public async Task <IActionResult> ExternalLoginCallback(string returnUrl = null, string remoteError = null) { if (remoteError != null) { ModelState.AddModelError(string.Empty, $"Error from external provider: {remoteError}"); return(View(nameof(Login))); } ExternalLoginInfo info = await _signInManager.GetExternalLoginInfoAsync(); if (info == null) { return(RedirectToAction(nameof(Login))); } // Sign in the user with this external login provider if the user already has a login. //var result = await _signInManager.ExternalLoginSignInAsync(info.LoginProvider, info.ProviderKey, isPersistent: false); //if (result.Succeeded) //{ // _logger.LogInformation(5, "User logged in with {Name} provider.", info.LoginProvider); // return RedirectToLocal(returnUrl); //} //if (result.RequiresTwoFactor) //{ // return RedirectToAction(nameof(SendCode), new { ReturnUrl = returnUrl }); //} //if (result.IsLockedOut) //{ // return View("Lockout"); //} else { // If the user does not have an account, then ask the user to create an account. ViewData["ReturnUrl"] = returnUrl; ViewData["LoginProvider"] = info.LoginProvider; string email = info.Principal.FindFirstValue(ClaimTypes.Email); DboCredentialAlternate dbAltObj = _context.DboCredentialAlternate.SingleOrDefault(m => m.Vchr64UserName == email.Trim()); if (dbAltObj != null) { DboCredential dbCrObj = _context.DboCredential.SingleOrDefault(m => m.BintId == dbAltObj.BintPrimaryCredentialId && m.BEnabled == true); if (dbCrObj != null) { SetSessionUserName(dbCrObj.Vchr32Name); return(RedirectToAction(nameof(HomeController.Index), "Home", new { debug = "" })); } } return(View("ExternalLoginConfirmation", new ExternalLoginConfirmationViewModel { Email = email })); } }
public IActionResult ExternalLogin(string provider, string returnUrl = null) { string[] provInfo = provider.Split('-'); if (provInfo.Length > 1) { //This method will hit when we user wants to delete the exisitng account provInfo.Last(); DboCredential dbCr = _context.DboCredential.SingleOrDefault(m => m.Vchr32Name == GettSessionUserName()); if (dbCr != null) { List <DboCredentialAlternate> dlist = _context.DboCredentialAlternate.Where(m => m.BintPrimaryCredentialId == dbCr.BintId && m.ICredentialTypeId == Convert.ToInt32(provInfo.Last())).ToList(); if (dlist.Count() > 1) { DboCredentialAlternate dbCrAld = _context.DboCredentialAlternate.FirstOrDefault(m => m.BintPrimaryCredentialId == dbCr.BintId && m.ICredentialTypeId == Convert.ToInt32(provInfo.Last()) && !m.DtInactivated.HasValue); dbCrAld.DtInactivated = DateTime.Now; _context.DboCredentialAlternate.Update(dbCrAld); _context.SaveChanges(); } else { DboCredentialAlternate dbCrAl = _context.DboCredentialAlternate.SingleOrDefault(m => m.BintPrimaryCredentialId == dbCr.BintId && m.ICredentialTypeId == Convert.ToInt32(provInfo.Last())); dbCrAl.DtInactivated = DateTime.Now; _context.DboCredentialAlternate.Update(dbCrAl); _context.SaveChanges(); } return(RedirectToAction(nameof(HomeController.Index), "Home", new { debug = "d" })); } else { ViewData["ErrorMessage"] = "Seems there is an error"; return(View()); } } else { //This method will hit when we user wants to add any external account string redirectUrl = Url.Action("ExternalLoginCallback", "Credentials", new { ReturnUrl = returnUrl }); var properties = _signInManager.ConfigureExternalAuthenticationProperties(provider, redirectUrl); return(Challenge(properties, provider)); } // Request a redirect to the external login provider. }
/// <summary> /// /// </summary> /// <returns></returns> //step 1 user hits the site public IActionResult Index() { //step 11 check whether user using self registration link. if (HttpContext.Request.Query["token"].ToString() != string.Empty) { string token = HttpContext.Request.Query["token"].ToString(); //step 13 return(RedirectToAction("VerifyEmail", "Account", new { token = token })); //return this.VerifyEmail(email); } else { //step 2 checking user is in our network. string logusr = User.Identity.Name; //string logusr = User.Identity.Name; WindowsIdentity loggedInUser = HttpContext.User.Identity as WindowsIdentity; //if (loggedInUser?.User?.AccountDomainSid?.Value == "S-1-5-21-2610387755-854405893-26240035430") //string sid = _context.DboSystemConfiguration.SingleOrDefault(m => m.IId == 50).v; if (loggedInUser?.User?.AccountDomainSid?.Value == "S-1-5-21-2610387755-854405893-26240035430") { // DboCredentialAlternate userCred = _context.DboCredentialAlternate.SingleOrDefault(m => m.Vchr64UserName == GetLoggedInUser(loggedInUser)); string[] winLoginNameTrim = loggedInUser.Name.Split('\\'); string winLoginName = winLoginNameTrim.Last(); TempData["UserName"] = winLoginName; SetSessionUserName(winLoginName); //step 3 checking in CredentialAlternate table DboCredentialAlternate userCred = _context.DboCredentialAlternate.SingleOrDefault(m => m.Vchr64UserName == loggedInUser.Name); if (userCred != null) { // step 4 Checking in credential table DboCredential userObject = _context.DboCredential.SingleOrDefault(m => m.BintId == userCred.BintPrimaryCredentialId && m.BEnabled == true); if (userObject != null) { //stpe 5 sign on return(RedirectToAction(nameof(CredentialsController.ManageCredentials), "Credentials", new { actiontype = "ad" })); } } //step 6 creating records for the user. new BusinessLayer(_context).CreateWindowsUserCredential(winLoginName, loggedInUser.Name); return(RedirectToAction(nameof(CredentialsController.ManageCredentials), "Credentials", new { actiontype = "ad" })); } else { //getting IP address and checking against CredentialOrganizationInfo table string remoteIpAddress = HttpContext.Features.Get <IHttpConnectionFeature>()?.RemoteIpAddress.ToString(); //step 26 checking IP address in COI. DboCredentialOrganizationInfo creOrg = _context.DboCredentialOrganizationInfo.SingleOrDefault(m => m.Vchr40Ip == remoteIpAddress && m.BAllowIpsignon == true); if (creOrg != null) { //step 11 Checking in Credential table DboCredential userObject = _context.DboCredential.SingleOrDefault(m => m.BintId == creOrg.BintCredentialId && m.BEnabled == true); if (userObject != null) { //step 16 sign on as org TempData["UserName"] = userObject.Vchr32Name; HttpContext.Session.SetString("lUserName", userObject.Vchr32Name); return(RedirectToAction(nameof(CredentialsController.ManageCredentials), "Credentials", new { actiontype = "ad" })); } else { //setp 10 Access Denied return(RedirectToAction(nameof(AccountController.AccessDenied), "Account", new { debug = "" })); //return RedirectToAction(nameof(HomeController.Error), "Home", new { debug = "" }); } } else { //step 17 login page return(RedirectToAction(nameof(AccountController.Login), "Account", new { debug = "" })); } } } }
//Active directory users login public IActionResult Login(Models.LoginViewModel userr, string ReturnUrl) { //Authenticating using Active Directory using (var cn = new LdapConnection()) { // connect // cn.Connect("<<hostname>>", 389); // bind with an username and password // this how you can verify the password of an user // string Username = WindowsIdentity.GetCurrent().Name.ToString(); //var CurLoggedUser = User.Identity.IsAuthenticated; // string domain = System.Net.NetworkInformation.IPGlobalProperties.GetIPGlobalProperties().DomainNamel; if (userr.Email.Contains("\\")) { string[] winLoginNameTrim = userr.Email.Split('\\'); string winLoginName = winLoginNameTrim.Last(); string domainName = winLoginNameTrim.First(); DboCredentialOrganizationInfo dbCrOrgInfo = _context.DboCredentialOrganizationInfo.FirstOrDefault(m => m.Vchr8Ldapdomain == (domainName) && m.BAllowLdapauthentication == true); if (dbCrOrgInfo != null) { cn.SecureSocketLayer = true; // cn.Connect("hqmsdcw01.pomeroy.msft", 636); cn.Connect(dbCrOrgInfo.Vchr64LdaphostName, dbCrOrgInfo.ILdapportNumber.Value); try { cn.Bind(userr.Email, userr.Password); //step 18 checking in Credential Alternate Table DboCredentialAlternate userCred = _context.DboCredentialAlternate.SingleOrDefault(m => m.Vchr64UserName == userr.Email); if (userCred != null) { TempData["UserName"] = winLoginName; SetSessionUserName(winLoginName); //step 19 checking in Credential table DboCredential userObject = _context.DboCredential.SingleOrDefault(m => m.BintId == userCred.BintPrimaryCredentialId && m.BEnabled == true); if (userObject != null) { //step 5 sign on as user return(RedirectToAction(nameof(CredentialsController.ManageCredentials), "Credentials", new { actiontype = "ad" })); } } new BusinessLayer(_context).CreateActiveDirectoryUserCredential(userr); //step 5 sign on user return(RedirectToAction(nameof(CredentialsController.ManageCredentials), "Credentials", new { actiontype = "ad" })); } catch (Exception e) { //step 18 int isUseExists = new BusinessLayer(_context).ValidateUser(Utility.GetUserNameFromEmail(userr.Email), userr.Password); if (isUseExists > 0) { //step 5 sign on as system10 user TempData["UserName"] = userr.Email; SetSessionUserName(userr.Email); return(RedirectToAction(nameof(HomeController.Index), "Home", new { debug = "" })); } ViewData["ErrorMessage"] = "Please provide valid user name and password"; } } else { ViewData["ErrorMessage"] = "No domain exists"; } } else { int isUseExists = new BusinessLayer(_context).ValidateUser(Utility.GetUserNameFromEmail(userr.Email), userr.Password); if (isUseExists > 0) { TempData["UserName"] = userr.Email; SetSessionUserName(userr.Email); return(RedirectToAction(nameof(HomeController.Index), "Home", new { debug = "" })); } ViewData["ErrorMessage"] = "Please provide valid user name and password"; } } return(View()); }