public ActionResult RemoveExternalLogins()
{
ICollection <OAuthAccount> accounts = OAuthWebSecurity.GetAccountsFromUserName(User.Identity.Name);
List <ExternalLogin> externalLogins = new List <ExternalLogin>();
foreach (OAuthAccount account in accounts)
{
AuthenticationClientData clientData = OAuthWebSecurity.GetOAuthClientData(account.Provider);
externalLogins.Add(new ExternalLogin
{
Provider = account.Provider,
ProviderDisplayName = clientData.DisplayName,
ProviderUserId = account.ProviderUserId,
});
}
ViewBag.ShowRemoveButton = externalLogins.Count > 1 || OAuthWebSecurity.HasLocalAccount(cog.WebSecurity.GetUserId(User.Identity.Name));
return(PartialView("_RemoveExternalLoginsPartial", externalLogins));
}
// deletes user from user table and membership tables.
public static void DeleteUser(User user)
{
var simpleRoles = (SimpleRoleProvider)Roles.Provider;
var simpleMembership = (SimpleMembershipProvider)Membership.Provider;
List <string> roles = new List <string>();
if (simpleRoles.IsUserInRole(user.Email, "Admin"))
{
roles.Add("Admin");
}
if (simpleRoles.IsUserInRole(user.Email, "Member"))
{
roles.Add("Member");
}
// possible OAuth account
var oAuths = OAuthWebSecurity.GetAccountsFromUserName(user.Email);
var oAuth = oAuths.Count > 0 ? oAuths.ToList()[0] : null;
// ** Unit of Work Pattern
using (var uow = new UnitOfWorkDistributed())
{
simpleRoles.RemoveUsersFromRoles(new string[] { user.Email }, roles.ToArray());
if (oAuth != null)
{
OAuthWebSecurity.DeleteAccount(oAuth.Provider, oAuth.ProviderUserId);
}
else
{
simpleMembership.DeleteAccount(user.Email);
}
simpleMembership.DeleteUser(user.Email, false);
uow.Complete();
}
}
public virtual ActionResult RemoveExternalSignIns()
{
ViewBag.ShowRemoveButton = OAuthWebSecurity.HasLocalAccount(WebSecurity.CurrentUserId);
var accounts = OAuthWebSecurity.GetAccountsFromUserName(User.Identity.Name);
var externalLogins = new List <ExternalLoginModel>();
foreach (var account in accounts)
{
var clientData = OAuthWebSecurity.GetOAuthClientData(account.Provider);
externalLogins.Add(new ExternalLoginModel {
Provider = account.Provider,
ProviderDisplayName = clientData.DisplayName,
ProviderUserKey = account.ProviderUserId,
});
}
return(PartialView(externalLogins));
}
public ActionResult RemoveExternalLogins()
{
var accounts = OAuthWebSecurity.GetAccountsFromUserName(this.User.Identity.Name);
var externalLogins = new List <ExternalLogin>();
foreach (var account in accounts)
{
var clientData = OAuthWebSecurity.GetOAuthClientData(account.Provider);
externalLogins.Add(new ExternalLogin
{
Provider = account.Provider,
ProviderDisplayName = clientData.DisplayName,
ProviderUserId = account.ProviderUserId,
});
}
this.ViewBag.ShowRemoveButton = externalLogins.Count > 1 ||
OAuthWebSecurity.HasLocalAccount(
WebSecurity.GetUserId(this.User.Identity.Name));
return(this.PartialView("_RemoveExternalLoginsPartial", externalLogins));
}
public static LinkAccountModel ForUser(IDataContext context, IIdentity identity)
{
var user = context.GetUser(identity);
var allProviders = OAuthWebSecurity.RegisteredClientData.Select(c => c.DisplayName).ToArray();
// Match each linked provider to the member of allProviders as allProviders has proper casing (Google, not google)
var linkedProviders = OAuthWebSecurity.GetAccountsFromUserName(user.MembershipUserIdentifier)
.Select(lp => allProviders.Single(ap => ap.ToLower() == lp.Provider.ToLower()))
.ToArray();
var loginMethodCount = linkedProviders.Count() + (OAuthWebSecurity.HasLocalAccount(user.UserId) ? 1 : 0);
var model = new LinkAccountModel()
{
OpenIDProvidersLinked = linkedProviders,
OpenIDProvidersAvailable = allProviders.Where(p => !linkedProviders.Contains(p)),
AllowRemovingLogin = loginMethodCount > 1
};
return(model);
}
public ExternalAccounts ExternalAccounts()
{
ICollection <OAuthAccount> accounts = OAuthWebSecurity.GetAccountsFromUserName(User.Identity.Name);
List <ExternalLogin> externalLogins = new List <ExternalLogin>();
foreach (OAuthAccount account in accounts)
{
AuthenticationClientData clientData = OAuthWebSecurity.GetOAuthClientData(account.Provider);
externalLogins.Add(new ExternalLogin
{
Provider = account.Provider,
ProviderDisplayName = clientData.DisplayName,
ProviderUserId = account.ProviderUserId,
});
}
ExternalAccounts externalLoginList = new ExternalAccounts();
externalLoginList.ExternalLogins = externalLogins;
externalLoginList.ShowRemoveButton = externalLogins.Count > 1 || OAuthWebSecurity.HasLocalAccount(WebSecurity.GetUserId(User.Identity.Name));
return(externalLoginList);
}
public ActionResult Disassociate(string provider, string providerUserId)
{
string ownerAccount = OAuthWebSecurity.GetUserName(provider, providerUserId);
ManageMessageId?message = null;
if (ownerAccount == User.Identity.Name)
{
using (var scope = new TransactionScope(TransactionScopeOption.Required, new TransactionOptions {
IsolationLevel = IsolationLevel.Serializable
}))
{
bool hasLocalAccount = OAuthWebSecurity.HasLocalAccount(WebSecurity.GetUserId(User.Identity.Name));
if (hasLocalAccount || OAuthWebSecurity.GetAccountsFromUserName(User.Identity.Name).Count > 1)
{
OAuthWebSecurity.DeleteAccount(provider, providerUserId);
scope.Complete();
message = ManageMessageId.RemoveLoginSuccess;
}
}
}
return(RedirectToAction("Manage", new { Message = message }));
}
public ActionResult Disassociate(string provider, string providerUserId)
{
string ownerAccount = OAuthWebSecurity.GetUserName(provider, providerUserId);
ManageMessageId? message = null;
// Only disassociate the account if the currently logged in user is the owner
if (ownerAccount == User.Identity.Name)
{
// Use a transaction to prevent the user from deleting their last login credential
using (var scope = new TransactionScope(TransactionScopeOption.Required, new TransactionOptions { IsolationLevel = IsolationLevel.Serializable }))
{
bool hasLocalAccount = OAuthWebSecurity.HasLocalAccount(WebSecurity.GetUserId(User.Identity.Name));
if (hasLocalAccount || OAuthWebSecurity.GetAccountsFromUserName(User.Identity.Name).Count > 1)
{
OAuthWebSecurity.DeleteAccount(provider, providerUserId);
scope.Complete();
message = ManageMessageId.RemoveLoginSuccess;
}
}
}
return RedirectToAction("Manage", new { Message = message });
}
public ActionResult ForceWixUserSignIn(string email, string returnUrl, string trackingId = null)
{
string error = null;
bool loginResult;
var qs_params = ParseReturnUrlQS(returnUrl);
//check if external login
var externalLogin = OAuthWebSecurity.GetAccountsFromUserName(email).FirstOrDefault();
if (externalLogin != null)
{
var result = externalLogin;
loginResult = OAuthWebSecurity.Login(result.Provider, result.ProviderUserId, IS_PERSISTENT_COOKIE) && CreateAuthenticationTicket(email, string.Empty, trackingId, out error);
}
else
{
loginResult = CreateAuthenticationTicket(email, string.Empty, trackingId, out error);
}
//ALWAYS return true , otherwise it could create endless loop on trying to login
return(RedirectToAction("WixLoginResultHandler", "Account", new { area = "WixEndPoint", success = true, qs_params.instanceToken, qs_params.uid, qs_params.instanceId, origCompIdToken = qs_params.origCompId, compIdToken = qs_params.compId, error = error + (loginResult ? "" : "something went wrong") }));
}
public ActionResult Disassociate(string provider, string providerUserId)
{
string ownerAccount = OAuthWebSecurity.GetUserName(provider, providerUserId);
ManageMessageId? message = null;
// Удалять связь учетной записи, только если текущий пользователь — ее владелец
if (ownerAccount == User.Identity.Name)
{
// Транзакция используется, чтобы помешать пользователю удалить учетные данные последнего входа
using (var scope = new TransactionScope(TransactionScopeOption.Required, new TransactionOptions { IsolationLevel = IsolationLevel.Serializable }))
{
bool hasLocalAccount = OAuthWebSecurity.HasLocalAccount(WebSecurity.GetUserId(User.Identity.Name));
if (hasLocalAccount || OAuthWebSecurity.GetAccountsFromUserName(User.Identity.Name).Count > 1)
{
OAuthWebSecurity.DeleteAccount(provider, providerUserId);
scope.Complete();
message = ManageMessageId.RemoveLoginSuccess;
}
}
}
return RedirectToAction("Manage", new { Message = message });
}
public ActionResult ExternalLoginsList(string returnUrl)
{
List <AuthenticationClientData> clientData = new List <AuthenticationClientData>();
if (WebSecurity.IsAuthenticated)
{
List <string> accounts = (from account in OAuthWebSecurity.GetAccountsFromUserName(User.Identity.Name) select account.Provider).ToList();
ICollection <AuthenticationClientData> allClients = OAuthWebSecurity.RegisteredClientData;
foreach (AuthenticationClientData client in allClients)
{
if (accounts.Contains(client.AuthenticationClient.ProviderName) == false)
{
clientData.Add(client);
}
}
}
else
{
clientData = OAuthWebSecurity.RegisteredClientData.ToList();
}
ViewBag.ReturnUrl = returnUrl;
return(PartialView("_ExternalLoginsListPartial", clientData));
}
public bool Disassociate(string provider, string providerUserId)
{
bool success = false;
string ownerAccount = OAuthWebSecurity.GetUserName(provider, providerUserId);
// Only disassociate the account if the currently logged in user is the owner
if (ownerAccount == CurrentUser.Identity.Name)
{
// Use a transaction to prevent the user from deleting their last login credential
using (var scope = new System.Transactions.TransactionScope(TransactionScopeOption.Required, new TransactionOptions {
IsolationLevel = IsolationLevel.Serializable
}))
{
bool hasLocalAccount = OAuthWebSecurity.HasLocalAccount(WebSecurity.GetUserId(CurrentUser.Identity.Name));
if (hasLocalAccount || OAuthWebSecurity.GetAccountsFromUserName(CurrentUser.Identity.Name).Count > 1)
{
OAuthWebSecurity.DeleteAccount(provider, providerUserId);
scope.Complete();
success = true;
}
}
}
return(success);
}
public HttpResponseMessage Disassociate(DissasociateModel model)
{
string ownerAccount = OAuthWebSecurity.GetUserName(model.Provider, model.ProviderUserId);
// Dissasociate account if authenticated user is the owner
if (ownerAccount == User.Identity.Name)
{
// Using transaction to avoid dissasociation of the last linked account
using (var scope = new TransactionScope(TransactionScopeOption.Required, new TransactionOptions {
IsolationLevel = IsolationLevel.Serializable
}))
{
bool hasLocalAccount = OAuthWebSecurity.HasLocalAccount(WebSecurity.GetUserId(User.Identity.Name));
if (hasLocalAccount || OAuthWebSecurity.GetAccountsFromUserName(User.Identity.Name).Count > 1)
{
OAuthWebSecurity.DeleteAccount(model.Provider, model.ProviderUserId);
scope.Complete();
}
}
return(Request.CreateResponse(HttpStatusCode.OK, "Account succesfully dissasociated"));
}
throw new HttpResponseException(Request.CreateErrorResponse(HttpStatusCode.BadRequest, "You are not the account owner"));
}
public ICollection <OAuthAccount> GetAccountsFromUserName(string userName)
{
return(OAuthWebSecurity.GetAccountsFromUserName(userName));
}
public IEnumerable <ViewCommentHistory> Get([FromUri] int Id)
{
List <Comment> list = _db.Comment.Select(c => c).Where(c => c.ProposalId == Id).ToList();
List <ViewCommentHistory> output = new List <ViewCommentHistory>();
foreach (var item in list)
{
Models.User user = _db.User.FirstOrDefault(c => c.UserId == item.CreatedBy);
if (item.CreatedBy == WebSecurity.CurrentUserId)//check if owner of the comment
{
output.Add(new ViewCommentHistory {
Id = item.Id.ToString(), Body = item.Body, CreatedBy = user.Name, DateCreated = item.CreatedDate.ToString(@"yyyy-MM-ddTHH\:mm\:ss.fffffffzzz"), UserId = user.Id.ToString(), isFacebook = false
});
}
else
{
output.Add(new ViewCommentHistory {
Body = item.Body, CreatedBy = user.Name, DateCreated = item.CreatedDate.ToString(@"yyyy-MM-ddTHH\:mm\:ss.fffffffzzz"), UserId = user.UserId.ToString(), isFacebook = false
});
}
}
//get a service facebook or twitter
Service service = _db.User.FirstOrDefault(c => c.UserId == WebSecurity.CurrentUserId).Services.FirstOrDefault(c => c.Provider == "facebook");
if (service != null)
{
FacebookAPI facebook = new FacebookAPI(service.Token);
Proposal proposal = _db.Proposal.FirstOrDefault(c => c.Id == Id && c.FacebookPostId != null && c.FacebookPostId != "");
if (proposal != null)
{
dynamic comments = facebook.getComments(proposal.FacebookPostId); //get facebook post comments
if ((comments is int) == false && comments != null && comments.ContainsKey("data"))
{
foreach (dynamic item in comments.data)
{
string id = item.id;
string body = item.message;
string created_date = item.created_time;
string created_by = item.from.name;
string created_by_facebookID = item.from.id;
string userID = OAuthWebSecurity.GetUserName("facebook", created_by_facebookID);
var LoggedInUserID = OAuthWebSecurity.GetAccountsFromUserName(userID).FirstOrDefault(c => c.Provider == "facebook").ProviderUserId;
if (LoggedInUserID != null && LoggedInUserID == created_by_facebookID)
{
output.Add(new ViewCommentHistory {
Id = id, Body = body, DateCreated = created_date, CreatedBy = created_by, UserId = created_by_facebookID, isFacebook = true, Artist = false
});
}
else
{
output.Add(new ViewCommentHistory {
Body = body, DateCreated = created_date, CreatedBy = created_by, UserId = created_by_facebookID, isFacebook = true, Artist = false
});
}
}
}
output = output.OrderByDescending(c => DateTime.Parse(c.DateCreated)).ToList(); //reorder the comments
if (proposal.FacebookPostIdArtist != "" && proposal.FacebookPostIdArtist != null) //used to identify if an artist post has been made if yes then grab the latest comment from Artist
{
comments = facebook.getComments(proposal.FacebookPostIdArtist);
if ((comments is int) == false && comments != null && comments.ContainsKey("data"))
{
foreach (dynamic item in comments.data)
{
string id = item.id;
string body = item.message;
string created_date = item.created_time;
string created_by = item.from.name;
string created_by_facebookID = item.from.id;
output.Insert(0, new ViewCommentHistory {
Body = body, DateCreated = created_date, CreatedBy = created_by, UserId = created_by_facebookID, isFacebook = true, Artist = true
});
break;
}
}
}
}
proposal = _db.Proposal.FirstOrDefault(c => c.Id == Id && c.FacebookPostId != null && c.FacebookPostId != "");
}
output = output.OrderByDescending(c => DateTime.Parse(c.DateCreated)).ToList();
return(output.ToList());
}
