public async Task <IActionResult> CompleteRegistration([FromBody] CompleteRegistrationModel model) { var confirmEmailResult = await ConfirmEmail(model.UserId, model.ConfirmationCode); if (confirmEmailResult != null) { return(confirmEmailResult); } var user = await _userManager.FindByIdAsync(model.UserId); if (user.IsRegistrationFinished) { return(BadRequest(new RegistrationAlreadyFinishedResponse())); } var result = await _userManager.AddPasswordAsync(user, model.Password); if (!result.Succeeded) { return(BadRequest(new IdentityBadRequestResponse(ModelState, result))); } user.FirstName = model.FirstName; user.LastName = model.LastName; user.IsRegistrationFinished = true; await _userManager.UpdateAsync(user); await _userManager.AddToRolesAsync(user, new[] { UserRoles.User }); return(Ok()); }
public async Task <IActionResult> CompleteRegistration(string userId, string code) { if (userId == null || code == null) { return(this.RedirectToAction(nameof(HomeController.Index), "Home")); } var user = await this.userManager.FindByIdAsync(userId); if (user == null) { // don't reveal that the user does not exist return(this.RedirectToAction(nameof(HomeController.Index), "Home")); } var isValidToken = await this.userManager.VerifyUserTokenAsync(user, this.userManager.Options.Tokens.PasswordResetTokenProvider, "ResetPassword", code); if (!isValidToken) { // don't reveal that the user does not exist return(this.RedirectToAction(nameof(HomeController.Index), "Home")); } var model = new CompleteRegistrationModel { UserId = userId, Username = user.UserName, Code = code }; return(this.View(model)); }
public async Task <HttpResponseMessage> CompleteRegistration(CompleteRegistrationModel model) { if (!ModelState.IsValid) { return(InvalidModelState(ModelState)); } var user = new User(); var aspNetUser = new AspNetUser(); using (var context = DB) { using (var dbTrans = context.Database.BeginTransaction()) { try { user.FirstName = model.FirstName; user.LastName = model.LastName; user.AllowNotification = false; user.JoinedDate = DateTime.UtcNow; context.Users.Add(user); await DB.SaveChangesAsync(); aspNetUser = context.AspNetUsers.Where(a => a.Id == this.CurrentAspNetUserId).FirstOrDefault(); if (aspNetUser == null) { dbTrans.Rollback(); return(StatusNotFound()); } aspNetUser.UserId = user.Id; await context.SaveChangesAsync(); dbTrans.Commit(); } catch (DbEntityValidationException e) { dbTrans.Rollback(); throw new Exception("Error while creating entry", e); } } } return(StatusOk(new RegistrationCompletedModel() { UserId = user.Id, UserName = aspNetUser.Email })); }
public ActionResult Complete(CompleteRegistrationModel completeRegistrationModel) { if (completeRegistrationModel == null) { completeRegistrationModel = new CompleteRegistrationModel(); } if (Request.HttpMethod == "GET") { return(View(completeRegistrationModel)); } if (Request.HttpMethod != "POST") { return(new HttpStatusCodeResult((int)HttpStatusCode.MethodNotAllowed)); } if (ModelState.IsValid) { var registrations = from r in _repository.GetAll <Registration>() where r.Username == completeRegistrationModel.Username && r.EmailAddress == completeRegistrationModel.EmailAddress orderby r.Expires descending select r; var registration = registrations.FirstOrDefault(); if (RegistrationIsValid(registration, completeRegistrationModel)) { var user = new User { Id = Guid.NewGuid(), Username = registration.Username, EmailAddress = registration.EmailAddress, Password = registration.Password }; _repository.SaveOrUpdate(user); _authenticator.SetCookie(user.Username); return(RedirectToAction("Index", "Home")); } } return(View(completeRegistrationModel)); }
public async Task <IActionResult> CompleteRegistration(CompleteRegistrationModel model) { if (!this.ModelState.IsValid) { return(this.View(model)); } var user = await this.userManager.FindByIdAsync(model.UserId); if (user == null) { // don't reveal that the user does not exist return(this.RedirectToAction(nameof(this.CompleteRegistrationConfirmation))); } var code = model.Code; if (model.Username != user.UserName) { var setUsernameResult = await this.userManager.SetUserNameAsync(user, model.Username); if (!setUsernameResult.Succeeded) { this.ModelState.AddModelError("Username", setUsernameResult.Errors.FirstOrDefault()?.Description); return(this.View(model)); } code = await this.userManager.GeneratePasswordResetTokenAsync(user); } var result = await this.userManager.ResetPasswordAsync(user, code, model.Password); if (!result.Succeeded) { this.AddErrors(result); return(this.View(model)); } // confirm email var emailConfirmationToken = await this.userManager.GenerateEmailConfirmationTokenAsync(user); await this.userManager.ConfirmEmailAsync(user, emailConfirmationToken); // automatic sign in after registration completed await this.signInManager.SignInAsync(user, false, "pwd"); return(this.RedirectToAction(nameof(this.CompleteRegistrationConfirmation))); }
private static bool RegistrationIsValid(Registration latestRegistration, CompleteRegistrationModel completeRegistrationModel) { if (latestRegistration == null) { return(false); } if (latestRegistration.Expires < DateTime.UtcNow) { return(false); } if (!Cryptography.Verify(latestRegistration.Password, completeRegistrationModel.Password)) { return(false); } if (!Cryptography.Verify(latestRegistration.VerificationCode, completeRegistrationModel.VerificationCode)) { return(false); } return(true); }