public ActionResult ResourceModel(string modelName) { if (string.IsNullOrEmpty(modelName)) { return(JsonResultEx.Create(HttpStatusCode.NotFound)); } var modelDescriptionGenerator = _configuration.GetModelDescriptionGenerator(); ModelDescription modelDescription; if (modelDescriptionGenerator.GeneratedModels.TryGetValue(modelName, out modelDescription)) { return(PartialView(modelDescription)); } if (!TryInitialize()) { return(JsonResultEx.Create(HttpStatusCode.NotFound)); } // retry if (modelDescriptionGenerator.GeneratedModels.TryGetValue(modelName, out modelDescription)) { return(PartialView(modelDescription)); } return(JsonResultEx.Create(HttpStatusCode.NotFound)); }
public async Task <ActionResult> Register(RegisterViewModel model) { if (ModelState.IsValid) { var applicationUserCreateOptions = _mapping.Map <ApplicationUserCreateOptions>(model); var result = await _membershipService.CreateUser(applicationUserCreateOptions).ConfigureAwait(false); if (result.Succeeded) { var user = await _membershipService.GetUser(model.Email).ConfigureAwait(false); await _applicationSignInManager.SignInAsync(user, isPersistent : false, rememberBrowser : false); // For more information on how to enable account confirmation and password reset please visit http://go.microsoft.com/fwlink/?LinkID=320771 // Send an email with this link // string code = await UserManager.GenerateEmailConfirmationTokenAsync(user.Id); // var callbackUrl = Url.Action("ConfirmEmail", "Account", new { userId = user.Id, code = code }, protocol: Request.Url.Scheme); // await UserManager.SendEmailAsync(user.Id, "Confirm your account", "Please confirm your account by clicking <a href=\"" + callbackUrl + "\">here</a>"); return(JsonResultEx.Create()); } AddErrors(result); } return(JsonResultEx.Create(ModelState)); }
public async Task <ActionResult> Index(ApplicationUserQueryViewModel model) { var applicationUserQueryOptions = _mapping.Map <ApplicationUserQueryOptions>(model); var applicationUsers = await _membershipService.GetUsers(applicationUserQueryOptions).ToPagedListAsync(model).ConfigureAwait(false); var viewModel = _mapping.Map <PagedListViewModel <ApplicationUserListViewModel> >(applicationUsers); return(JsonResultEx.Create(viewModel)); }
public ActionResult Api(string apiId) { if (string.IsNullOrEmpty(apiId)) { return(JsonResultEx.Create(HttpStatusCode.NotFound)); } var apiModel = _configuration.GetHelpPageApiModel(apiId); if (apiModel != null) { return(PartialView(apiModel)); } return(JsonResultEx.Create(HttpStatusCode.NotFound)); }
public async Task <ActionResult> Edit(Guid id) { var applicationUser = await _membershipService.GetUser(id).ConfigureAwait(false); if (applicationUser == null) { return(JsonResultEx.Create(HttpStatusCode.NotFound)); } return(JsonResultEx.Create(new { RoleList = await _membershipService.GetRoles().Select(x => x.Name).ToListAsync().ConfigureAwait(false), ClaimList = await _membershipService.GetClaimTypes().ToListAsync().ConfigureAwait(false), Model = _mapping.Map <ApplicationUserViewModel>(applicationUser) })); }
public async Task <ActionResult> Login(LoginViewModel model, string returnUrl) { if (!ModelState.IsValid) { return(JsonResultEx.Create(ModelState)); } var result = await _applicationSignInManager.PasswordSignInAsync(model.Email, model.Password, model.RememberMe, shouldLockout : false).ConfigureAwait(false); switch (result) { case SignInStatus.Success: return(JsonResultEx.Create()); case SignInStatus.LockedOut: case SignInStatus.RequiresVerification: case SignInStatus.Failure: default: ModelState.AddModelError("", "Invalid login attempt."); return(JsonResultEx.Create(ModelState)); } }
public async Task <ActionResult> Password(ChangePasswordViewModel model) { if (!ModelState.IsValid) { return(JsonResultEx.Create(ModelState)); } var result = await _applicationUserManager.ChangePasswordAsync(User.Identity.GetUserId(), model.OldPassword, model.NewPassword).ConfigureAwait(false); if (result.Succeeded) { var user = await _applicationUserManager.FindByIdAsync(User.Identity.GetUserId()).ConfigureAwait(false); if (user != null) { await _applicationSignInManager.SignInAsync(user, isPersistent : false, rememberBrowser : false).ConfigureAwait(false); } return(JsonResultEx.Create()); } AddErrors(result); return(JsonResultEx.Create(ModelState)); }
public async Task <ActionResult> Update(Guid id, ApplicationUserUpdateViewModel model) { if (!ModelState.IsValid) { return(JsonResultEx.Create(ModelState)); } // create role if not exists model.Roles = (model.Roles ?? new List <string>()).Distinct(); var roles = await _membershipService.GetRoles().Select(x => x.Name).ToListAsync().ConfigureAwait(false); foreach (var role in model.Roles) { if (!roles.Contains(role)) { await _membershipService.CreateRole(role); } } var applicationUserUpdateOptions = _mapping.Map <ApplicationUserUpdateOptions>(model, options => options.Items.Add(nameof(id), id)); var result = await _membershipService.UpdateUser(applicationUserUpdateOptions).ConfigureAwait(false); return(JsonResultEx.Create(result)); }
public ActionResult LogOff() { _authenticationManager.SignOut(DefaultAuthenticationTypes.ApplicationCookie); return(JsonResultEx.Create()); }
public ActionResult CurrentUser() { var currentUser = _mapping.Map <CurrentUserViewModel>(User.Identity); return(JsonResultEx.Create(currentUser)); }
public override void OnActionExecuting(ActionExecutingContext filterContext) { var currentController = ((Controller)filterContext.Controller); if (!currentController.ModelState.IsValid) { var errorMessageBuilder = new StringBuilder(); var errorMessage = string.Empty; currentController.ModelState.Values.Select(value => value.Errors.Select(error => { if (!error.ErrorMessage.IsNullOrEmpty()) { errorMessageBuilder.AppendLine(error.ErrorMessage); } else { errorMessageBuilder.AppendLine(ExceptionHelper.Build(error.Exception)); } return(error); }).Count()).Count(); #region 再次验证 errorMessage = errorMessageBuilder.ToString().ToLower(); //.Replace("script", ""); int sindex = errorMessage.IndexOf('<'); int eindex = errorMessage.IndexOf('>'); for (int i = 0; i < eindex - sindex; i += 5) { errorMessage = errorMessage.Replace("script", ""); } //errorMessage = errorMessageBuilder.ToString(); #endregion if (errorMessage.EndsWith("\r\n")) { errorMessage = errorMessage.TrimEnd("\r\n".ToCharArray()); } if (currentController.Request.ContentType.Contains("/json") || currentController.Request.Url.ToString().ToLower().Contains("/api/") || currentController.ToString().ToLower().StartsWith("dupont.api") || currentController.ToString().ToLower().StartsWith("dupont.presentation") || currentController.ToString().ToLower().StartsWith("dupont.controllers")) { var jsonResult = new JsonResultEx(); var responseResult = new ResponseResult <object>() { IsSuccess = false, Message = errorMessage }; responseResult.State.Id = (int)ResponseStatusCode.ExpectError; responseResult.State.Description = ResponseStatusCode.ExpectError.GetDescription(); jsonResult.Data = responseResult; filterContext.Result = jsonResult; } else { currentController.TempData["Error"] = errorMessage; filterContext.Result = new ViewResult { ViewName = null, MasterName = null, ViewData = currentController.ViewData, TempData = currentController.TempData, ViewEngineCollection = currentController.ViewEngineCollection }; } } foreach (var item in currentController.Request.Headers.AllKeys) { if (item.ToLower().Contains("referer")) { var referer = currentController.Request.Headers.Get("Referer"); int sindex = referer.ToString().IndexOf("//"); int eindex = referer.ToString().IndexOf('/', sindex + 2); string refererhost = null; if (eindex != -1) { refererhost = referer.ToString().Substring(sindex + 2, eindex - (sindex + 2)); } else { refererhost = referer.ToString().Substring(sindex + 2); } if (refererhost != currentController.Request.Headers.Get("Host")) { currentController.TempData["Error"] += "禁止CSRF"; currentController.Response.StatusCode = 500; filterContext.Result = new ViewResult { ViewName = null, MasterName = null, ViewData = currentController.ViewData, TempData = currentController.TempData, ViewEngineCollection = currentController.ViewEngineCollection }; currentController.HttpContext.Items[DataKey.RemoveSessionCookie] = "yes"; } } else if (item.ToLower().Contains("x-forwarded-for")) { currentController.Request.Headers.Set("X-Forwarded-For", ""); currentController.TempData["Error"] += "禁止XFF"; currentController.Response.StatusCode = 500; filterContext.Result = new ViewResult { ViewName = null, MasterName = null, ViewData = currentController.ViewData, TempData = currentController.TempData, ViewEngineCollection = currentController.ViewEngineCollection }; currentController.HttpContext.Items[DataKey.RemoveSessionCookie] = "yes"; } } if (!(currentController.Request.Url.LocalPath.ToLower() == "/account/login" || currentController.Request.Url.LocalPath.ToLower() == "/")) { NameValueCollection parames = new NameValueCollection(); if (currentController.Request.Url.LocalPath.ToLower().IndexOf("form") == -1) { parames.Add(currentController.Request.QueryString); } if (currentController.Request.Url.LocalPath.ToLower() != "/learngarden/addarticle") { parames.Add(currentController.Request.Form); } foreach (var item in parames) { string inputparams = currentController.Request[item.ToString()].ToString(); if (!ValidateSqlStr(inputparams)) { currentController.TempData["Error"] += "禁止脚本注入"; currentController.Response.StatusCode = 500; filterContext.Result = new ViewResult { ViewName = null, MasterName = null, ViewData = currentController.ViewData, TempData = currentController.TempData, ViewEngineCollection = currentController.ViewEngineCollection }; } } } base.OnActionExecuting(filterContext); }