Esempio n. 1
0
        public async Task <ActionResult> ExternalLoginCallback(string returnUrl)
        {
            var ReturnUrl = "Index";

            if (TempData["ReturnUrl"] != null)
            {
                ReturnUrl = TempData["ReturnUrl"].ToString();
            }

            var loginInfo = await AuthenticationManager.GetExternalLoginInfoAsync();

            if (loginInfo == null)
            {
                return(RedirectToAction("Login", "Home"));
            }

            // Sign in the user with this external login provider if the user already has a login
            var result = await SignInManager.ExternalSignInAsync(loginInfo, isPersistent : false);

            switch (result)
            {
            case SignInStatus.Success:
                return(RedirectToLocal(returnUrl));

            case SignInStatus.LockedOut:
                return(View("Lockout"));

            case SignInStatus.RequiresVerification:
                return(RedirectToAction("SendCode", new { ReturnUrl = returnUrl, RememberMe = false }));

            case SignInStatus.Failure:
            default:
                // If the user does not have an account, then prompt the user to create an account
                ViewBag.ReturnUrl     = returnUrl;
                ViewBag.LoginProvider = loginInfo.Login.LoginProvider;

                //Check if New Oauth Login
                if (!db.Accounts.Any(s => s.Email == loginInfo.Email))
                {
                    //Add registration
                    try
                    {
                        SecurityFunctions.AddNewRegistration(loginInfo.Email, AppFunctions.GetUsernameFromEmail(loginInfo.Email), true);
                    }
                    catch (Exception ex)
                    {
                        Console.WriteLine(ex);
                        //Log Error
                        SecurityFunctions.LogError(ex, loginInfo.Email, "ExternalLoginCallback", returnUrl);
                    }
                }


                //Login valid
                var SessionID = SecurityFunctions.ComputeSha256Hash(AppFunctions.RandomString(12).ToString());
                if (!SecurityFunctions.AddLoginInfo(loginInfo.Email, DateTime.Now, 0, 0, null, 0, SessionID, DateTime.Now))
                {
                    //Think of what to do here
                    //Log Error
                    //SecurityFunctions.LogError(ex, loginInfo.Email, "ExternalLoginCallback", returnUrl);
                }

                //My Custom Edits
                SecurityFunctions Security = new SecurityFunctions();
                Session["sessionID"]         = SessionID;
                Session["sessionEmail"]      = loginInfo.Email;
                Session["sessionFullName"]   = Security.ReturnAccountData(loginInfo.Email, "FirstName") + " " + Security.ReturnAccountData(loginInfo.Email, "LastName");
                Session["sessionProfilePic"] = Security.ReturnAccountData(loginInfo.Email, "DirectoryName") + "/" + Security.ReturnAccountProfilePic(loginInfo.Email);
                Session["sessionOauth"]      = true;
                if (string.IsNullOrEmpty(Security.ReturnAccountData(loginInfo.Email, "FirstName")))
                {
                    Session["sessionFullName"] = loginInfo.Email;
                }

                Session["sessionProfilePic"] = Security.ReturnAccountData(loginInfo.Email, "DirectoryName") + "/" + Security.ReturnAccountProfilePic(loginInfo.Email);
                if (string.IsNullOrEmpty(Security.ReturnAccountData(loginInfo.Email, "DirectoryName")) || string.IsNullOrEmpty(Security.ReturnAccountProfilePic(loginInfo.Email)))
                {
                    Session["sessionProfilePic"] = AppFunctions.GetDefaultProfileLink();
                }

                //Set Admin Session Values
                //System Admin
                int sys_admin_id = AppFunctions.GetRoleID("SystemAdmin");
                if (AppFunctions.ValidateUserRole(sys_admin_id))
                {
                    Session["sessionSystemAdmin"] = true;
                }

                //Editor
                int editor_id = AppFunctions.GetRoleID("Editor");
                if (AppFunctions.ValidateUserRole(editor_id))
                {
                    Session["sessionEditor"] = true;
                }

                //Author
                int author_id = AppFunctions.GetRoleID("Author");
                if (AppFunctions.ValidateUserRole(author_id))
                {
                    Session["sessionAuthor"] = true;
                }

                //Censor
                int censor_id = AppFunctions.GetRoleID("Censor");
                if (AppFunctions.ValidateUserRole(censor_id))
                {
                    Session["sessionCensor"] = true;
                }

                //Advertiser
                int advitiser_id = AppFunctions.GetRoleID("Advertiser");
                if (AppFunctions.ValidateUserRole(censor_id))
                {
                    Session["sessionAdvertiser"] = true;
                }

                if (AppFunctions.UserHasRole())    //ie user has an admin role
                {
                    return(RedirectToAction("Index", "Admin"));
                }


                //If user (Currently always the case)
                if (!string.IsNullOrEmpty(ReturnUrl) && ReturnUrl != "Index")
                {
                    //return Redirect(ReturnUrl);
                }
                return(RedirectToAction("Index", "Home"));

                //Overriding
                //return View("ExternalLoginConfirmation", new ExternalLoginConfirmationViewModel { Email = loginInfo.Email });
            }
        }
Esempio n. 2
0
        public ActionResult Login(AccountsModel usersmodel)
        {
            var returnController = "Home";
            var returnAction     = "Index";

            if (!string.IsNullOrEmpty(Request.Form["returnController"]) && !string.IsNullOrEmpty(Request.Form["returnAction"]))
            {
                returnController = Request.Form["returnController"];
                returnAction     = Request.Form["returnAction"];
            }

            //If both inputs not empty
            if (!string.IsNullOrEmpty(Request.Form["userEmail"]) && !string.IsNullOrEmpty(Request.Form["userPassword"]))
            {
                var user_email    = Request.Form["userEmail"];
                var user_password = Request.Form["userPassword"]; //Hash password
                var remember      = Request.Form["RememberMe"];
                //bool remember_me = false;   //Convert.ToBoolean(Request.Form["RememberMe"]);

                SecurityFunctions Security = new SecurityFunctions();
                if (Security.IsLoginValid(user_email, user_password))
                {
                    //Check if account is active
                    int AccountStatus = Security.ReturnAccountStatus(user_email);
                    if (AccountStatus == 0)
                    {
                        //Login valid but pending approval
                        TempData["ProcessLoginFailureMessage"] = "This account has not yet been approved by the administrator.";
                        TempData["displayModal"] = "loginModal";
                        return(RedirectToAction(returnAction, returnController));
                    }

                    if (AccountStatus == 2)
                    {
                        //Login valid but pending approval
                        TempData["ProcessLoginFailureMessage"] = "This account is currently suspended. Please contact us at (+90) 5314950226 or send us a message.";
                        TempData["displayModal"] = "loginModal";
                        return(RedirectToAction(returnAction, returnController));
                    }

                    //Valid Login Status
                    if (Security.IsAccountLocked(user_email))
                    {
                        //Login valid but account locked
                        TempData["ProcessLoginFailureMessage"] = "This account is currently locked. Try again later.";
                        TempData["displayModal"] = "loginModal";
                        return(RedirectToAction(returnAction, returnController));
                    }

                    //If All Good
                    if (AccountStatus == 1)
                    {
                        //Login valid
                        var SessionID = SecurityFunctions.ComputeSha256Hash(AppFunctions.RandomString(12).ToString());
                        if (!SecurityFunctions.AddLoginInfo(user_email, DateTime.Now, 0, 0, null, 0, SessionID, DateTime.Now))
                        {
                            //Think of what to do here
                            //Log Error
                        }

                        Session["sessionID"]       = SessionID;
                        Session["sessionEmail"]    = user_email;
                        Session["sessionFullName"] = Security.ReturnAccountData(user_email, "FirstName") + " " + Security.ReturnAccountData(user_email, "LastName");
                        Session["sessionOauth"]    = false;

                        if (string.IsNullOrEmpty(Security.ReturnAccountData(user_email, "FirstName")))
                        {
                            Session["sessionFullName"] = user_email;
                        }

                        Session["sessionProfilePic"] = Security.ReturnAccountData(user_email, "DirectoryName") + "/" + Security.ReturnAccountProfilePic(user_email);
                        if (string.IsNullOrEmpty(Security.ReturnAccountData(user_email, "DirectoryName")) || string.IsNullOrEmpty(Security.ReturnAccountProfilePic(user_email)))
                        {
                            Session["sessionProfilePic"] = AppFunctions.GetDefaultProfileLink();
                        }

                        //Set Admin Session Values
                        //System Admin
                        int sys_admin_id = AppFunctions.GetRoleID("SystemAdmin");
                        if (AppFunctions.ValidateUserRole(sys_admin_id))
                        {
                            Session["sessionSystemAdmin"] = true;
                        }

                        //Editor
                        int editor_id = AppFunctions.GetRoleID("Editor");
                        if (AppFunctions.ValidateUserRole(editor_id))
                        {
                            Session["sessionEditor"] = true;
                        }

                        //Author
                        int author_id = AppFunctions.GetRoleID("Author");
                        if (AppFunctions.ValidateUserRole(author_id))
                        {
                            Session["sessionAuthor"] = true;
                        }

                        //Censor
                        int censor_id = AppFunctions.GetRoleID("Censor");
                        if (AppFunctions.ValidateUserRole(censor_id))
                        {
                            Session["sessionCensor"] = true;
                        }

                        //Advertiser
                        int advitiser_id = AppFunctions.GetRoleID("Advertiser");
                        if (AppFunctions.ValidateUserRole(censor_id))
                        {
                            Session["sessionAdvertiser"] = true;
                        }

                        if (AppFunctions.UserHasRole())//ie user has an admin role
                        {
                            return(RedirectToAction("Index", "Admin"));
                        }

                        return(RedirectToAction("Index", "User"));
                    }
                }
                else
                {
                    //Login not valid
                    TempData["ProcessLoginFailureMessage"] = "Wrong username or password! Please try again.";
                    TempData["displayModal"] = "loginModal";

                    return(RedirectToAction(returnAction, returnController));
                }
            }

            // If we got this far, something failed, redisplay form
            //Login not valid
            TempData["ProcessLoginFailureMessage"] = "Email and password field required.";
            TempData["displayModal"] = "loginModal";

            return(RedirectToAction(returnAction, returnController));
        }