db.Users.FirstOrDefault(u => string.Compare(u.UserName, username, true) == 0);
};
var memberUser = user != null ? new EqmMembershipUser(this.Name, user) : new EqmMembershipUser();
if (userIsOnline) memberUser.LastActivityDate = DateTime.Now;
return memberUser;
}
public override string CreateUserAndAccount(string userName, string password, bool requireConfirmation, IDictionary<string, object> values)
{
var newUser = new User() { UserName = userName };
newUser.EncryptedPassword = password.EncryptSha512(newUser.Salt);
newUser.IsGoogleAuthenticatorEnabled = (bool)values["IsGoogleAuthenticatorEnabled"];
newUser.TwoFactorSecret = TwoFactorSecretGenerator.GenerateSecretKey();
newUser.CreationDate = newUser.LastLoginDate = DateTime.Now;
using (var db = new MembershipContext())
{
db.Set<User>().Add(newUser);
db.SaveChanges();
}
return newUser.UserId.ToString();
}
public ActionResult ShowTwoFactorSecret(ShowTwoFactorSecretViewModel model)
{
using (var db = new MembershipContext())
{
User user = db.Users.Single(u => u.UserId == WebSecurity.CurrentUserId);
if (TwoFactorPasswordGenerator.GenerateTimeBasedPassword(user.TwoFactorSecret) != model.TwoFactorCode)
{
ModelState.AddModelError("TwoFactorCode", "The Code is not valid");
model.SecretKey = Base32.Base32Encoder.Encode(System.Text.Encoding.ASCII.GetBytes(user.TwoFactorSecret));
user.IsGoogleAuthenticatorEnabled = model.EnableTwoFactorAuthentication = false;
return View(model);
}
else
{
user.IsGoogleAuthenticatorEnabled = true;
}
db.SaveChanges();
}
return RedirectToAction("Index", "Home");
}
//
// GET: /Account/ShowTwoFactorSecret
public ActionResult ShowTwoFactorSecret()
{
ShowTwoFactorSecretViewModel model = null;
using (var db = new MembershipContext())
{
User user = db.Users.Single(u => u.UserId == WebSecurity.CurrentUserId);
model = new ShowTwoFactorSecretViewModel()
{
UserName = user.UserName,
EnableTwoFactorAuthentication = user.IsGoogleAuthenticatorEnabled,
SecretKey = Base32.Base32Encoder.Encode(System.Text.Encoding.ASCII.GetBytes(user.TwoFactorSecret))
};
}
return View(model);
}
public override bool ChangePassword(string username, string oldPassword, string newPassword)
{
bool isPwdChanged = false;
using (var db = new MembershipContext())
{
User user = db.Users.FirstOrDefault(u => string.Compare(u.UserName, username, true) == 0);
if (ValidateUser(user, oldPassword))
{
user.EncryptedPassword = newPassword.EncryptSha512(user.Salt);
db.SaveChanges();
isPwdChanged = true;
}
};
return isPwdChanged;
}
public override bool ValidateUser(string username, string password)
{
User user;
using (var db = new MembershipContext())
{
user = db.Users.FirstOrDefault(u => string.Compare(u.UserName, username, true) == 0);
};
return ValidateUser(user, password);
}
