public async Task<IActionResult> Login(string ReturnUrl)
        {
            //auto-authorizing if DB disabled or AllowFullAccessWithoutAuthorization is true
            if (SystemController.webServerRules.AllowFullAccessWithoutAuthorization
                || !SystemController.dataBaseConfig.Enable)
            {
                User user = new User
                {
                    Name = "Admin",
                    Password = "******"
                };

                user.SetClaims(Users.User.GetAllClaims());

                await Authenticate(user);

                if (!String.IsNullOrEmpty(ReturnUrl))
                    return Redirect(ReturnUrl);

                return RedirectToAction("Index", "Home");
            }

            ViewBag.ReturnUrl = ReturnUrl;

            return View(new LoginModel());
        }
        public int AddUser(User user)
        {
            db.Users.Add(user);
            db.SaveChanges();

            return user.Id;
        }
 public int AddUser(User user)
 {
     using (var db = new SqlConnection(connectionString))
     {
         db.Open();
         var sqlQuery = "INSERT INTO [Users] (Name, Email, Password,ClaimsJson) "
                        +
                        "VALUES(@Name, @Email, @Password,@ClaimsJson); "
                        + "SELECT CAST(SCOPE_IDENTITY() as int)";
         return db.Query<int>(sqlQuery, user).Single();
     }
 }
 public void UpdateUser(User user)
 {
     using (var db = new SqlConnection(connectionString))
     {
         db.Open();
         var sqlQuery =
             "UPDATE [Users] SET " +
             "Name = @Name, " +
             "Email  = @Email, " +
             "Password = @Password, " +
             "ClaimsJson = @ClaimsJson " +
             "WHERE Id = @Id";
         db.Execute(sqlQuery, user);
     }
 }
        public IActionResult Edit(User model)
        {
            if (db == null)
                return View("Error", NO_DB_ERROR);

            User user = db.GetUser(model.Name);
            if (user == null)
                return HttpBadRequest();

            user.Email = model.Email;
            db.UpdateUser(user);

            return RedirectToAction("List");
        }
        private async Task Authenticate(User user)
        {
            var claims = new List<Claim>();
            claims.Add(new Claim("Name", user.Name));

            if (user.GetClaims() != null)
                foreach (var claim in user.GetClaims())
                {
                    claims.Add(new Claim(claim, ""));
                }

            ClaimsIdentity id = new ClaimsIdentity(claims, "ApplicationCookie", ClaimsIdentity.DefaultNameClaimType, ClaimsIdentity.DefaultRoleClaimType);

            await HttpContext.Authentication.SignInAsync("Cookies", new ClaimsPrincipal(id));
        }
        public async Task<IActionResult> Register(RegisterModel model)
        {
            if (!SystemController.webServerRules.AllowRegistrationOfNewUsers)
                return View("Error", "Registration of new users is prohibited. Please contact administrator.");

            if (db == null)
                return View("Error", NO_DB_ERROR);

            if (ModelState.IsValid)
            {
                User user = db.GetUser(model.Name);
                if (user == null)
                {
                    user = new User()
                    {
                        Name = model.Name,
                        Email = model.Email,
                        Password = model.Password,
                    };

                    db.AddUser(user);

                    await Authenticate(user);

                    return RedirectToAction("Index", "Home");
                }

                ModelState.AddModelError("", "User already exists");
            }
            return View(model);
        }
        public async Task<IActionResult> UserProfile(RegisterModel model)
        {
            //prevent start wizard if already passed
            if (!bool.Parse(configuration["FirstRun"]))
                return View("Error", ALREADY_PASSED_MESSAGE);

            //redirect to first step if user came this url directly
            if (SystemController.dataBaseConfig == null)
                return RedirectToAction("Index");

            IUsersRepository db = SystemController.usersDb;

            if (ModelState.IsValid)
            {
                User user = db.GetUser(model.Name);
                if (user == null)
                {
                    user = new User()
                    {
                        Name = model.Name,
                        Email = model.Email,
                        Password = model.Password,
                    };

                    user.SetClaims(Users.User.GetAllClaims());

                    db.AddUser(user);

                    await Authenticate(user);

                    return RedirectToAction("Complete");
                }

                ModelState.AddModelError("", "User already exists");
            }
            return View(model);
        }
        public async Task<IActionResult> UserProfile()
        {
            //prevent start wizard if already passed
            if (!bool.Parse(configuration["FirstRun"]))
                return View("Error", ALREADY_PASSED_MESSAGE);

            //redirect to first step if user came this url directly
            if (SystemController.dataBaseConfig == null)
                return RedirectToAction("Index");

            if (!SystemController.dataBaseConfig.Enable)
            {
                User user = new User
                {
                    Name = "Admin",
                    Password = "******"
                };

                user.SetClaims(Users.User.GetAllClaims());

                await Authenticate(user);

                return View("UserProfileNoDatabase");
            }

            if (SystemController.usersDb.GetUsersCount() > 0)
                ViewBag.CanSkip = true;

            return View(new RegisterModel());
        }
 public void UpdateUser(User user)
 {
     db.Users.Update(user);
     db.SaveChanges();
 }