public async Task<HttpResponseMessage> Login([FromBody] string assertion) { if (assertion == null) { return new HttpResponseMessage(HttpStatusCode.BadRequest); } using (var client = new HttpClient()) { var content = new FormUrlEncodedContent( new Dictionary<string, string> { { "assertion", assertion }, { "audience", Request.RequestUri.Host }, } ); var result = await client.PostAsync("https://verifier.login.persona.org/verify", content); result.EnsureSuccessStatusCode(); var stringresult = await result.Content.ReadAsStringAsync(); dynamic jsonresult = JsonConvert.DeserializeObject<dynamic>(stringresult); if (jsonresult.status == "okay") { string email = jsonresult.email; string userName = null; if (User.Identity.IsAuthenticated) { userName = User.Identity.Name; } else { userName = OAuthWebSecurity.GetUserName("Persona", email); if (userName == null) { userName = email; // TODO: prompt for user name using (UsersContext db = new UsersContext()) { UserProfile user = db.UserProfiles.FirstOrDefault(u => u.UserName.ToLower() == userName.ToLower()); // Check if user already exists if (user == null) { // Insert name into the profile table db.UserProfiles.Add(new UserProfile { UserName = userName }); db.SaveChanges(); } } } } OAuthWebSecurity.CreateOrUpdateAccount("Persona", email, userName); FormsAuthentication.SetAuthCookie(email, false); return new HttpResponseMessage(HttpStatusCode.OK); } } return new HttpResponseMessage(HttpStatusCode.Forbidden); }
public SimpleMembershipInitializer() { Database.SetInitializer<UsersContext>(null); try { using (var context = new UsersContext()) { if (!context.Database.Exists()) { // Create the SimpleMembership database without Entity Framework migration schema ((IObjectContextAdapter)context).ObjectContext.CreateDatabase(); } } WebSecurity.InitializeDatabaseConnection("DefaultConnection", "UserProfile", "UserId", "UserName", autoCreateTables: true); } catch (Exception ex) { throw new InvalidOperationException("The ASP.NET Simple Membership database could not be initialized. For more information, please see http://go.microsoft.com/fwlink/?LinkId=256588", ex); } }
public ActionResult ExternalLoginConfirmation(RegisterExternalLoginModel model, string returnUrl) { string provider = null; string providerUserId = null; if (User.Identity.IsAuthenticated || !OAuthWebSecurity.TryDeserializeProviderUserId(model.ExternalLoginData, out provider, out providerUserId)) { return RedirectToAction("Manage"); } if (ModelState.IsValid) { // Insert a new user into the database using (UsersContext db = new UsersContext()) { UserProfile user = db.UserProfiles.FirstOrDefault(u => u.UserName.ToLower() == model.UserName.ToLower()); // Check if user already exists if (user == null) { // Insert name into the profile table db.UserProfiles.Add(new UserProfile { UserName = model.UserName }); db.SaveChanges(); OAuthWebSecurity.CreateOrUpdateAccount(provider, providerUserId, model.UserName); OAuthWebSecurity.Login(provider, providerUserId, createPersistentCookie: false); return RedirectToLocal(returnUrl); } else { ModelState.AddModelError("UserName", "User name already exists. Please enter a different user name."); } } } ViewBag.ProviderDisplayName = OAuthWebSecurity.GetOAuthClientData(provider).DisplayName; ViewBag.ReturnUrl = returnUrl; return View(model); }