public async Task <ActionResult> Login(string name, string pswd, string v, bool closeOnLogin = false, bool __f = false) { // add popup support for possible 2fa await YetaWFCoreRendering.Render.AddPopupsAddOnsAsync(); LoginConfigData config = await LoginConfigDataProvider.GetConfigAsync(); bool isPersistent = config.PersistentLogin; LoginModel model = new LoginModel { AllowNewUser = config.AllowUserRegistration, RegistrationType = config.RegistrationType, UserName = name, Email = name, Password = pswd, VerificationCode = v, Captcha = new RecaptchaV2Data(), RememberMe = isPersistent, CloseOnLogin = closeOnLogin, ShowVerification = !string.IsNullOrWhiteSpace(v), ShowCaptcha = config.Captcha && string.IsNullOrWhiteSpace(v) && !Manager.IsLocalHost, }; if (Manager.HaveReturnToUrl) { model.ReturnUrl = Manager.ReturnToUrl; } using (LoginConfigDataProvider logConfigDP = new LoginConfigDataProvider()) { List <LoginConfigDataProvider.LoginProviderDescription> loginProviders = await logConfigDP.GetActiveExternalLoginProvidersAsync(); if (loginProviders.Count > 0 && Manager.IsInPopup) { throw new InternalError("When using external login providers, the Login module cannot be used in a popup window"); } foreach (LoginConfigDataProvider.LoginProviderDescription provider in loginProviders) { model.ExternalProviders.Add(new FormButton() { ButtonType = ButtonTypeEnum.Submit, Name = "provider", Text = provider.InternalName, Title = this.__ResStr("logAccountTitle", "Log in using your {0} account", provider.DisplayName), CssClass = "t_" + provider.InternalName.ToLower(), }); YetaWF.Core.Packages.Package package = AreaRegistration.CurrentPackage; string url = VersionManager.GetAddOnPackageUrl(package.AreaName); model.Images.Add(Manager.GetCDNUrl(string.Format("{0}Icons/LoginProviders/{1}.png", url, provider.InternalName))); } } if (__f) { Manager.CurrentResponse.StatusCode = 401; } await model.UpdateAsync(); return(View(model)); }
public async Task <IActionResult> ExternalLoginCallback(string returnUrl = null, string remoteError = null) { if (remoteError != null) { throw new Error(this.__ResStr("extErr", "The external login provider reported this error: {0}", remoteError)); } SignInManager <UserDefinition> _signinManager = (SignInManager <UserDefinition>)YetaWFManager.ServiceProvider.GetService(typeof(SignInManager <UserDefinition>)); ExternalLoginInfo loginInfo = await _signinManager.GetExternalLoginInfoAsync(); if (loginInfo == null) { Logging.AddErrorLog("AuthenticationManager.GetExternalLoginInfoAsync() returned null"); return(Redirect(Helper.GetSafeReturnUrl(Manager.CurrentSite.LoginUrl))); } using (LoginConfigDataProvider logConfigDP = new LoginConfigDataProvider()) { List <LoginConfigDataProvider.LoginProviderDescription> loginProviders = await logConfigDP.GetActiveExternalLoginProvidersAsync(); if ((from l in loginProviders where l.InternalName == loginInfo.LoginProvider select l).FirstOrDefault() == null) { Logging.AddErrorLog("Callback from external login provider {0} which is not active", loginInfo.LoginProvider); return(Redirect(Helper.GetSafeReturnUrl(Manager.CurrentSite.LoginUrl))); } } // get our registration defaults LoginConfigData config = await LoginConfigDataProvider.GetConfigAsync(); // Sign in the user with this external login provider if the user already has a login UserDefinition user = await Managers.GetUserManager().FindByLoginAsync(loginInfo.LoginProvider, loginInfo.ProviderKey); if (user == null) { // If the user does not have an account, then prompt the user to create an account // we will go to a page where the user can set up a local account Manager.OriginList = new List <Origin>(); if (!string.IsNullOrWhiteSpace(returnUrl)) { Manager.OriginList.Add(new Origin() { Url = returnUrl }); // where to go after setup } Manager.OriginList.Add(new Origin() { Url = Helper.GetSafeReturnUrl(Manager.CurrentSite.ExternalAccountSetupUrl) }); // setup return(Redirect(Manager.ReturnToUrl)); } if (string.IsNullOrWhiteSpace(returnUrl) && Manager.HaveReturnToUrl) { returnUrl = Manager.ReturnToUrl; } if (string.IsNullOrWhiteSpace(returnUrl)) { returnUrl = await Resource.ResourceAccess.GetUserPostLoginUrlAsync((from u in user.RolesList select u.RoleId).ToList()); } if (string.IsNullOrWhiteSpace(returnUrl)) { returnUrl = Manager.CurrentSite.PostLoginUrl; } returnUrl = Helper.GetSafeReturnUrl(returnUrl); // determine what to do based on account status if (user.UserStatus == UserStatusEnum.Approved) { await LoginModuleController.UserLoginAsync(user); Logging.AddLog("User {0} - logged on", user.UserName); returnUrl = QueryHelper.AddRando(returnUrl); // to defeat client-side caching return(Redirect(returnUrl)); } else if (user.UserStatus == UserStatusEnum.Rejected) { await LoginModuleController.UserLogoffAsync(); Logging.AddErrorLog("User {0} - rejected user", user.UserName); if (string.IsNullOrWhiteSpace(config.RejectedUrl)) { return(Redirect(MessageUrl("Your account has been rejected by the site administrator."))); } return(Redirect(Helper.GetSafeReturnUrl(config.RejectedUrl))); } else if (user.UserStatus == UserStatusEnum.Suspended) { await LoginModuleController.UserLogoffAsync(); Logging.AddErrorLog("User {0} - suspended user", user.UserName); if (string.IsNullOrWhiteSpace(config.SuspendedUrl)) { return(Redirect(MessageUrl("Your account has been suspended by the site administrator."))); } return(Redirect(Helper.GetSafeReturnUrl(config.SuspendedUrl))); } else if (user.UserStatus == UserStatusEnum.NeedValidation) { await LoginModuleController.UserLogoffAsync(); Logging.AddErrorLog("User {0} - not yet validated", user.UserName); if (string.IsNullOrWhiteSpace(config.VerificationPendingUrl)) { return(Redirect(MessageUrl(this.__ResStr("notValidated", "Your account has not yet been verified. You will receive an email with verification information. Once received, please use the information in the email to complete the registration.")))); } return(Redirect(Helper.GetSafeReturnUrl(config.VerificationPendingUrl))); } else if (user.UserStatus == UserStatusEnum.NeedApproval) { await LoginModuleController.UserLogoffAsync(); Logging.AddErrorLog("User {0} - not yet approved", user.UserName); if (string.IsNullOrWhiteSpace(config.ApprovalPendingUrl)) { return(Redirect(MessageUrl(this.__ResStr("notApproved", "Your account has not yet been approved by the site administrator. You will receive an email confirmation as soon as your account is active.")))); } return(Redirect(Helper.GetSafeReturnUrl(config.ApprovalPendingUrl))); } else { await LoginModuleController.UserLogoffAsync(); throw new InternalError("badUserStatus", "Unexpected account status {0}", user.UserStatus); } }
public async Task <ActionResult> Register(bool closeOnLogin = false) { LoginConfigData config = await LoginConfigDataProvider.GetConfigAsync(); if (!config.AllowUserRegistration) { throw new Error(this.__ResStr("cantRegister", "This site does not allow new user registration")); } using (LoginConfigDataProvider logConfigDP = new LoginConfigDataProvider()) { RegisterModel model = new RegisterModel { RegistrationType = config.RegistrationType, ShowCaptcha = config.Captcha && !Manager.IsLocalHost, Captcha = new RecaptchaV2Data(), CloseOnLogin = closeOnLogin, QueryString = Manager.RequestQueryString.ToQueryString(), PasswordRules = Module.ShowPasswordRules ? logConfigDP.PasswordRules : null, }; List <LoginConfigDataProvider.LoginProviderDescription> loginProviders = await logConfigDP.GetActiveExternalLoginProvidersAsync(); if (loginProviders.Count > 0 && Manager.IsInPopup) { throw new InternalError("When using external login providers, the Register module cannot be used in a popup window"); } foreach (LoginConfigDataProvider.LoginProviderDescription provider in loginProviders) { model.ExternalProviders.Add(new FormButton() { ButtonType = ButtonTypeEnum.Submit, Name = "provider", Text = provider.InternalName, Title = this.__ResStr("logAccountTitle", "Log in using your {0} account", provider.DisplayName), CssClass = "t_" + provider.InternalName.ToLower(), }); YetaWF.Core.Packages.Package package = AreaRegistration.CurrentPackage; string url = VersionManager.GetAddOnPackageUrl(package.AreaName); model.Images.Add(Manager.GetCDNUrl(string.Format("{0}Icons/LoginProviders/{1}.png", url, provider.InternalName))); } if (Manager.HaveReturnToUrl) { model.ReturnUrl = Manager.ReturnToUrl; } await model.UpdateAsync(); return(View(model)); } }