/// <summary>
/// MVC and private use only.
/// </summary>
public static void SetFormsAuthCookieAndUser(FormsAuthCapableUser user)
{
if (AppRequestState.Instance.ImpersonatorExists)
{
UserImpersonationStatics.SetCookie(user);
}
else
{
var strictProvider = SystemProvider as StrictFormsAuthUserManagementProvider;
// If the user's role requires enhanced security, require re-authentication every 12 minutes. Otherwise, make it the same as a session timeout.
var authenticationDuration = (strictProvider?.AuthenticationTimeoutInMinutes).HasValue
? TimeSpan.FromMinutes(strictProvider.AuthenticationTimeoutInMinutes.Value)
: user.Role.RequiresEnhancedSecurity ? TimeSpan.FromMinutes(12) : SessionDuration;
var ticket = new FormsAuthenticationTicket(user.UserId.ToString(), false /*meaningless*/, (int)authenticationDuration.TotalMinutes);
AppRequestState.AddNonTransactionalModificationMethod(() => setFormsAuthCookie(ticket));
}
AppRequestState.Instance.SetUser(user);
}
protected override void loadData()
{
var logInPb =
PostBack.CreateFull(
actionGetter:
() =>
new PostBackAction( user.MustChangePassword ? ChangePassword.Page.GetInfo( info.ReturnUrl ) as ResourceInfo : new ExternalResourceInfo( info.ReturnUrl ) ) );
var newPasswordPb = PostBack.CreateFull( id: "newPw", actionGetter: getSendNewPasswordAction );
var registeredTable = EwfTable.Create( caption: "Registered users" );
registeredTable.AddItem(
new EwfTableItem(
( "You may log in to this system if you have registered your email address with " + FormsAuthStatics.SystemProvider.AdministratingCompanyName ).ToCell(
new TableCellSetup( fieldSpan: 2 ) ) ) );
emailAddress = new DataValue<string>();
var emailVl = new BasicValidationList();
registeredTable.AddItem(
new EwfTableItem( "Email address", emailAddress.GetEmailAddressFormItem( "", "Please enter a valid email address.", emailVl ).ToControl() ) );
logInPb.AddValidations( emailVl );
newPasswordPb.AddValidations( emailVl );
var password = new DataValue<string>();
registeredTable.AddItem(
new EwfTableItem(
"Password",
FormItem.Create(
"",
new EwfTextBox( "", masksCharacters: true ),
validationGetter: control => new EwfValidation( ( pbv, v ) => password.Value = control.GetPostBackValue( pbv ), logInPb ) ).ToControl() ) );
if( FormsAuthStatics.PasswordResetEnabled ) {
registeredTable.AddItem(
new EwfTableItem(
new PlaceHolder().AddControlsReturnThis(
"If you are a first-time user and do not know your password, or if you have forgotten your password, ".GetLiteralControl(),
new PostBackButton( newPasswordPb, new TextActionControlStyle( "click here to immediately send yourself a new password." ), usesSubmitBehavior: false ) )
.ToCell( new TableCellSetup( fieldSpan: 2 ) ) ) );
}
ph.AddControlsReturnThis( registeredTable );
var specialInstructions = EwfUiStatics.AppProvider.GetSpecialInstructionsForLogInPage();
if( specialInstructions != null )
ph.AddControlsReturnThis( specialInstructions );
else {
var unregisteredTable = EwfTable.Create( caption: "Unregistered users" );
unregisteredTable.AddItem( new EwfTableItem( "If you have difficulty logging in, please " + FormsAuthStatics.SystemProvider.LogInHelpInstructions ) );
ph.AddControlsReturnThis( unregisteredTable );
}
EwfUiStatics.SetContentFootActions( new ActionButtonSetup( "Log In", new PostBackButton( logInPb ) ) );
var logInMethod = FormsAuthStatics.GetLogInMethod(
this,
emailAddress,
password,
getUnregisteredEmailMessage(),
"Incorrect password. If you do not know your password, enter your email address and send yourself a new password using the link below.",
logInPb );
logInPb.AddModificationMethod( () => user = logInMethod() );
}
private static void setFormsAuthCookieAndUser( FormsAuthCapableUser user )
{
if( AppRequestState.Instance.ImpersonatorExists )
UserImpersonationStatics.SetCookie( user );
else {
var strictProvider = SystemProvider as StrictFormsAuthUserManagementProvider;
// If the user's role requires enhanced security, require re-authentication every 12 minutes. Otherwise, make it the same as a session timeout.
var authenticationDuration = strictProvider != null && strictProvider.AuthenticationTimeoutInMinutes.HasValue
? TimeSpan.FromMinutes( strictProvider.AuthenticationTimeoutInMinutes.Value )
: user.Role.RequiresEnhancedSecurity ? TimeSpan.FromMinutes( 12 ) : SessionDuration;
var ticket = new FormsAuthenticationTicket( user.UserId.ToString(), false /*meaningless*/, (int)authenticationDuration.TotalMinutes );
AppRequestState.AddNonTransactionalModificationMethod( () => setFormsAuthCookie( ticket ) );
}
AppRequestState.Instance.SetUser( user );
}
/// <summary>
/// Call this during LoadData.
/// </summary>
/// <param name="userId"></param>
/// <param name="vl"></param>
/// <param name="availableRoles">Pass a restricted list of <see cref="Role"/>s the user may select. Otherwise, Roles available
/// in the System Provider are used.</param>
/// <param name="validationPredicate">If the function returns true, validation continues.</param>
public void LoadData( int? userId, ValidationList vl, List<Role> availableRoles = null, Func<bool> validationPredicate = null )
{
availableRoles = ( availableRoles != null ? availableRoles.OrderBy( r => r.Name ) : UserManagementStatics.SystemProvider.GetRoles() ).ToList();
user = userId.HasValue ? UserManagementStatics.GetUser( userId.Value, true ) : null;
if( includePasswordControls() && user != null )
facUser = FormsAuthStatics.GetUser( user.UserId, true );
Func<bool> validationShouldRun = () => validationPredicate == null || validationPredicate();
var b = FormItemBlock.CreateFormItemTable( heading: "Security Information" );
b.AddFormItems(
FormItem.Create(
"Email address",
new EwfTextBox( user != null ? user.Email : "" ),
validationGetter: control => new EwfValidation(
( pbv, validator ) => {
if( validationShouldRun() )
Email = validator.GetEmailAddress( new ValidationErrorHandler( "email address" ), control.GetPostBackValue( pbv ), false );
},
vl ) ) );
if( includePasswordControls() ) {
var group = new RadioButtonGroup( false );
var keepPassword = FormItem.Create(
"",
group.CreateInlineRadioButton( true, label: userId.HasValue ? "Keep the current password" : "Do not create a password" ),
validationGetter: control => new EwfValidation(
( pbv, validator ) => {
if( !validationShouldRun() || !control.IsCheckedInPostBack( pbv ) )
return;
if( user != null ) {
Salt = facUser.Salt;
SaltedPassword = facUser.SaltedPassword;
MustChangePassword = facUser.MustChangePassword;
}
else
genPassword( false );
},
vl ) );
var generatePassword = FormItem.Create(
"",
group.CreateInlineRadioButton( false, label: "Generate a " + ( userId.HasValue ? "new, " : "" ) + "random password and email it to the user" ),
validationGetter: control => new EwfValidation(
( pbv, validator ) => {
if( validationShouldRun() && control.IsCheckedInPostBack( pbv ) )
genPassword( true );
},
vl ) );
var newPassword = new DataValue<string>();
var confirmPassword = new DataValue<string>();
var newPasswordTable = EwfTable.Create( style: EwfTableStyle.StandardExceptLayout );
newPasswordTable.AddItem(
new EwfTableItem(
"Password",
FormItem.Create(
"",
new EwfTextBox( "", masksCharacters: true, disableBrowserAutoComplete: true ) { Width = Unit.Pixel( 200 ) },
validationGetter: control => new EwfValidation( ( pbv, v ) => newPassword.Value = control.GetPostBackValue( pbv ), vl ) ).ToControl() ) );
newPasswordTable.AddItem(
new EwfTableItem(
"Password again",
FormItem.Create(
"",
new EwfTextBox( "", masksCharacters: true, disableBrowserAutoComplete: true ) { Width = Unit.Pixel( 200 ) },
validationGetter: control => new EwfValidation( ( pbv, v ) => confirmPassword.Value = control.GetPostBackValue( pbv ), vl ) ).ToControl() ) );
var providePasswordRadio = group.CreateBlockRadioButton( false, label: "Provide a " + ( userId.HasValue ? "new " : "" ) + "password" );
providePasswordRadio.NestedControls.Add( newPasswordTable );
var providePassword = FormItem.Create(
"",
providePasswordRadio,
validationGetter: control => new EwfValidation(
( pbv, validator ) => {
if( !validationShouldRun() || !control.IsCheckedInPostBack( pbv ) )
return;
FormsAuthStatics.ValidatePassword( validator, newPassword, confirmPassword );
var p = new Password( newPassword.Value );
Salt = p.Salt;
SaltedPassword = p.ComputeSaltedHash();
MustChangePassword = false;
},
vl ) );
b.AddFormItems(
FormItem.Create( "Password", ControlStack.CreateWithControls( true, keepPassword.ToControl(), generatePassword.ToControl(), providePassword.ToControl() ) ) );
}
b.AddFormItems(
FormItem.Create(
"Role",
SelectList.CreateDropDown(
from i in availableRoles select SelectListItem.Create( i.RoleId as int?, i.Name ),
user != null ? user.Role.RoleId as int? : null ),
validationGetter: control => new EwfValidation(
( pbv, validator ) => {
if( validationShouldRun() )
RoleId = control.ValidateAndGetSelectedItemIdInPostBack( pbv, validator ) ?? default ( int );
},
vl ) ) );
Controls.Add( b );
}
