public async Task <ActionResult> Register(LoginOrRegisterViewModel model)
{
if (ModelState.IsValid)
{
var user = new ApplicationUser {
UserName = model.Register.Email,
Email = model.Register.Email,
FirstName = model.Register.FirstName,
LastName = model.Register.LastName,
DisplayName = model.Register.DisplayName,
AvatarPath = "/img/user.png"
};
var result = await UserManager.CreateAsync(user, model.Register.Password);
if (result.Succeeded)
{
await SignInManager.SignInAsync(user, isPersistent : false, rememberBrowser : false);
// For more information on how to enable account confirmation and password reset please visit https://go.microsoft.com/fwlink/?LinkID=320771
// Send an email with this link
// string code = await UserManager.GenerateEmailConfirmationTokenAsync(user.Id);
// var callbackUrl = Url.Action("ConfirmEmail", "Account", new { userId = user.Id, code = code }, protocol: Request.Url.Scheme);
// await UserManager.SendEmailAsync(user.Id, "Confirm your account", "Please confirm your account by clicking <a href=\"" + callbackUrl + "\">here</a>");
return(RedirectToAction("Index", "Profile"));
}
AddErrors(result);
}
// If we got this far, something failed, redisplay form
return(View("~/Views/Home/Index.cshtml", model));
//return RedirectToAction("Index", "Home", new { model = model });
}
public async Task <IActionResult> Login(LoginOrRegisterViewModel model, string returnUrl = null)
{
LoginViewModel loginModel = model.Login;
ViewData["ReturnUrl"] = returnUrl;
if (ModelState.IsValid)
{
Microsoft.AspNetCore.Identity.SignInResult result = await _signInManager.PasswordSignInAsync(loginModel.Email, loginModel.Password, loginModel.RememberMe, lockoutOnFailure : true);
if (result.Succeeded)
{
AddLoginAttemptAsync(loginModel.Email).DoNotAwait();
if (string.IsNullOrWhiteSpace(returnUrl))
{
return(RedirectToAction(nameof(Home.Index), nameof(Home)));
}
else
{
return(RedirectToLocal(returnUrl));
}
}
if (result.RequiresTwoFactor)
{
return(RedirectToAction(nameof(LoginWith2fa), new { returnUrl, loginModel.RememberMe }));
}
if (result.IsLockedOut)
{
return(RedirectToAction(nameof(Lockout)));
}
else
{
// delay to hinder brute force attack
await Task.Delay(1000);
ModelState.AddModelError(string.Empty, "Invalid login attempt.");
return(View(model));
}
}
// If we got this far, something failed, redisplay form
return(View(loginModel));
}
public async Task <IActionResult> Register(LoginOrRegisterViewModel model, string returnUrl = null)
{
RegisterViewModel registerModel = model.Register;
if (ModelState.IsValid)
{
UserConfig config = new UserConfig()
{
Currency = "GBP",
};
// fill timezone
if (registerModel.TimeZoneOffset > -100)
{
TimeZoneInfo tzInfo = DateTimeExtensions.GetTimeZoneByOffset(registerModel.TimeZoneOffset);
if (tzInfo != null)
{
config.TimeZone = tzInfo.Id;
}
}
// find best currency
string ipAddress = ControllerContext.HttpContext.GetIpAddress();
if (ipAddress != null)
{
try
{
GeoPluginApi geoApi = new GeoPluginApi();
GeoPluginResult geoResult = geoApi.GetIpData(ipAddress);
config.Currency = geoResult.GetBestCurrency("GBP");
}
catch (Exception ex)
{
logger.LogError(ex, "Register error");
}
}
User user = WebsiteTemplate.Models.User.MakeDefault(registerModel.Email);
user.Config = config;
IdentityResult result = await _userManager.CreateAsync(user, registerModel.Password);
if (result.Succeeded)
{
// get user back from db to get the latest values
user = await GetUserById(user.Id);
// For more information on how to enable account confirmation and password reset please visit http://go.microsoft.com/fwlink/?LinkID=532713
// Send an email with this link
string code = await _userManager.GenerateEmailConfirmationTokenAsync(user);
string callbackUrl = Url.Action(nameof(ConfirmEmail), "Account", new { userId = user.Id, code }, protocol: Request.Scheme);
await _signInManager.SignInAsync(user, isPersistent : true);
await emailer.EmailSender.SendEmailAsync(user.Email, "Confirm your account", "Please confirm your account by <a href=\"" + callbackUrl + "\">clicking this link</a>", true);
AddLoginAttemptAsync(registerModel.Email).DoNotAwait();
emailer.SendSignedupAsync(user).DoNotAwait();
logger.LogInformation($"New user: id={user.Id}, {user.Email}");
if (string.IsNullOrWhiteSpace(returnUrl))
{
return(RedirectToAction(nameof(Home.Index), nameof(Home)));
}
else
{
return(RedirectToLocal(returnUrl));
}
}
AddErrors(result);
}
// If we got this far, something failed, redisplay form
return(View(nameof(Login), model));
}
public async Task <ActionResult> Login(LoginOrRegisterViewModel model, string returnUrl, string role)
{
if (!ModelState.IsValid)
{
return(RedirectToAction("Index", "Home"));
}
// This doesn't count login failures towards account lockout
// To enable password failures to trigger account lockout, change to shouldLockout: true
if (string.IsNullOrEmpty(role))
{
var result = await SignInManager.PasswordSignInAsync(model.Login.Email, model.Login.Password, model.Login.RememberMe, shouldLockout : false);
switch (result)
{
case SignInStatus.Success:
if (string.IsNullOrEmpty(returnUrl))
{
var userId = UserManager.FindByEmail(model.Login.Email).Id;
if (roleHelper.IsUserInRole(userId, "Admin"))
{
return(RedirectToAction("Dashboard", "Admin"));
}
else if (roleHelper.IsUserInRole(userId, "Project Manager"))
{
return(RedirectToAction("Index", "ProjectManager"));
}
//insert conditions for when a dev or sub signin
else if (roleHelper.IsUserInRole(userId, "Submitter"))
{
return(RedirectToAction("Index", "Submitter"));
}
else if (roleHelper.IsUserInRole(userId, "Developer"))
{
return(RedirectToAction("Index", "Developer"));
}
else
{
return(RedirectToAction("Index", "Profile"));
}
}
return(RedirectToLocal(returnUrl));
case SignInStatus.LockedOut:
return(View("Lockout"));
case SignInStatus.RequiresVerification:
return(RedirectToAction("SendCode", new { ReturnUrl = returnUrl, RememberMe = model.Login.RememberMe }));
case SignInStatus.Failure:
default:
ModelState.AddModelError("", "Invalid login attempt.");
return(RedirectToAction("Index", "Home"));
}
}
else
{
var result = await SignInManager.PasswordSignInAsync(role, WebConfigurationManager.AppSettings["demoPassword"], false, false);
switch (result)
{
case SignInStatus.Success:
if (string.IsNullOrEmpty(returnUrl))
{
var userId = db.Users.FirstOrDefault(u => u.Email.ToLower() == role.ToLower()).Id;
if (roleHelper.IsUserInRole(userId, "Admin"))
{
return(RedirectToAction("Dashboard", "Admin"));
}
else if (roleHelper.IsUserInRole(userId, "Project Manager"))
{
return(RedirectToAction("Index", "ProjectManager"));
}
//insert conditions for when a dev or sub signin
else if (roleHelper.IsUserInRole(userId, "Submitter"))
{
return(RedirectToAction("Index", "Submitter"));
}
else if (roleHelper.IsUserInRole(userId, "Developer"))
{
return(RedirectToAction("Index", "Developer"));
}
else
{
return(RedirectToAction("Index", "Profile"));
}
}
return(RedirectToLocal(returnUrl));
case SignInStatus.LockedOut:
return(View("Lockout"));
case SignInStatus.RequiresVerification:
return(RedirectToAction("SendCode", new { ReturnUrl = returnUrl, RememberMe = model.Login.RememberMe }));
case SignInStatus.Failure:
default:
ModelState.AddModelError("", "Invalid login attempt.");
return(RedirectToAction("Index", "Home"));
}
}
}