private static void ClearConnectedClients(IJabbrRepository repository) { try { repository.RemoveAllClients(); repository.CommitChanges(); } catch (Exception ex) { Elmah.ErrorLog.GetDefault(null).Log(new Error(ex)); } }
private static void ClearConnectedClients(IJabbrRepository repository) { try { foreach (var u in repository.Users) { u.Status = (int)UserStatus.Offline; } repository.RemoveAllClients(); repository.CommitChanges(); } catch (Exception ex) { Elmah.ErrorLog.GetDefault(null).Log(new Error(ex)); } }
public void SetInviteCode(ChatUser user, ChatRoom room, string inviteCode) { EnsureOwner(user, room); if (!room.Private) { throw new InvalidOperationException("Only private rooms can have invite codes"); } // Set the invite code and save room.InviteCode = inviteCode; _repository.CommitChanges(); }
public async Task <IActionResult> ChangeUsername(ChangeUsernameViewModel model) { if (!User.Identity.IsAuthenticated) { return(View(HttpStatusCode.Forbidden)); } // HttpContextAccessor DI works when Singelton (Scoped injects null) var id = _context.HttpContext.User.GetUserId(); ChatUser user = _repository.GetUserById(id); string oldUsername = user.Name; //user.UserName try { if (ModelState.IsValid) { var result = await _signInManager.CheckPasswordSignInAsync(user, model.password, false); if (result.Succeeded) { user.UserName = model.username; user.Name = model.username; _repository.CommitChanges(); // _notificationService.OnUserNameChanged(user, oldUsername, model.username); return(RedirectToAction(nameof(Index), new { Message = ManageMessageId.ChangeUsernameSuccess })); } else { return(new RedirectResult(Url.Action("Index", new { Message = ManageMessageId.WrongPassword }) + "#changeUsername")); } } } catch (Exception ex) { return(RedirectToAction(nameof(Index), new { Message = ManageMessageId.Error })); } return(new RedirectResult(Url.Action("Index", new { Message = ManageMessageId.ErrorChangeUsername }) + "#changeUsername")); }
private ChatUser AddUser(string userName, string providerName, string identity, string email) { if (!IsValidUserName(userName)) { throw new InvalidOperationException(String.Format("'{0}' is not a valid user name.", userName)); } EnsureProviderAndIdentityAvailable(providerName, identity); // This method is used in the auth workflow. If the username is taken it will add a number // to the user name. if (UserExists(userName)) { var usersWithNameLikeMine = _repository.Users.Count(u => u.Name.StartsWith(userName)); userName += usersWithNameLikeMine; } var user = new ChatUser { Name = userName, Status = (int)UserStatus.Active, Hash = email.ToMD5(), Id = Guid.NewGuid().ToString("d"), LastActivity = DateTime.UtcNow, IsAdmin = IsFirstUser() }; var chatUserIdentity = new ChatUserIdentity { User = user, Email = email, Identity = identity, ProviderName = providerName }; _repository.Add(user); _repository.Add(chatUserIdentity); _repository.CommitChanges(); return(user); }
private void CheckUserStatus(ILogger logger, IJabbrRepository repo) { var inactiveUsers = new List <ChatUser>(); IQueryable <ChatUser> users = repo.GetOnlineUsers().Where(u => SqlFunctions.DateDiff("mi", u.LastActivity, DateTime.UtcNow) > 5); foreach (var user in users.ToList()) { user.Status = (int)UserStatus.Inactive; inactiveUsers.Add(user); } if (inactiveUsers.Count > 0) { PerformRoomAction(inactiveUsers, async roomGroup => { await _hubContext.Clients.Group(roomGroup.Room.Name).markInactive(roomGroup.Users); }); repo.CommitChanges(); } }
private void UpdatePresence(ILogger logger, IJabbrRepository repo) { // Get all connections on this node and update the activity foreach (var connection in _heartbeat.GetConnections()) { if (!connection.IsAlive) { continue; } ChatClient client = repo.GetClientById(connection.ConnectionId); if (client != null) { client.LastActivity = DateTimeOffset.UtcNow; } else { EnsureClientConnected(logger, repo, connection); } } repo.CommitChanges(); }
public void Join(bool reconnecting) { // Get the client state var userId = Context.User.GetUserId(); // Try to get the user from the client state ChatUser user = _repository.GetUserById(userId); if (!reconnecting) { // Update some user values _service.UpdateActivity(user, Context.ConnectionId, UserAgent); _repository.CommitChanges(); } ClientState clientState = GetClientState(); OnUserInitialize(clientState, user, reconnecting); }
private void RemoveOfflineUsers(ILogger logger, IJabbrRepository repo) { var offlineUsers = new List<ChatUser>(); IQueryable<ChatUser> users = repo.GetOnlineUsers(); foreach (var user in users.ToList()) { if (user.ConnectedClients.Count == 0) { logger.Log("{0} has no clients. Marking as offline", user.Name); // Fix users that are marked as inactive but have no clients user.Status = (int)UserStatus.Offline; offlineUsers.Add(user); } } if (offlineUsers.Count > 0) { PerformRoomAction(offlineUsers, async roomGroup => { foreach (var user in roomGroup.Users) { await _hubContext.Clients.Group(roomGroup.Room.Name).leave(user, roomGroup.Room.Name); } }); repo.CommitChanges(); } }
// This is an uber hack to make sure the db is in sync with SignalR private void EnsureClientConnected(ILogger logger, IJabbrRepository repo, ITrackingConnection connection) { var contextField = connection.GetType().GetField("_context", BindingFlags.NonPublic | BindingFlags.Instance); if (contextField == null) { return; } var context = contextField.GetValue(connection) as HostContext; if (context == null) { return; } string connectionData = context.Request.QueryString["connectionData"]; if (String.IsNullOrEmpty(connectionData)) { return; } var hubs = JsonConvert.DeserializeObject<HubConnectionData[]>(connectionData); if (hubs.Length != 1) { return; } // We only care about the chat hub if (!hubs[0].Name.Equals("chat", StringComparison.OrdinalIgnoreCase)) { return; } logger.Log("Connection {0} exists but isn't tracked.", connection.ConnectionId); string userId = context.Request.User.GetUserId(); ChatUser user = repo.GetUserById(userId); if (user == null) { logger.Log("Unable to find user with id {0}", userId); return; } var client = new ChatClient { Id = connection.ConnectionId, User = user, UserAgent = context.Request.Headers["User-Agent"], LastActivity = DateTimeOffset.UtcNow, LastClientActivity = user.LastActivity }; repo.Add(client); repo.CommitChanges(); }
public AccountModule(IApplicationSettings applicationSettings, IAuthenticationTokenService authenticationTokenService, IMembershipService membershipService, IJabbrRepository repository, IAuthenticationService authService, IChatNotificationService notificationService) : base("/account") { Get["/"] = _ => { if (Context.CurrentUser == null) { return HttpStatusCode.Forbidden; } ChatUser user = repository.GetUserById(Context.CurrentUser.UserName); return GetProfileView(authService, user); }; Get["/login"] = _ => { if (Context.CurrentUser != null) { return Response.AsRedirect("~/"); } return View["login", GetLoginViewModel(applicationSettings, repository, authService)]; }; Post["/login"] = param => { if (Context.CurrentUser != null) { return Response.AsRedirect("~/"); } string username = Request.Form.username; string password = Request.Form.password; if (String.IsNullOrEmpty(username)) { this.AddValidationError("username", "Name is required"); } if (String.IsNullOrEmpty(password)) { this.AddValidationError("password", "Password is required"); } try { if (ModelValidationResult.IsValid) { ChatUser user = membershipService.AuthenticateUser(username, password); return this.CompleteLogin(authenticationTokenService, user); } else { return View["login", GetLoginViewModel(applicationSettings, repository, authService)]; } } catch { this.AddValidationError("_FORM", "Login failed. Check your username/password."); return View["login", GetLoginViewModel(applicationSettings, repository, authService)]; } }; Post["/logout"] = _ => { if (Context.CurrentUser == null) { return HttpStatusCode.Forbidden; } var response = Response.AsJson(new { success = true }); response.AddCookie(new NancyCookie(Constants.UserTokenCookie, null) { Expires = DateTime.Now.AddDays(-1) }); return response; }; Get["/register"] = _ => { if (Context.CurrentUser != null) { return Response.AsRedirect("~/"); } return View["register"]; }; Post["/create"] = _ => { if (Context.CurrentUser != null) { return Response.AsRedirect("~/"); } string username = Request.Form.username; string email = Request.Form.email; string password = Request.Form.password; string confirmPassword = Request.Form.confirmPassword; if (String.IsNullOrEmpty(username)) { this.AddValidationError("username", "Name is required"); } if (String.IsNullOrEmpty(email)) { this.AddValidationError("email", "Email is required"); } ValidatePassword(password, confirmPassword); try { if (ModelValidationResult.IsValid) { ChatUser user = membershipService.AddUser(username, email, password); return this.CompleteLogin(authenticationTokenService, user); } } catch (Exception ex) { this.AddValidationError("_FORM", ex.Message); } return View["register"]; }; Post["/unlink"] = param => { if (Context.CurrentUser == null) { return HttpStatusCode.Forbidden; } string provider = Request.Form.provider; ChatUser user = repository.GetUserById(Context.CurrentUser.UserName); if (user.Identities.Count == 1 && !user.HasUserNameAndPasswordCredentials()) { this.AddAlertMessage("error", "You cannot unlink this account because you would lose your ability to login."); return Response.AsRedirect("~/account/#identityProviders"); } var identity = user.Identities.FirstOrDefault(i => i.ProviderName == provider); if (identity != null) { repository.Remove(identity); this.AddAlertMessage("success", String.Format("Successfully unlinked {0} account.", provider)); return Response.AsRedirect("~/account/#identityProviders"); } return HttpStatusCode.BadRequest; }; Post["/newpassword"] = _ => { if (Context.CurrentUser == null) { return HttpStatusCode.Forbidden; } string password = Request.Form.password; string confirmPassword = Request.Form.confirmPassword; ValidatePassword(password, confirmPassword); ChatUser user = repository.GetUserById(Context.CurrentUser.UserName); try { if (ModelValidationResult.IsValid) { membershipService.SetUserPassword(user, password); repository.CommitChanges(); } } catch (Exception ex) { this.AddValidationError("_FORM", ex.Message); } if (ModelValidationResult.IsValid) { this.AddAlertMessage("success", "Successfully added a password."); return Response.AsRedirect("~/account/#changePassword"); } return GetProfileView(authService, user); }; Post["/changepassword"] = _ => { if (Context.CurrentUser == null) { return HttpStatusCode.Forbidden; } string oldPassword = Request.Form.oldPassword; string password = Request.Form.password; string confirmPassword = Request.Form.confirmPassword; if (String.IsNullOrEmpty(oldPassword)) { this.AddValidationError("oldPassword", "Old password is required"); } ValidatePassword(password, confirmPassword); ChatUser user = repository.GetUserById(Context.CurrentUser.UserName); try { if (ModelValidationResult.IsValid) { membershipService.ChangeUserPassword(user, oldPassword, password); repository.CommitChanges(); } } catch (Exception ex) { this.AddValidationError("_FORM", ex.Message); } if (ModelValidationResult.IsValid) { this.AddAlertMessage("success", "Successfully changed your password."); return Response.AsRedirect("~/account/#changePassword"); } return GetProfileView(authService, user); }; Post["/changeusername"] = _ => { if (Context.CurrentUser == null) { return HttpStatusCode.Forbidden; } string username = Request.Form.username; string confirmUsername = Request.Form.confirmUsername; ValidateUsername(username, confirmUsername); ChatUser user = repository.GetUserById(Context.CurrentUser.UserName); string oldUsername = user.Name; try { if (ModelValidationResult.IsValid) { membershipService.ChangeUserName(user, username); repository.CommitChanges(); } } catch (Exception ex) { this.AddValidationError("_FORM", ex.Message); } if (ModelValidationResult.IsValid) { notificationService.OnUserNameChanged(user, oldUsername, username); this.AddAlertMessage("success", "Successfully changed your username."); return Response.AsRedirect("~/account/#changeUsername"); } return GetProfileView(authService, user); }; }
public void SetInviteCode(ChatUser user, ChatRoom room, string inviteCode) { EnsureOwnerOrAdmin(user, room); if (!room.Private) { throw new HubException(LanguageResources.InviteCode_PrivateRoomRequired); } // Set the invite code and save room.InviteCode = inviteCode; _repository.CommitChanges(); }
public AccountModule(ApplicationSettings applicationSettings, IMembershipService membershipService, IJabbrRepository repository, IAuthenticationService authService, IChatNotificationService notificationService, IUserAuthenticator authenticator) : base("/account") { Get["/"] = _ => { if (!IsAuthenticated) { return HttpStatusCode.Forbidden; } ChatUser user = repository.GetUserById(Principal.GetUserId()); return GetProfileView(authService, user); }; Get["/login"] = _ => { if (IsAuthenticated) { return Response.AsRedirect("~/"); } return View["login", GetLoginViewModel(applicationSettings, repository, authService)]; }; Post["/login"] = param => { if (IsAuthenticated) { return Response.AsRedirect("~/"); } string username = Request.Form.username; string password = Request.Form.password; if (String.IsNullOrEmpty(username)) { this.AddValidationError("username", "Name is required"); } if (String.IsNullOrEmpty(password)) { this.AddValidationError("password", "Password is required"); } try { if (ModelValidationResult.IsValid) { IList<Claim> claims; if (authenticator.TryAuthenticateUser(username, password, out claims)) { return this.SignIn(claims); } } } catch { // Swallow the exception } this.AddValidationError("_FORM", "Login failed. Check your username/password."); return View["login", GetLoginViewModel(applicationSettings, repository, authService)]; }; Post["/logout"] = _ => { if (!IsAuthenticated) { return HttpStatusCode.Forbidden; } var response = Response.AsJson(new { success = true }); this.SignOut(); return response; }; Get["/register"] = _ => { if (IsAuthenticated) { return Response.AsRedirect("~/"); } bool requirePassword = !Principal.Identity.IsAuthenticated; if (requirePassword && !applicationSettings.AllowUserRegistration) { return HttpStatusCode.NotFound; } ViewBag.requirePassword = requirePassword; return View["register"]; }; Post["/create"] = _ => { bool requirePassword = !Principal.Identity.IsAuthenticated; if (requirePassword && !applicationSettings.AllowUserRegistration) { return HttpStatusCode.NotFound; } if (IsAuthenticated) { return Response.AsRedirect("~/"); } ViewBag.requirePassword = requirePassword; string username = Request.Form.username; string email = Request.Form.email; string password = Request.Form.password; string confirmPassword = Request.Form.confirmPassword; if (String.IsNullOrEmpty(username)) { this.AddValidationError("username", "Name is required"); } if (String.IsNullOrEmpty(email)) { this.AddValidationError("email", "Email is required"); } try { if (requirePassword) { ValidatePassword(password, confirmPassword); } if (ModelValidationResult.IsValid) { if (requirePassword) { ChatUser user = membershipService.AddUser(username, email, password); return this.SignIn(user); } else { // Add the required claims to this identity var identity = Principal.Identity as ClaimsIdentity; if (!Principal.HasClaim(ClaimTypes.Name)) { identity.AddClaim(new Claim(ClaimTypes.Name, username)); } if (!Principal.HasClaim(ClaimTypes.Email)) { identity.AddClaim(new Claim(ClaimTypes.Email, email)); } return this.SignIn(Principal.Claims); } } } catch (Exception ex) { this.AddValidationError("_FORM", ex.Message); } return View["register"]; }; Post["/unlink"] = param => { if (!IsAuthenticated) { return HttpStatusCode.Forbidden; } string provider = Request.Form.provider; ChatUser user = repository.GetUserById(Principal.GetUserId()); if (user.Identities.Count == 1 && !user.HasUserNameAndPasswordCredentials()) { Request.AddAlertMessage("error", "You cannot unlink this account because you would lose your ability to login."); return Response.AsRedirect("~/account/#identityProviders"); } var identity = user.Identities.FirstOrDefault(i => i.ProviderName == provider); if (identity != null) { repository.Remove(identity); Request.AddAlertMessage("success", String.Format("Successfully unlinked {0} account.", provider)); return Response.AsRedirect("~/account/#identityProviders"); } return HttpStatusCode.BadRequest; }; Post["/newpassword"] = _ => { if (!IsAuthenticated) { return HttpStatusCode.Forbidden; } string password = Request.Form.password; string confirmPassword = Request.Form.confirmPassword; ValidatePassword(password, confirmPassword); ChatUser user = repository.GetUserById(Principal.GetUserId()); try { if (ModelValidationResult.IsValid) { membershipService.SetUserPassword(user, password); repository.CommitChanges(); } } catch (Exception ex) { this.AddValidationError("_FORM", ex.Message); } if (ModelValidationResult.IsValid) { Request.AddAlertMessage("success", "Successfully added a password."); return Response.AsRedirect("~/account/#changePassword"); } return GetProfileView(authService, user); }; Post["/changepassword"] = _ => { if (!applicationSettings.AllowUserRegistration) { return HttpStatusCode.NotFound; } if (!IsAuthenticated) { return HttpStatusCode.Forbidden; } string oldPassword = Request.Form.oldPassword; string password = Request.Form.password; string confirmPassword = Request.Form.confirmPassword; if (String.IsNullOrEmpty(oldPassword)) { this.AddValidationError("oldPassword", "Old password is required"); } ValidatePassword(password, confirmPassword); ChatUser user = repository.GetUserById(Principal.GetUserId()); try { if (ModelValidationResult.IsValid) { membershipService.ChangeUserPassword(user, oldPassword, password); repository.CommitChanges(); } } catch (Exception ex) { this.AddValidationError("_FORM", ex.Message); } if (ModelValidationResult.IsValid) { Request.AddAlertMessage("success", "Successfully changed your password."); return Response.AsRedirect("~/account/#changePassword"); } return GetProfileView(authService, user); }; Post["/changeusername"] = _ => { if (!IsAuthenticated) { return HttpStatusCode.Forbidden; } string username = Request.Form.username; string confirmUsername = Request.Form.confirmUsername; ValidateUsername(username, confirmUsername); ChatUser user = repository.GetUserById(Principal.GetUserId()); string oldUsername = user.Name; try { if (ModelValidationResult.IsValid) { membershipService.ChangeUserName(user, username); repository.CommitChanges(); } } catch (Exception ex) { this.AddValidationError("_FORM", ex.Message); } if (ModelValidationResult.IsValid) { notificationService.OnUserNameChanged(user, oldUsername, username); Request.AddAlertMessage("success", "Successfully changed your username."); return Response.AsRedirect("~/account/#changeUsername"); } return GetProfileView(authService, user); }; }
private static void ClearConnectedClients(IJabbrRepository repository) { try { foreach (var u in repository.Users) { if (u.IsAfk) { u.Status = (int)UserStatus.Offline; } } repository.RemoveAllClients(); repository.CommitChanges(); } catch (Exception ex) { Elmah.ErrorLog.GetDefault(null).Log(new Error(ex)); } }
public AccountModule(ApplicationSettings applicationSettings, IMembershipService membershipService, IJabbrRepository repository, IAuthenticationService authService, IChatNotificationService notificationService, IUserAuthenticator authenticator, IEmailService emailService) : base("/account") { Get["/"] = _ => { if (!IsAuthenticated) { return HttpStatusCode.Forbidden; } ChatUser user = repository.GetUserById(Principal.GetUserId()); return GetProfileView(authService, user); }; Get["/login"] = _ => { if (IsAuthenticated) { return this.AsRedirectQueryStringOrDefault("~/"); } return View["login", GetLoginViewModel(applicationSettings, repository, authService)]; }; Post["/login"] = param => { if (!HasValidCsrfTokenOrSecHeader) { return HttpStatusCode.Forbidden; } if (IsAuthenticated) { return this.AsRedirectQueryStringOrDefault("~/"); } string username = Request.Form.username; string password = Request.Form.password; if (String.IsNullOrEmpty(username)) { this.AddValidationError("username", LanguageResources.Authentication_NameRequired); } if (String.IsNullOrEmpty(password)) { this.AddValidationError("password", LanguageResources.Authentication_PassRequired); } try { if (ModelValidationResult.IsValid) { IList<Claim> claims; if (authenticator.TryAuthenticateUser(username, password, out claims)) { return this.SignIn(claims); } } } catch { // Swallow the exception } this.AddValidationError("_FORM", LanguageResources.Authentication_GenericFailure); return View["login", GetLoginViewModel(applicationSettings, repository, authService)]; }; Post["/logout"] = _ => { if (!IsAuthenticated) { return HttpStatusCode.Forbidden; } var response = Response.AsJson(new { success = true }); this.SignOut(); return response; }; Get["/register"] = _ => { if (IsAuthenticated) { return this.AsRedirectQueryStringOrDefault("~/"); } bool requirePassword = !Principal.Identity.IsAuthenticated; if (requirePassword && !applicationSettings.AllowUserRegistration) { return HttpStatusCode.NotFound; } ViewBag.requirePassword = requirePassword; return View["register"]; }; Post["/create"] = _ => { if (!HasValidCsrfTokenOrSecHeader) { return HttpStatusCode.Forbidden; } bool requirePassword = !Principal.Identity.IsAuthenticated; if (requirePassword && !applicationSettings.AllowUserRegistration) { return HttpStatusCode.NotFound; } if (IsAuthenticated) { return this.AsRedirectQueryStringOrDefault("~/"); } ViewBag.requirePassword = requirePassword; string username = Request.Form.username; string email = Request.Form.email; string password = Request.Form.password; string confirmPassword = Request.Form.confirmPassword; if (String.IsNullOrEmpty(username)) { this.AddValidationError("username", LanguageResources.Authentication_NameRequired); } if (String.IsNullOrEmpty(email)) { this.AddValidationError("email", LanguageResources.Authentication_EmailRequired); } try { if (requirePassword) { ValidatePassword(password, confirmPassword); } if (ModelValidationResult.IsValid) { if (requirePassword) { ChatUser user = membershipService.AddUser(username, email, password); return this.SignIn(user); } else { // Add the required claims to this identity var identity = Principal.Identity as ClaimsIdentity; if (!Principal.HasClaim(ClaimTypes.Name)) { identity.AddClaim(new Claim(ClaimTypes.Name, username)); } if (!Principal.HasClaim(ClaimTypes.Email)) { identity.AddClaim(new Claim(ClaimTypes.Email, email)); } return this.SignIn(Principal.Claims); } } } catch (Exception ex) { this.AddValidationError("_FORM", ex.Message); } return View["register"]; }; Post["/unlink"] = param => { if (!HasValidCsrfTokenOrSecHeader) { return HttpStatusCode.Forbidden; } if (!IsAuthenticated) { return HttpStatusCode.Forbidden; } string provider = Request.Form.provider; ChatUser user = repository.GetUserById(Principal.GetUserId()); if (user.Identities.Count == 1 && !user.HasUserNameAndPasswordCredentials()) { Request.AddAlertMessage("error", LanguageResources.Account_UnlinkRequiresMultipleIdentities); return Response.AsRedirect("~/account/#identityProviders"); } var identity = user.Identities.FirstOrDefault(i => i.ProviderName == provider); if (identity != null) { repository.Remove(identity); Request.AddAlertMessage("success", String.Format(LanguageResources.Account_UnlinkCompleted, provider)); return Response.AsRedirect("~/account/#identityProviders"); } return HttpStatusCode.BadRequest; }; Post["/newpassword"] = _ => { if (!HasValidCsrfTokenOrSecHeader) { return HttpStatusCode.Forbidden; } if (!IsAuthenticated) { return HttpStatusCode.Forbidden; } string password = Request.Form.password; string confirmPassword = Request.Form.confirmPassword; ValidatePassword(password, confirmPassword); ChatUser user = repository.GetUserById(Principal.GetUserId()); try { if (ModelValidationResult.IsValid) { membershipService.SetUserPassword(user, password); repository.CommitChanges(); } } catch (Exception ex) { this.AddValidationError("_FORM", ex.Message); } if (ModelValidationResult.IsValid) { Request.AddAlertMessage("success", LanguageResources.Authentication_PassAddSuccess); return Response.AsRedirect("~/account/#changePassword"); } return GetProfileView(authService, user); }; Post["/changepassword"] = _ => { if (!HasValidCsrfTokenOrSecHeader) { return HttpStatusCode.Forbidden; } if (!applicationSettings.AllowUserRegistration) { return HttpStatusCode.NotFound; } if (!IsAuthenticated) { return HttpStatusCode.Forbidden; } string oldPassword = Request.Form.oldPassword; string password = Request.Form.password; string confirmPassword = Request.Form.confirmPassword; if (String.IsNullOrEmpty(oldPassword)) { this.AddValidationError("oldPassword", LanguageResources.Authentication_OldPasswordRequired); } ValidatePassword(password, confirmPassword); ChatUser user = repository.GetUserById(Principal.GetUserId()); try { if (ModelValidationResult.IsValid) { membershipService.ChangeUserPassword(user, oldPassword, password); repository.CommitChanges(); } } catch (Exception ex) { this.AddValidationError("_FORM", ex.Message); } if (ModelValidationResult.IsValid) { Request.AddAlertMessage("success", LanguageResources.Authentication_PassChangeSuccess); return Response.AsRedirect("~/account/#changePassword"); } return GetProfileView(authService, user); }; Post["/changeusername"] = _ => { if (!HasValidCsrfTokenOrSecHeader) { return HttpStatusCode.Forbidden; } if (!IsAuthenticated) { return HttpStatusCode.Forbidden; } string username = Request.Form.username; string confirmUsername = Request.Form.confirmUsername; ValidateUsername(username, confirmUsername); ChatUser user = repository.GetUserById(Principal.GetUserId()); string oldUsername = user.Name; try { if (ModelValidationResult.IsValid) { membershipService.ChangeUserName(user, username); repository.CommitChanges(); } } catch (Exception ex) { this.AddValidationError("_FORM", ex.Message); } if (ModelValidationResult.IsValid) { notificationService.OnUserNameChanged(user, oldUsername, username); Request.AddAlertMessage("success", LanguageResources.Authentication_NameChangeCompleted); return Response.AsRedirect("~/account/#changeUsername"); } return GetProfileView(authService, user); }; Get["/requestresetpassword"] = _ => { if (IsAuthenticated) { return Response.AsRedirect("~/account/#changePassword"); } if (!Principal.Identity.IsAuthenticated && !applicationSettings.AllowUserResetPassword || string.IsNullOrWhiteSpace(applicationSettings.EmailSender)) { return HttpStatusCode.NotFound; } return View["requestresetpassword"]; }; Post["/requestresetpassword"] = _ => { if (!HasValidCsrfTokenOrSecHeader) { return HttpStatusCode.Forbidden; } if (IsAuthenticated) { return Response.AsRedirect("~/account/#changePassword"); } if (!Principal.Identity.IsAuthenticated && !applicationSettings.AllowUserResetPassword || string.IsNullOrWhiteSpace(applicationSettings.EmailSender)) { return HttpStatusCode.NotFound; } string username = Request.Form.username; if (String.IsNullOrEmpty(username)) { this.AddValidationError("username", LanguageResources.Authentication_NameRequired); } try { if (ModelValidationResult.IsValid) { ChatUser user = repository.GetUserByName(username); if (user == null) { this.AddValidationError("username", String.Format(LanguageResources.Account_NoMatchingUser, username)); } else if (String.IsNullOrWhiteSpace(user.Email)) { this.AddValidationError("username", String.Format(LanguageResources.Account_NoEmailForUser, username)); } else { membershipService.RequestResetPassword(user, applicationSettings.RequestResetPasswordValidThroughInHours); repository.CommitChanges(); emailService.SendRequestResetPassword(user, this.Request.Url.SiteBase + "/account/resetpassword/"); return View["requestresetpasswordsuccess", username]; } } } catch (Exception ex) { this.AddValidationError("_FORM", ex.Message); } return View["requestresetpassword"]; }; Get["/resetpassword/{id}"] = parameters => { if (!applicationSettings.AllowUserResetPassword || string.IsNullOrWhiteSpace(applicationSettings.EmailSender)) { return HttpStatusCode.NotFound; } string resetPasswordToken = parameters.id; string userName = membershipService.GetUserNameFromToken(resetPasswordToken); // Is the token not valid, maybe some character change? if (userName == null) { return View["resetpassworderror", LanguageResources.Account_ResetInvalidToken]; } else { ChatUser user = repository.GetUserByRequestResetPasswordId(userName, resetPasswordToken); // Is the token expired? if (user == null) { return View["resetpassworderror", LanguageResources.Account_ResetExpiredToken]; } else { return View["resetpassword", user.RequestPasswordResetId]; } } }; Post["/resetpassword/{id}"] = parameters => { if (!HasValidCsrfTokenOrSecHeader) { return HttpStatusCode.Forbidden; } if (!applicationSettings.AllowUserResetPassword || string.IsNullOrWhiteSpace(applicationSettings.EmailSender)) { return HttpStatusCode.NotFound; } string resetPasswordToken = parameters.id; string newPassword = Request.Form.password; string confirmNewPassword = Request.Form.confirmPassword; ValidatePassword(newPassword, confirmNewPassword); try { if (ModelValidationResult.IsValid) { string userName = membershipService.GetUserNameFromToken(resetPasswordToken); ChatUser user = repository.GetUserByRequestResetPasswordId(userName, resetPasswordToken); // Is the token expired? if (user == null) { return View["resetpassworderror", LanguageResources.Account_ResetExpiredToken]; } else { membershipService.ResetUserPassword(user, newPassword); repository.CommitChanges(); return View["resetpasswordsuccess"]; } } } catch (Exception ex) { this.AddValidationError("_FORM", ex.Message); } return View["resetpassword", resetPasswordToken]; }; }
public AccountModule(ApplicationSettings applicationSettings, IMembershipService membershipService, IJabbrRepository repository, IAuthenticationService authService, IChatNotificationService notificationService, IUserAuthenticator authenticator) : base("/account") { Get["/"] = _ => { if (!IsAuthenticated) { return(HttpStatusCode.Forbidden); } ChatUser user = repository.GetUserById(Principal.GetUserId()); return(GetProfileView(authService, user)); }; Get["/login"] = _ => { if (IsAuthenticated) { return(Response.AsRedirect("~/")); } return(View["login", GetLoginViewModel(applicationSettings, repository, authService)]); }; Post["/login"] = param => { if (IsAuthenticated) { return(Response.AsRedirect("~/")); } string username = Request.Form.username; string password = Request.Form.password; if (String.IsNullOrEmpty(username)) { this.AddValidationError("username", "Name is required"); } if (String.IsNullOrEmpty(password)) { this.AddValidationError("password", "Password is required"); } try { if (ModelValidationResult.IsValid) { IList <Claim> claims; if (authenticator.TryAuthenticateUser(username, password, out claims)) { return(this.SignIn(claims)); } } } catch { // Swallow the exception } this.AddValidationError("_FORM", "Login failed. Check your username/password."); return(View["login", GetLoginViewModel(applicationSettings, repository, authService)]); }; Post["/logout"] = _ => { if (!IsAuthenticated) { return(HttpStatusCode.Forbidden); } var response = Response.AsJson(new { success = true }); this.SignOut(); return(response); }; Get["/register"] = _ => { if (IsAuthenticated) { return(Response.AsRedirect("~/")); } bool requirePassword = !Principal.Identity.IsAuthenticated; if (requirePassword && !applicationSettings.AllowUserRegistration) { return(HttpStatusCode.NotFound); } ViewBag.requirePassword = requirePassword; return(View["register"]); }; Post["/create"] = _ => { bool requirePassword = !Principal.Identity.IsAuthenticated; if (requirePassword && !applicationSettings.AllowUserRegistration) { return(HttpStatusCode.NotFound); } if (IsAuthenticated) { return(Response.AsRedirect("~/")); } ViewBag.requirePassword = requirePassword; string username = Request.Form.username; string email = Request.Form.email; string password = Request.Form.password; string confirmPassword = Request.Form.confirmPassword; if (String.IsNullOrEmpty(username)) { this.AddValidationError("username", "Name is required"); } if (String.IsNullOrEmpty(email)) { this.AddValidationError("email", "Email is required"); } try { if (requirePassword) { ValidatePassword(password, confirmPassword); } if (ModelValidationResult.IsValid) { if (requirePassword) { ChatUser user = membershipService.AddUser(username, email, password); return(this.SignIn(user)); } else { // Add the required claims to this identity var identity = Principal.Identity as ClaimsIdentity; if (!Principal.HasClaim(ClaimTypes.Name)) { identity.AddClaim(new Claim(ClaimTypes.Name, username)); } if (!Principal.HasClaim(ClaimTypes.Email)) { identity.AddClaim(new Claim(ClaimTypes.Email, email)); } return(this.SignIn(Principal.Claims)); } } } catch (Exception ex) { this.AddValidationError("_FORM", ex.Message); } return(View["register"]); }; Post["/unlink"] = param => { if (!IsAuthenticated) { return(HttpStatusCode.Forbidden); } string provider = Request.Form.provider; ChatUser user = repository.GetUserById(Principal.GetUserId()); if (user.Identities.Count == 1 && !user.HasUserNameAndPasswordCredentials()) { Request.AddAlertMessage("error", "You cannot unlink this account because you would lose your ability to login."); return(Response.AsRedirect("~/account/#identityProviders")); } var identity = user.Identities.FirstOrDefault(i => i.ProviderName == provider); if (identity != null) { repository.Remove(identity); Request.AddAlertMessage("success", String.Format("Successfully unlinked {0} account.", provider)); return(Response.AsRedirect("~/account/#identityProviders")); } return(HttpStatusCode.BadRequest); }; Post["/newpassword"] = _ => { if (!IsAuthenticated) { return(HttpStatusCode.Forbidden); } string password = Request.Form.password; string confirmPassword = Request.Form.confirmPassword; ValidatePassword(password, confirmPassword); ChatUser user = repository.GetUserById(Principal.GetUserId()); try { if (ModelValidationResult.IsValid) { membershipService.SetUserPassword(user, password); repository.CommitChanges(); } } catch (Exception ex) { this.AddValidationError("_FORM", ex.Message); } if (ModelValidationResult.IsValid) { Request.AddAlertMessage("success", "Successfully added a password."); return(Response.AsRedirect("~/account/#changePassword")); } return(GetProfileView(authService, user)); }; Post["/changepassword"] = _ => { if (!applicationSettings.AllowUserRegistration) { return(HttpStatusCode.NotFound); } if (!IsAuthenticated) { return(HttpStatusCode.Forbidden); } string oldPassword = Request.Form.oldPassword; string password = Request.Form.password; string confirmPassword = Request.Form.confirmPassword; if (String.IsNullOrEmpty(oldPassword)) { this.AddValidationError("oldPassword", "Old password is required"); } ValidatePassword(password, confirmPassword); ChatUser user = repository.GetUserById(Principal.GetUserId()); try { if (ModelValidationResult.IsValid) { membershipService.ChangeUserPassword(user, oldPassword, password); repository.CommitChanges(); } } catch (Exception ex) { this.AddValidationError("_FORM", ex.Message); } if (ModelValidationResult.IsValid) { Request.AddAlertMessage("success", "Successfully changed your password."); return(Response.AsRedirect("~/account/#changePassword")); } return(GetProfileView(authService, user)); }; Post["/changeusername"] = _ => { if (!IsAuthenticated) { return(HttpStatusCode.Forbidden); } string username = Request.Form.username; string confirmUsername = Request.Form.confirmUsername; ValidateUsername(username, confirmUsername); ChatUser user = repository.GetUserById(Principal.GetUserId()); string oldUsername = user.Name; try { if (ModelValidationResult.IsValid) { membershipService.ChangeUserName(user, username); repository.CommitChanges(); } } catch (Exception ex) { this.AddValidationError("_FORM", ex.Message); } if (ModelValidationResult.IsValid) { notificationService.OnUserNameChanged(user, oldUsername, username); Request.AddAlertMessage("success", "Successfully changed your username."); return(Response.AsRedirect("~/account/#changeUsername")); } return(GetProfileView(authService, user)); }; }
public NotificationsModule(IJabbrRepository repository, IChatService chatService, IChatNotificationService notificationService) : base("/notifications") { Get["/"] = _ => { if (!IsAuthenticated) { return Response.AsRedirect(String.Format("~/account/login?returnUrl={0}", HttpUtility.UrlEncode(Request.Path))); } var request = this.Bind<NotificationRequestModel>(); ChatUser user = repository.GetUserById(Principal.GetUserId()); int unreadCount = repository.GetUnreadNotificationsCount(user); IPagedList<NotificationViewModel> notifications = GetNotifications(repository, user, all: request.All, page: request.Page, roomName: request.Room); var viewModel = new NotificationsViewModel { ShowAll = request.All, UnreadCount = unreadCount, Notifications = notifications, DebugMode = (bool)Context.Items["_debugMode"], }; return View["index", viewModel]; }; Post["/markasread"] = _ => { if (!IsAuthenticated) { return HttpStatusCode.Forbidden; } int notificationId = Request.Form.notificationId; Notification notification = repository.GetNotificationById(notificationId); if (notification == null) { return HttpStatusCode.NotFound; } ChatUser user = repository.GetUserById(Principal.GetUserId()); if (notification.UserKey != user.Key) { return HttpStatusCode.Forbidden; } notification.Read = true; repository.CommitChanges(); notificationService.MessageReadStateChanged(user, notification.Message, notification); UpdateUnreadCountInChat(repository, notificationService, user); var response = Response.AsJson(new { success = true }); return response; }; Post["/markallasread"] = _ => { if (!IsAuthenticated) { return HttpStatusCode.Forbidden; } ChatUser user = repository.GetUserById(Principal.GetUserId()); IList<Notification> unReadNotifications = repository.GetNotificationsByUser(user).Unread().ToList(); if (!unReadNotifications.Any()) { return HttpStatusCode.NotFound; } foreach (var notification in unReadNotifications) { notification.Read = true; notificationService.MessageReadStateChanged(user, notification.Message, notification); } repository.CommitChanges(); UpdateUnreadCountInChat(repository, notificationService, user); var response = Response.AsJson(new { success = true }); return response; }; Get["/{key}"] = _ => { if (!IsAuthenticated) return Response.AsRedirect(String.Format("~/account/login?returnUrl={0}", HttpUtility.UrlEncode(Request.Path))); var notification = repository.GetNotificationById(_.key); if (notification == null) return HttpStatusCode.NotFound; var user = repository.GetUserById(Principal.GetUserId()); if (notification.UserKey != user.Key) return HttpStatusCode.Forbidden; var model = new { DebugMode = (bool)Context.Items["_debugMode"], Notification = notification }; return View["view", model]; }; }
public AccountModule(ApplicationSettings applicationSettings, IMembershipService membershipService, IJabbrRepository repository, IAuthenticationService authService, IChatNotificationService notificationService, IUserAuthenticator authenticator, IEmailService emailService) : base("/account") { Get["/"] = _ => { if (!IsAuthenticated) { return(HttpStatusCode.Forbidden); } ChatUser user = repository.GetUserById(Principal.GetUserId()); return(GetProfileView(authService, user)); }; Get["/login"] = _ => { if (IsAuthenticated) { return(this.AsRedirectQueryStringOrDefault("~/")); } return(View["login", GetLoginViewModel(applicationSettings, repository, authService)]); }; Post["/login"] = param => { if (IsAuthenticated) { return(this.AsRedirectQueryStringOrDefault("~/")); } string username = Request.Form.username; string password = Request.Form.password; if (String.IsNullOrEmpty(username)) { this.AddValidationError("username", LanguageResources.Authentication_NameRequired); } if (String.IsNullOrEmpty(password)) { this.AddValidationError("password", LanguageResources.Authentication_PassRequired); } try { if (ModelValidationResult.IsValid) { IList <Claim> claims; if (authenticator.TryAuthenticateUser(username, password, out claims)) { return(this.SignIn(claims)); } } } catch { // Swallow the exception } this.AddValidationError("_FORM", LanguageResources.Authentication_GenericFailure); return(View["login", GetLoginViewModel(applicationSettings, repository, authService)]); }; Post["/logout"] = _ => { if (!IsAuthenticated) { return(HttpStatusCode.Forbidden); } var response = Response.AsJson(new { success = true }); this.SignOut(); return(response); }; Get["/register"] = _ => { if (IsAuthenticated) { return(this.AsRedirectQueryStringOrDefault("~/")); } bool requirePassword = !Principal.Identity.IsAuthenticated; if (requirePassword && !applicationSettings.AllowUserRegistration) { return(HttpStatusCode.NotFound); } ViewBag.requirePassword = requirePassword; return(View["register"]); }; Post["/create"] = _ => { bool requirePassword = !Principal.Identity.IsAuthenticated; if (requirePassword && !applicationSettings.AllowUserRegistration) { return(HttpStatusCode.NotFound); } if (IsAuthenticated) { return(this.AsRedirectQueryStringOrDefault("~/")); } ViewBag.requirePassword = requirePassword; string username = Request.Form.username; string email = Request.Form.email; string password = Request.Form.password; string confirmPassword = Request.Form.confirmPassword; if (String.IsNullOrEmpty(username)) { this.AddValidationError("username", LanguageResources.Authentication_NameRequired); } if (String.IsNullOrEmpty(email)) { this.AddValidationError("email", LanguageResources.Authentication_EmailRequired); } try { if (requirePassword) { ValidatePassword(password, confirmPassword); } if (ModelValidationResult.IsValid) { if (requirePassword) { ChatUser user = membershipService.AddUser(username, email, password); return(this.SignIn(user)); } else { // Add the required claims to this identity var identity = Principal.Identity as ClaimsIdentity; if (!Principal.HasClaim(ClaimTypes.Name)) { identity.AddClaim(new Claim(ClaimTypes.Name, username)); } if (!Principal.HasClaim(ClaimTypes.Email)) { identity.AddClaim(new Claim(ClaimTypes.Email, email)); } return(this.SignIn(Principal.Claims)); } } } catch (Exception ex) { this.AddValidationError("_FORM", ex.Message); } return(View["register"]); }; Post["/unlink"] = param => { if (!IsAuthenticated) { return(HttpStatusCode.Forbidden); } string provider = Request.Form.provider; ChatUser user = repository.GetUserById(Principal.GetUserId()); if (user.Identities.Count == 1 && !user.HasUserNameAndPasswordCredentials()) { Request.AddAlertMessage("error", LanguageResources.Account_UnlinkRequiresMultipleIdentities); return(Response.AsRedirect("~/account/#identityProviders")); } var identity = user.Identities.FirstOrDefault(i => i.ProviderName == provider); if (identity != null) { repository.Remove(identity); Request.AddAlertMessage("success", String.Format(LanguageResources.Account_UnlinkCompleted, provider)); return(Response.AsRedirect("~/account/#identityProviders")); } return(HttpStatusCode.BadRequest); }; Post["/newpassword"] = _ => { if (!IsAuthenticated) { return(HttpStatusCode.Forbidden); } string password = Request.Form.password; string confirmPassword = Request.Form.confirmPassword; ValidatePassword(password, confirmPassword); ChatUser user = repository.GetUserById(Principal.GetUserId()); try { if (ModelValidationResult.IsValid) { membershipService.SetUserPassword(user, password); repository.CommitChanges(); } } catch (Exception ex) { this.AddValidationError("_FORM", ex.Message); } if (ModelValidationResult.IsValid) { Request.AddAlertMessage("success", LanguageResources.Authentication_PassAddSuccess); return(Response.AsRedirect("~/account/#changePassword")); } return(GetProfileView(authService, user)); }; Post["/changepassword"] = _ => { if (!applicationSettings.AllowUserRegistration) { return(HttpStatusCode.NotFound); } if (!IsAuthenticated) { return(HttpStatusCode.Forbidden); } string oldPassword = Request.Form.oldPassword; string password = Request.Form.password; string confirmPassword = Request.Form.confirmPassword; if (String.IsNullOrEmpty(oldPassword)) { this.AddValidationError("oldPassword", LanguageResources.Authentication_OldPasswordRequired); } ValidatePassword(password, confirmPassword); ChatUser user = repository.GetUserById(Principal.GetUserId()); try { if (ModelValidationResult.IsValid) { membershipService.ChangeUserPassword(user, oldPassword, password); repository.CommitChanges(); } } catch (Exception ex) { this.AddValidationError("_FORM", ex.Message); } if (ModelValidationResult.IsValid) { Request.AddAlertMessage("success", LanguageResources.Authentication_PassChangeSuccess); return(Response.AsRedirect("~/account/#changePassword")); } return(GetProfileView(authService, user)); }; Post["/changeusername"] = _ => { if (!IsAuthenticated) { return(HttpStatusCode.Forbidden); } string username = Request.Form.username; string confirmUsername = Request.Form.confirmUsername; ValidateUsername(username, confirmUsername); ChatUser user = repository.GetUserById(Principal.GetUserId()); string oldUsername = user.Name; try { if (ModelValidationResult.IsValid) { membershipService.ChangeUserName(user, username); repository.CommitChanges(); } } catch (Exception ex) { this.AddValidationError("_FORM", ex.Message); } if (ModelValidationResult.IsValid) { notificationService.OnUserNameChanged(user, oldUsername, username); Request.AddAlertMessage("success", LanguageResources.Authentication_NameChangeCompleted); return(Response.AsRedirect("~/account/#changeUsername")); } return(GetProfileView(authService, user)); }; Get["/requestresetpassword"] = _ => { if (IsAuthenticated) { return(Response.AsRedirect("~/account/#changePassword")); } if (!Principal.Identity.IsAuthenticated && !applicationSettings.AllowUserResetPassword || string.IsNullOrWhiteSpace(applicationSettings.EmailSender)) { return(HttpStatusCode.NotFound); } return(View["requestresetpassword"]); }; Post["/requestresetpassword"] = _ => { if (IsAuthenticated) { return(Response.AsRedirect("~/account/#changePassword")); } if (!Principal.Identity.IsAuthenticated && !applicationSettings.AllowUserResetPassword || string.IsNullOrWhiteSpace(applicationSettings.EmailSender)) { return(HttpStatusCode.NotFound); } string username = Request.Form.username; if (String.IsNullOrEmpty(username)) { this.AddValidationError("username", LanguageResources.Authentication_NameRequired); } try { if (ModelValidationResult.IsValid) { ChatUser user = repository.GetUserByName(username); if (user == null) { this.AddValidationError("username", String.Format(LanguageResources.Account_NoMatchingUser, username)); } else if (String.IsNullOrWhiteSpace(user.Email)) { this.AddValidationError("username", String.Format(LanguageResources.Account_NoEmailForUser, username)); } else { membershipService.RequestResetPassword(user, applicationSettings.RequestResetPasswordValidThroughInHours); repository.CommitChanges(); emailService.SendRequestResetPassword(user, this.Request.Url.SiteBase + "/account/resetpassword/"); return(View["requestresetpasswordsuccess", username]); } } } catch (Exception ex) { this.AddValidationError("_FORM", ex.Message); } return(View["requestresetpassword"]); }; Get["/resetpassword/{id}"] = parameters => { if (!applicationSettings.AllowUserResetPassword || string.IsNullOrWhiteSpace(applicationSettings.EmailSender)) { return(HttpStatusCode.NotFound); } string resetPasswordToken = parameters.id; string userName = membershipService.GetUserNameFromToken(resetPasswordToken); // Is the token not valid, maybe some character change? if (userName == null) { return(View["resetpassworderror", LanguageResources.Account_ResetInvalidToken]); } else { ChatUser user = repository.GetUserByRequestResetPasswordId(userName, resetPasswordToken); // Is the token expired? if (user == null) { return(View["resetpassworderror", LanguageResources.Account_ResetExpiredToken]); } else { return(View["resetpassword", user.RequestPasswordResetId]); } } }; Post["/resetpassword/{id}"] = parameters => { if (!applicationSettings.AllowUserResetPassword || string.IsNullOrWhiteSpace(applicationSettings.EmailSender)) { return(HttpStatusCode.NotFound); } string resetPasswordToken = parameters.id; string newPassword = Request.Form.password; string confirmNewPassword = Request.Form.confirmPassword; ValidatePassword(newPassword, confirmNewPassword); try { if (ModelValidationResult.IsValid) { string userName = membershipService.GetUserNameFromToken(resetPasswordToken); ChatUser user = repository.GetUserByRequestResetPasswordId(userName, resetPasswordToken); // Is the token expired? if (user == null) { return(View["resetpassworderror", LanguageResources.Account_ResetExpiredToken]); } else { membershipService.ResetUserPassword(user, newPassword); repository.CommitChanges(); return(View["resetpasswordsuccess"]); } } } catch (Exception ex) { this.AddValidationError("_FORM", ex.Message); } return(View["resetpassword", resetPasswordToken]); }; }
public void ResponseSignIn(CookieResponseSignInContext context) { var authResult = new AuthenticationResult { Success = true }; ChatUser loggedInUser = GetLoggedInUser(context); var principal = new ClaimsPrincipal(context.Identity); // Do nothing if it's authenticated if (principal.IsAuthenticated()) { EnsurePersistentCookie(context); return; } ChatUser user = _repository.GetUser(principal); authResult.ProviderName = principal.GetIdentityProvider(); // The user exists so add the claim if (user != null) { if (loggedInUser != null && user != loggedInUser) { // Set an error message authResult.Message = String.Format(LanguageResources.Account_AccountAlreadyLinked, authResult.ProviderName); authResult.Success = false; // Keep the old user logged in context.Identity.AddClaim(new Claim(JabbRClaimTypes.Identifier, loggedInUser.Id)); } else { // Login this user AddClaim(context, user); } } else if (principal.HasRequiredClaims()) { ChatUser targetUser = null; // The user doesn't exist but the claims to create the user do exist if (loggedInUser == null) { // New user so add them user = _membershipService.AddUser(principal); targetUser = user; } else { // If the user is logged in then link _membershipService.LinkIdentity(loggedInUser, principal); _repository.CommitChanges(); authResult.Message = String.Format(LanguageResources.Account_AccountLinkedSuccess, authResult.ProviderName); targetUser = loggedInUser; } AddClaim(context, targetUser); } else if (!principal.HasPartialIdentity()) { // A partial identity means the user needs to add more claims to login context.Identity.AddClaim(new Claim(JabbRClaimTypes.PartialIdentity, "true")); } var cookieOptions = new CookieOptions { HttpOnly = true }; context.Response.Cookies.Append(Constants.AuthResultCookie, JsonConvert.SerializeObject(authResult), cookieOptions); }
private void CheckUserStatus(ILogger logger, IJabbrRepository repo) { var inactiveUsers = new List<ChatUser>(); IQueryable<ChatUser> users = repo.GetOnlineUsers().Where(u => SqlFunctions.DateDiff("mi", u.LastActivity, DateTime.UtcNow) > 5); foreach (var user in users.ToList()) { user.Status = (int)UserStatus.Inactive; inactiveUsers.Add(user); } if (inactiveUsers.Count > 0) { PerformRoomAction(inactiveUsers, async roomGroup => { await _hubContext.Clients.Group(roomGroup.Room.Name).markInactive(roomGroup.Users); }); repo.CommitChanges(); } }
// This is an uber hack to make sure the db is in sync with SignalR private void EnsureClientConnected(ILogger logger, IJabbrRepository repo, ITrackingConnection connection) { var contextField = connection.GetType().GetField("_context", BindingFlags.NonPublic | BindingFlags.Instance); if (contextField == null) { return; } var context = contextField.GetValue(connection) as HostContext; if (context == null) { return; } string connectionData = context.Request.QueryString["connectionData"]; if (String.IsNullOrEmpty(connectionData)) { return; } var hubs = JsonConvert.DeserializeObject <HubConnectionData[]>(connectionData); if (hubs.Length != 1) { return; } // We only care about the chat hub if (!hubs[0].Name.Equals("chat", StringComparison.OrdinalIgnoreCase)) { return; } logger.Log("Connection {0} exists but isn't tracked.", connection.ConnectionId); string userId = context.Request.User.GetUserId(); ChatUser user = repo.GetUserById(userId); if (user == null) { logger.Log("Unable to find user with id {0}", userId); return; } var client = new ChatClient { Id = connection.ConnectionId, User = user, UserAgent = context.Request.Headers["User-Agent"], LastActivity = DateTimeOffset.UtcNow, LastClientActivity = user.LastActivity }; repo.Add(client); repo.CommitChanges(); }
public AccountModule(IApplicationSettings applicationSettings, IAuthenticationTokenService authenticationTokenService, IMembershipService membershipService, IJabbrRepository repository, IAuthenticationService authService, IChatNotificationService notificationService) : base("/account") { Get["/"] = _ => { if (Context.CurrentUser == null) { return(HttpStatusCode.Forbidden); } ChatUser user = repository.GetUserById(Context.CurrentUser.UserName); return(GetProfileView(authService, user)); }; Get["/login"] = _ => { if (Context.CurrentUser != null) { return(Response.AsRedirect("~/")); } return(View["login", GetLoginViewModel(applicationSettings, repository, authService)]); }; Post["/login"] = param => { if (Context.CurrentUser != null) { return(Response.AsRedirect("~/")); } string username = Request.Form.username; string password = Request.Form.password; if (String.IsNullOrEmpty(username)) { this.AddValidationError("username", "Name is required"); } if (String.IsNullOrEmpty(password)) { this.AddValidationError("password", "Password is required"); } try { if (ModelValidationResult.IsValid) { ChatUser user = membershipService.AuthenticateUser(username, password); return(this.CompleteLogin(authenticationTokenService, user)); } else { return(View["login", GetLoginViewModel(applicationSettings, repository, authService)]); } } catch { this.AddValidationError("_FORM", "Login failed. Check your username/password."); return(View["login", GetLoginViewModel(applicationSettings, repository, authService)]); } }; Post["/logout"] = _ => { if (Context.CurrentUser == null) { return(HttpStatusCode.Forbidden); } var response = Response.AsJson(new { success = true }); response.AddCookie(new NancyCookie(Constants.UserTokenCookie, null) { Expires = DateTime.Now.AddDays(-1) }); return(response); }; Get["/register"] = _ => { if (Context.CurrentUser != null) { return(Response.AsRedirect("~/")); } return(View["register"]); }; Post["/create"] = _ => { if (Context.CurrentUser != null) { return(Response.AsRedirect("~/")); } string username = Request.Form.username; string email = Request.Form.email; string password = Request.Form.password; string confirmPassword = Request.Form.confirmPassword; if (String.IsNullOrEmpty(username)) { this.AddValidationError("username", "Name is required"); } if (String.IsNullOrEmpty(email)) { this.AddValidationError("email", "Email is required"); } ValidatePassword(password, confirmPassword); try { if (ModelValidationResult.IsValid) { ChatUser user = membershipService.AddUser(username, email, password); return(this.CompleteLogin(authenticationTokenService, user)); } } catch (Exception ex) { this.AddValidationError("_FORM", ex.Message); } return(View["register"]); }; Post["/unlink"] = param => { if (Context.CurrentUser == null) { return(HttpStatusCode.Forbidden); } string provider = Request.Form.provider; ChatUser user = repository.GetUserById(Context.CurrentUser.UserName); if (user.Identities.Count == 1 && !user.HasUserNameAndPasswordCredentials()) { this.AddAlertMessage("error", "You cannot unlink this account because you would lose your ability to login."); return(Response.AsRedirect("~/account/#identityProviders")); } var identity = user.Identities.FirstOrDefault(i => i.ProviderName == provider); if (identity != null) { repository.Remove(identity); this.AddAlertMessage("success", String.Format("Successfully unlinked {0} account.", provider)); return(Response.AsRedirect("~/account/#identityProviders")); } return(HttpStatusCode.BadRequest); }; Post["/newpassword"] = _ => { if (Context.CurrentUser == null) { return(HttpStatusCode.Forbidden); } string password = Request.Form.password; string confirmPassword = Request.Form.confirmPassword; ValidatePassword(password, confirmPassword); ChatUser user = repository.GetUserById(Context.CurrentUser.UserName); try { if (ModelValidationResult.IsValid) { membershipService.SetUserPassword(user, password); repository.CommitChanges(); } } catch (Exception ex) { this.AddValidationError("_FORM", ex.Message); } if (ModelValidationResult.IsValid) { this.AddAlertMessage("success", "Successfully added a password."); return(Response.AsRedirect("~/account/#changePassword")); } return(GetProfileView(authService, user)); }; Post["/changepassword"] = _ => { if (Context.CurrentUser == null) { return(HttpStatusCode.Forbidden); } string oldPassword = Request.Form.oldPassword; string password = Request.Form.password; string confirmPassword = Request.Form.confirmPassword; if (String.IsNullOrEmpty(oldPassword)) { this.AddValidationError("oldPassword", "Old password is required"); } ValidatePassword(password, confirmPassword); ChatUser user = repository.GetUserById(Context.CurrentUser.UserName); try { if (ModelValidationResult.IsValid) { membershipService.ChangeUserPassword(user, oldPassword, password); repository.CommitChanges(); } } catch (Exception ex) { this.AddValidationError("_FORM", ex.Message); } if (ModelValidationResult.IsValid) { this.AddAlertMessage("success", "Successfully changed your password."); return(Response.AsRedirect("~/account/#changePassword")); } return(GetProfileView(authService, user)); }; Post["/changeusername"] = _ => { if (Context.CurrentUser == null) { return(HttpStatusCode.Forbidden); } string username = Request.Form.username; string confirmUsername = Request.Form.confirmUsername; ValidateUsername(username, confirmUsername); ChatUser user = repository.GetUserById(Context.CurrentUser.UserName); string oldUsername = user.Name; try { if (ModelValidationResult.IsValid) { membershipService.ChangeUserName(user, username); repository.CommitChanges(); } } catch (Exception ex) { this.AddValidationError("_FORM", ex.Message); } if (ModelValidationResult.IsValid) { notificationService.OnUserNameChanged(user, oldUsername, username); this.AddAlertMessage("success", "Successfully changed your username."); return(Response.AsRedirect("~/account/#changeUsername")); } return(GetProfileView(authService, user)); }; }
private void HandleUnallow(ChatUser user, string[] parts) { if (parts.Length == 1) { throw new InvalidOperationException("Which user to you want to revoke persmissions from?"); } string targetUserName = parts[1]; ChatUser targetUser = _repository.VerifyUser(targetUserName); if (parts.Length == 2) { throw new InvalidOperationException("Which room?"); } string roomName = parts[2]; ChatRoom targetRoom = _repository.VerifyRoom(roomName); _chatService.UnallowUser(user, targetUser, targetRoom); _notificationService.UnallowUser(targetUser, targetRoom); _repository.CommitChanges(); }
public NotificationsModule(IJabbrRepository repository, IChatService chatService, IChatNotificationService notificationService) : base("/notifications") { Get["/"] = _ => { if (!IsAuthenticated) { return(Response.AsRedirect(String.Format("~/account/login?returnUrl={0}", HttpUtility.UrlEncode(Request.Path)))); } var request = this.Bind <NotificationRequestModel>(); ChatUser user = repository.GetUserById(Principal.GetUserId()); int unreadCount = repository.GetUnreadNotificationsCount(user); IPagedList <NotificationViewModel> notifications = GetNotifications(repository, user, all: request.All, page: request.Page, roomName: request.Room); var viewModel = new NotificationsViewModel { ShowAll = request.All, UnreadCount = unreadCount, Notifications = notifications, }; return(View["index", viewModel]); }; Post["/markasread"] = _ => { if (!IsAuthenticated) { return(HttpStatusCode.Forbidden); } int notificationId = Request.Form.notificationId; Notification notification = repository.GetNotificationById(notificationId); if (notification == null) { return(HttpStatusCode.NotFound); } ChatUser user = repository.GetUserById(Principal.GetUserId()); if (notification.UserKey != user.Key) { return(HttpStatusCode.Forbidden); } notification.Read = true; repository.CommitChanges(); UpdateUnreadCountInChat(repository, notificationService, user); var response = Response.AsJson(new { success = true }); return(response); }; Post["/markallasread"] = _ => { if (!IsAuthenticated) { return(HttpStatusCode.Forbidden); } ChatUser user = repository.GetUserById(Principal.GetUserId()); IList <Notification> unReadNotifications = repository.GetNotificationsByUser(user).Unread().ToList(); if (!unReadNotifications.Any()) { return(HttpStatusCode.NotFound); } foreach (var notification in unReadNotifications) { notification.Read = true; } repository.CommitChanges(); UpdateUnreadCountInChat(repository, notificationService, user); var response = Response.AsJson(new { success = true }); return(response); }; }