public override void AddUsersToRoles(string[] usernames, string[] roleNames) { using (var db = new MembershipContext()) { var strComparer = new StringEqualityComparer(); var users = db.Users.Where(u => usernames.Contains(u.UserName, strComparer)).Include(u => u.Roles).ToList(); Role[] roles = db.Roles.Where(r => roleNames.Contains(r.RoleName, strComparer)).Select(r => r.RoleId).ToArray(); if ((users != null && users.Count > 0) && (roles != null && roles.Length > 0)) { foreach (var user in users) { Role[] userRoles = user.Roles.Select(r => r.RoleId).ToArray(); Role[] missingRoles = roles.Where(r => !userRoles.Contains(r)).ToArray(); for (int i = 0; i < missingRoles.Length; i++) { user.Roles.Add(new UserUserRole() { RoleId = missingRoles[i] }); } } db.SaveChanges(); } } }
public override void RemoveUsersFromRoles(string[] usernames, string[] roleNames) { using (var db = new MembershipContext()) { var strComparer = new StringEqualityComparer(); UserUserRole[] userRoles = (from u in db.Users join ur in db.UserRoles on u.UserId equals ur.UserId join r in db.Roles on ur.RoleId equals r.RoleId where usernames.Contains(u.UserName, strComparer) && roleNames.Contains(r.RoleName, strComparer) select ur).ToArray(); DbSet<UserUserRole> dbSet = db.Set<UserUserRole>(); foreach (var uRole in userRoles) { if (db.Entry(uRole).State == System.Data.EntityState.Detached) dbSet.Attach(uRole); dbSet.Remove(uRole); } if (userRoles.Length > 0) db.SaveChanges(); } }
public ActionResult Login(LoginModel model, string returnUrl) { if (ModelState.IsValid) { User user; bool userIsValid = false; using (var db = new MembershipContext()) { user = db.Users.FirstOrDefault(u => string.Compare(u.UserName, model.UserName, true) == 0); var memProvider = (EqmMembershipProvider)Membership.Provider; userIsValid = memProvider.ValidateUser(user, model.Password); if (userIsValid) { user.LastLoginDate = DateTime.Now; db.SaveChanges(); } }; if (userIsValid && !user.IsGoogleAuthenticatorEnabled) { FormsAuthentication.SetAuthCookie(model.UserName, model.RememberMe); return RedirectToLocal(returnUrl); } else if (userIsValid && user.IsGoogleAuthenticatorEnabled) { // redirect to the Google two-factor view return RedirectToAction("Authenticate", "TwoFactor", new { UserName = model.UserName, RememberMe = model.RememberMe, ReturnUrl = returnUrl }); } } // If we got this far, something failed, redisplay form ModelState.AddModelError("", "The user name or password provided is incorrect."); return View(model); }
public ActionResult ShowTwoFactorSecret(ShowTwoFactorSecretViewModel model) { using (var db = new MembershipContext()) { User user = db.Users.Single(u => u.UserId == WebSecurity.CurrentUserId); if (TwoFactorPasswordGenerator.GenerateTimeBasedPassword(user.TwoFactorSecret) != model.TwoFactorCode) { ModelState.AddModelError("TwoFactorCode", "The Code is not valid"); model.SecretKey = Base32.Base32Encoder.Encode(System.Text.Encoding.ASCII.GetBytes(user.TwoFactorSecret)); user.IsGoogleAuthenticatorEnabled = model.EnableTwoFactorAuthentication = false; return View(model); } else { user.IsGoogleAuthenticatorEnabled = true; } db.SaveChanges(); } return RedirectToAction("Index", "Home"); }
public override bool ChangePassword(string username, string oldPassword, string newPassword) { bool isPwdChanged = false; using (var db = new MembershipContext()) { User user = db.Users.FirstOrDefault(u => string.Compare(u.UserName, username, true) == 0); if (ValidateUser(user, oldPassword)) { user.EncryptedPassword = newPassword.EncryptSha512(user.Salt); db.SaveChanges(); isPwdChanged = true; } }; return isPwdChanged; }
public override string CreateUserAndAccount(string userName, string password, bool requireConfirmation, IDictionary<string, object> values) { var newUser = new User() { UserName = userName }; newUser.EncryptedPassword = password.EncryptSha512(newUser.Salt); newUser.IsGoogleAuthenticatorEnabled = (bool)values["IsGoogleAuthenticatorEnabled"]; newUser.TwoFactorSecret = TwoFactorSecretGenerator.GenerateSecretKey(); newUser.CreationDate = newUser.LastLoginDate = DateTime.Now; using (var db = new MembershipContext()) { db.Set<User>().Add(newUser); db.SaveChanges(); } return newUser.UserId.ToString(); }