private string AddNewMember(AccountRegistration data, Func<Member> memberCallback, string noticeTemplate)
{
if (string.IsNullOrWhiteSpace(data.Email))
return "Email is required";
if (!Regex.IsMatch(data.Email, @"^\S+@\S+\.\S+$"))
return "Unrecognized email address";
if (string.IsNullOrWhiteSpace(data.Username))
return "Username is required";
if (data.Username.Length < 3)
return "Username must be 3 or more characters";
if (data.Username.Length > 200)
return "Username must be less than 200 characters";
if (!Regex.IsMatch(data.Username, @"^[a-zA-Z0-9\.\-_]+$"))
return "Username can only contain numbers, letters, and the characters '.', '-', and '_'";
if (membership.GetUser(data.Username, false) != null)
return "Username is already taken";
if (string.IsNullOrWhiteSpace(data.Password))
return "Password is required";
if (data.Password.Length < 6)
return "Password must be at least 6 characters";
if (data.Password.Length > 64)
return "Password must be less than 64 characters";
MembershipCreateStatus status;
var user = membership.CreateUser(data.Username, data.Password, data.Email, null, null, false, null, out status);
if (status != MembershipCreateStatus.Success)
return "Could not create user";
try
{
System.Web.Security.FormsAuthenticationTicket ticket = new System.Web.Security.FormsAuthenticationTicket(data.Username, false, 5);
Thread.CurrentPrincipal = new System.Web.Security.RolePrincipal(new System.Web.Security.FormsIdentity(ticket));
var member = memberCallback();
SarMembership.KcsarUserProfile profile = ProfileBase.Create(data.Username) as SarMembership.KcsarUserProfile;
if (profile != null)
{
profile.FirstName = member.FirstName;
profile.LastName = member.LastName;
profile.LinkKey = member.Id.ToString();
profile.Save();
}
string mailSubject = string.Format("{0} account verification", ConfigurationManager.AppSettings["dbNameShort"] ?? "KCSARA");
string mailTemplate = File.ReadAllText(Path.Combine(AppDomain.CurrentDomain.BaseDirectory, "Templates", "Email", noticeTemplate));
string mailBody = mailTemplate
.Replace("%Username%", data.Username)
.Replace("%VerifyLink%", new Uri(this.Request.RequestUri, Url.Route("Default", new { httproute = "", controller = "Account", action = "Verify", id = data.Username })).AbsoluteUri + "?key=" + user.ProviderUserKey.ToString())
.Replace("%WebsiteContact%", ConfigurationManager.AppSettings["MailFrom"] ?? "*****@*****.**");
db.SaveChanges();
EmailService.SendMail(data.Email, mailSubject, mailBody);
}
catch (Exception ex)
{
log.Error(ex.ToString());
membership.DeleteUser(data.Username, true);
return "An error occured while creating your user account";
}
return "OK";
}
public string Register(AccountRegistration data)
{
var emailCheck = CheckEmail(data.Email);
if (emailCheck != RegistrationEmailStatus.Ready)
{
throw new InvalidOperationException("Email verification returned: " + emailCheck.ToString());
}
if (CheckUsername(data.Username) != "Available")
{
throw new InvalidOperationException("Username not available");
}
Guid memberId = Guid.Empty;
var result = AddNewMember(data, () =>
{
var member = db.PersonContact.Where(f => f.Type == "email" && f.Value == data.Email).Select(f => f.Person).Single();
memberId = member.Id;
var now = DateTime.Now;
// For all units where the member is active and they have accounts turned on...
foreach (var unit in member.Memberships.Where(f => f.Activated < now && (f.EndTime == null || f.EndTime > now) && f.Status.GetsAccount).Select(f => f.Unit))
{
string roleName = string.Format("sec.{0}.members", unit.DisplayName.Replace(" ", "").ToLowerInvariant());
// Give them rights as a member of the unit.
if (System.Web.Security.Roles.RoleExists(roleName))
{
System.Web.Security.Roles.AddUserToRole(data.Username, roleName);
}
}
return member;
}, "register-account.html");
if (result == "OK" && memberId != Guid.Empty)
{
var member = db.Members.Single(f => f.Id == memberId);
member.Username = data.Username;
db.SaveChanges();
}
return result;
}
