// // GET: /Account/Manage public ActionResult Manage(ManageMessageId?message) { ViewBag.StatusMessage = message == ManageMessageId.ChangePasswordSuccess ? "Your password has been changed." : message == ManageMessageId.SetPasswordSuccess ? "Your password has been set." : message == ManageMessageId.RemoveLoginSuccess ? "The external login was removed." : message == ManageMessageId.RequestOneExternalLogin ? "You must one external login or local account." : ""; ViewBag.HasLocalPassword = OAuthWebSecurity.HasLocalAccount(MySqlWebSecurity.GetUserId(User.Identity.Name)); ViewBag.ReturnUrl = Url.Action("Manage"); var model = new ChangePropertyModel { LocalPasswordModel = new LocalPasswordModel(), PropertyModel = new PropertyModel(), }; using (var db = SimpleMembershipTestDbContext.CreateContext()) { var userProperties = db.UserProperties.SingleOrDefault(x => x.UserName == User.Identity.Name); if (userProperties != null) { model.PropertyModel = new PropertyModel { Age = userProperties.Age, Email = userProperties.Email, Facebook = userProperties.Facebook, FirstName = userProperties.FirstName, LastName = userProperties.LastName, Rate = userProperties.Rate, }; } } return(View(model)); }
//[ValidateAntiForgeryToken] public ActionResult Manage(ChangePropertyModel model) { bool hasLocalAccount = OAuthWebSecurity.HasLocalAccount(MySqlWebSecurity.GetUserId(User.Identity.Name)); ViewBag.HasLocalPassword = hasLocalAccount; ViewBag.ReturnUrl = Url.Action("Manage"); if (hasLocalAccount) { if (ModelState.IsValid) { // ChangePassword will throw an exception rather than return false in certain failure scenarios. bool changePasswordSucceeded = false; if (string.IsNullOrEmpty(model.LocalPasswordModel.ConfirmPassword) == true) { using (var db = SimpleMembershipTestDbContext.CreateContext()) { var userProperty = db.UserProperties.SingleOrDefault(x => x.UserName == User.Identity.Name); if (userProperty == null) { var userId = MySqlWebSecurity.GetUserId(User.Identity.Name); userProperty = new UserProperty { UserId = userId, UserName = User.Identity.Name, }; db.UserProperties.Add(userProperty); } userProperty.Age = model.PropertyModel.Age; userProperty.Email = model.PropertyModel.Email; userProperty.Facebook = model.PropertyModel.Facebook; userProperty.FirstName = model.PropertyModel.FirstName; userProperty.LastName = model.PropertyModel.LastName; userProperty.Rate = model.PropertyModel.Rate; changePasswordSucceeded = db.SaveChanges() > 0; } } else { try { changePasswordSucceeded = MySqlWebSecurity.ChangePassword(User.Identity.Name, model.LocalPasswordModel.OldPassword, model.LocalPasswordModel.NewPassword); } catch (Exception) { changePasswordSucceeded = false; } } if (changePasswordSucceeded == true) { return(RedirectToAction("Manage", new { Message = ManageMessageId.ChangePasswordSuccess })); } else { ModelState.AddModelError("", "The current password is incorrect or the new password is invalid."); } } } else { // User does not have a local password so remove any validation errors caused by a missing // OldPassword field ModelState state = ModelState["OldPassword"]; if (state != null) { state.Errors.Clear(); } if (ModelState.IsValid) { try { MySqlWebSecurity.CreateAccount(User.Identity.Name, model.LocalPasswordModel.NewPassword); return(RedirectToAction("Manage", new { Message = ManageMessageId.SetPasswordSuccess })); } catch (Exception e) { ModelState.AddModelError("", e); } } } // If we got this far, something failed, redisplay form return(View(model)); }