//public ActionResult Disassociate(string provider, string providerUserId) //{ // string ownerAccount = OAuthWebSecurity.GetUserName(provider, providerUserId); // ManageMessageId? message = null; // // Only disassociate the account if the currently logged in user is the owner // if (ownerAccount == User.Identity.Name) // { // // Use a transaction to prevent the user from deleting their last login credential // using (var scope = new TransactionScope(TransactionScopeOption.Required, new TransactionOptions { IsolationLevel = IsolationLevel.Serializable })) // { // bool hasLocalAccount = OAuthWebSecurity.HasLocalAccount(WebSecurity.GetUserId(User.Identity.Name)); // if (hasLocalAccount || OAuthWebSecurity.GetAccountsFromUserName(User.Identity.Name).Count > 1) // { // OAuthWebSecurity.DeleteAccount(provider, providerUserId); // scope.Complete(); // message = ManageMessageId.RemoveLoginSuccess; // } // } // } // return RedirectToAction("Manage", new { Message = message }); //} // // GET: /Account/Manage //public ActionResult Manage(ManageMessageId? message) //{ // ViewBag.StatusMessage = // message == ManageMessageId.ChangePasswordSuccess ? "Your password has been changed." // : message == ManageMessageId.SetPasswordSuccess ? "Your password has been set." // : message == ManageMessageId.RemoveLoginSuccess ? "The external login was removed." // : ""; // ViewBag.HasLocalPassword = OAuthWebSecurity.HasLocalAccount(WebSecurity.GetUserId(User.Identity.Name)); // ViewBag.ReturnUrl = Url.Action("Manage"); // return View(); //} // // POST: /Account/Manage public ActionResult Manage(LocalPasswordModel model) { LoginModel model1 = new LoginModel(); CCIRepository _repository = CCIRepository.CreateRepository(); bool hasLocalAccount = AuthCheck(model.OldPassword); // bool hasLocalAccount = OAuthWebSecurity.HasLocalAccount(WebSecurity.GetUserId(User.Identity.Name)); ViewBag.HasLocalPassword = hasLocalAccount; ViewBag.ReturnUrl = Url.Action("Manage"); if (hasLocalAccount) { if (ModelState.IsValid) { // ChangePassword will throw an exception rather than return false in certain failure scenarios. bool changePasswordSucceeded; try { changePasswordSucceeded = _repository.UpadatePass(model); //changePasswordSucceeded = WebSecurity.ChangePassword(User.Identity.Name, model.OldPassword, model.NewPassword); } catch (Exception) { changePasswordSucceeded = false; } if (changePasswordSucceeded) { return(RedirectToAction("Manage", new { Message = ManageMessageId.ChangePasswordSuccess })); } else { ModelState.AddModelError("", "The current password is incorrect or the new password is invalid."); } } } else { ModelState.AddModelError("", "The current password is incorrect or the new password is invalid."); // User does not have a local password so remove any validation errors caused by a missing // OldPassword field //ModelState state = ModelState["OldPassword"]; //if (state != null) //{ // state.Errors.Clear(); //} //if (ModelState.IsValid) //{ // try // { // WebSecurity.CreateAccount(User.Identity.Name, model.NewPassword); // return RedirectToAction("Manage", new { Message = ManageMessageId.SetPasswordSuccess }); // } // catch (Exception) // { // ModelState.AddModelError("", String.Format("Unable to create local account. An account with the name \"{0}\" may already exist.", User.Identity.Name)); // } //} } // If we got this far, something failed, redisplay form return(View(model)); }