Exemple #1
0
        public ActionResult LoginResetPassword(LoginResetPasswordModel model)
        {
            // clears the errors from the model
            model.ClearToaster();
            // check for simple warnings
            var isValid = true;

            // makes sure we don't have any empty fields
            if (String.IsNullOrEmpty(model.Password))
            {
                model.AddError(GlobalErrors.EmptyFields);
                isValid = false;
            }
            if (!CredentialsHelper.IsPasswordValid(model.Password)) // check password is valid
            {
                model.AddError(RegistrationErrors.InvalidPassword);
                isValid = false;
            }
            else // if password is valid get warnings
            {
                model.AddWarnings(CredentialsHelper.GetPasswordWarnings(model.Password));
            }


            if (isValid && !model.HasWarnings())
            {
                using (var e2 = new EntityContext()) // db context
                {
                    var currentUser = SessionHelper.GetSessionUser();
                    if (currentUser == null)
                    {
                        model.AddError(GlobalErrors.ServerError);
                        return(View(model));
                    }
                    var success = Authorize.ResetPassword(currentUser.Email, model.Password, e2);
                    var newUser = Authorize.CredentialsByEmail(currentUser.Email, model.Password, e2);
                    if (!success || newUser == null)
                    {
                        model.AddError(GlobalErrors.ServerError);
                        return(View(model));
                    }
                    else
                    {
                        //if username and password is correct, create session and return Success
                        SessionHelper.SetSessionUser(newUser);
                        FormsAuthentication.SetAuthCookie(newUser.Username, true);
                        model = new LoginResetPasswordModel();
                        model.AddSuccess(ResetPasswordSuccessEnum.PasswordReset);
                        return(View(model));
                    }
                }
            }
            // if we got here there was an error
            return(View(model));
        }
Exemple #2
0
        public ActionResult Login(LoginModel model)
        {
            // clears the errors from the model
            model.ClearToaster();
            // checks if the user passed in their login data
            if (!String.IsNullOrEmpty(model.UsernameOrEmail) && !String.IsNullOrEmpty(model.Password))
            {
                using (var e = new EntityContext()) // db context
                {
                    //check username and password from database
                    CachedUser cachedUser = null;
                    var        isEmail    = CredentialsHelper.IsEmailValid(model.UsernameOrEmail);
                    if (isEmail) // is an email
                    {
                        cachedUser = Authorize.CredentialsByEmail(model.UsernameOrEmail, model.Password, e);
                    }
                    else // is username
                    {
                        cachedUser = Authorize.CredentialsByUsername(model.UsernameOrEmail, model.Password, e);
                    }

                    if (cachedUser != null)
                    {
                        //if username and password is correct, create session and return Success
                        SessionHelper.SetSessionUser(cachedUser);
                        FormsAuthentication.SetAuthCookie(cachedUser.Username, true);

                        // goes to home screen or previous screen
                        FormsAuthentication.RedirectFromLoginPage(cachedUser.Username, true);
                    }
                    // check if we can give any more detail to errors
                    var errors = Authorize.GetAuthorizeErrors();
                    if (!errors.Any()) // if no errors, throw unknown error
                    {
                        model.AddError(LoginErrors.UnknownError);
                    }
                    // if the user does not have the right username and password, don't give any more info
                    else if (errors.Contains(Authorize.AuthorizeErrorsEnum.PasswordNotVerified) ||
                             errors.Contains(Authorize.AuthorizeErrorsEnum.NoLoginData))
                    {
                        model.AddError(LoginErrors.InvalidUsernameOrPassword);
                    }
                    else // checks to see if we can find another issue
                    {
                        if (errors.Contains(Authorize.AuthorizeErrorsEnum.EmailNotConfirmed))
                        {
                            model.AddError(LoginErrors.EmailNotConfirmed);
                        }
                        if (errors.Contains(Authorize.AuthorizeErrorsEnum.LoginSuspended))
                        {
                            model.AddError(LoginErrors.Suspended);
                        }
                    }
                }
            }
            else
            {
                // throws a EmptyUsernameOrPassword error
                model.AddError(GlobalErrors.EmptyFields);
            }
            // if we got here there was an error
            return(View(model));
        }