public async Task <IActionResult> CompleteRegistration([FromBody] CompleteRegistrationModel model)
{
var confirmEmailResult = await ConfirmEmail(model.UserId, model.ConfirmationCode);
if (confirmEmailResult != null)
{
return(confirmEmailResult);
}
var user = await _userManager.FindByIdAsync(model.UserId);
if (user.IsRegistrationFinished)
{
return(BadRequest(new RegistrationAlreadyFinishedResponse()));
}
var result = await _userManager.AddPasswordAsync(user, model.Password);
if (!result.Succeeded)
{
return(BadRequest(new IdentityBadRequestResponse(ModelState, result)));
}
user.FirstName = model.FirstName;
user.LastName = model.LastName;
user.IsRegistrationFinished = true;
await _userManager.UpdateAsync(user);
await _userManager.AddToRolesAsync(user, new[] { UserRoles.User });
return(Ok());
}
public async Task <IActionResult> CompleteRegistration(string userId, string code)
{
if (userId == null || code == null)
{
return(this.RedirectToAction(nameof(HomeController.Index), "Home"));
}
var user = await this.userManager.FindByIdAsync(userId);
if (user == null)
{
// don't reveal that the user does not exist
return(this.RedirectToAction(nameof(HomeController.Index), "Home"));
}
var isValidToken = await this.userManager.VerifyUserTokenAsync(user, this.userManager.Options.Tokens.PasswordResetTokenProvider, "ResetPassword", code);
if (!isValidToken)
{
// don't reveal that the user does not exist
return(this.RedirectToAction(nameof(HomeController.Index), "Home"));
}
var model = new CompleteRegistrationModel {
UserId = userId, Username = user.UserName, Code = code
};
return(this.View(model));
}
public async Task <HttpResponseMessage> CompleteRegistration(CompleteRegistrationModel model)
{
if (!ModelState.IsValid)
{
return(InvalidModelState(ModelState));
}
var user = new User();
var aspNetUser = new AspNetUser();
using (var context = DB)
{
using (var dbTrans = context.Database.BeginTransaction())
{
try
{
user.FirstName = model.FirstName;
user.LastName = model.LastName;
user.AllowNotification = false;
user.JoinedDate = DateTime.UtcNow;
context.Users.Add(user);
await DB.SaveChangesAsync();
aspNetUser = context.AspNetUsers.Where(a => a.Id == this.CurrentAspNetUserId).FirstOrDefault();
if (aspNetUser == null)
{
dbTrans.Rollback();
return(StatusNotFound());
}
aspNetUser.UserId = user.Id;
await context.SaveChangesAsync();
dbTrans.Commit();
}
catch (DbEntityValidationException e)
{
dbTrans.Rollback();
throw new Exception("Error while creating entry", e);
}
}
}
return(StatusOk(new RegistrationCompletedModel()
{
UserId = user.Id,
UserName = aspNetUser.Email
}));
}
public ActionResult Complete(CompleteRegistrationModel completeRegistrationModel)
{
if (completeRegistrationModel == null)
{
completeRegistrationModel = new CompleteRegistrationModel();
}
if (Request.HttpMethod == "GET")
{
return(View(completeRegistrationModel));
}
if (Request.HttpMethod != "POST")
{
return(new HttpStatusCodeResult((int)HttpStatusCode.MethodNotAllowed));
}
if (ModelState.IsValid)
{
var registrations = from r in _repository.GetAll <Registration>()
where
r.Username == completeRegistrationModel.Username &&
r.EmailAddress == completeRegistrationModel.EmailAddress
orderby r.Expires descending
select r;
var registration = registrations.FirstOrDefault();
if (RegistrationIsValid(registration, completeRegistrationModel))
{
var user = new User
{
Id = Guid.NewGuid(),
Username = registration.Username,
EmailAddress = registration.EmailAddress,
Password = registration.Password
};
_repository.SaveOrUpdate(user);
_authenticator.SetCookie(user.Username);
return(RedirectToAction("Index", "Home"));
}
}
return(View(completeRegistrationModel));
}
public async Task <IActionResult> CompleteRegistration(CompleteRegistrationModel model)
{
if (!this.ModelState.IsValid)
{
return(this.View(model));
}
var user = await this.userManager.FindByIdAsync(model.UserId);
if (user == null)
{
// don't reveal that the user does not exist
return(this.RedirectToAction(nameof(this.CompleteRegistrationConfirmation)));
}
var code = model.Code;
if (model.Username != user.UserName)
{
var setUsernameResult = await this.userManager.SetUserNameAsync(user, model.Username);
if (!setUsernameResult.Succeeded)
{
this.ModelState.AddModelError("Username", setUsernameResult.Errors.FirstOrDefault()?.Description);
return(this.View(model));
}
code = await this.userManager.GeneratePasswordResetTokenAsync(user);
}
var result = await this.userManager.ResetPasswordAsync(user, code, model.Password);
if (!result.Succeeded)
{
this.AddErrors(result);
return(this.View(model));
}
// confirm email
var emailConfirmationToken = await this.userManager.GenerateEmailConfirmationTokenAsync(user);
await this.userManager.ConfirmEmailAsync(user, emailConfirmationToken);
// automatic sign in after registration completed
await this.signInManager.SignInAsync(user, false, "pwd");
return(this.RedirectToAction(nameof(this.CompleteRegistrationConfirmation)));
}
private static bool RegistrationIsValid(Registration latestRegistration, CompleteRegistrationModel completeRegistrationModel)
{
if (latestRegistration == null)
{
return(false);
}
if (latestRegistration.Expires < DateTime.UtcNow)
{
return(false);
}
if (!Cryptography.Verify(latestRegistration.Password, completeRegistrationModel.Password))
{
return(false);
}
if (!Cryptography.Verify(latestRegistration.VerificationCode, completeRegistrationModel.VerificationCode))
{
return(false);
}
return(true);
}
