public ActionResult Edit(Pilot pilot) { if (!User.IsManager()) { return(RedirectToAction("Restricted", "Error", new { message = "Restricted to your own club" })); } if (Request.IsClub()) { // There is a bug where the club from the request is bound into the resolving of the club on the pilot modelstate validation, we force this through // HACK: This probably means there is an evil bug hidden when we are going to save more information on club level. ModelState.Remove("Club"); } if (!string.IsNullOrWhiteSpace(pilot.MobilNumber)) { if (!MobilNumberValidator.IsValid(pilot.MobilNumber, false)) { ModelState.AddModelError("MobilNumber", "Invalid format, please use the format " + Request.PhoneNumberInternationalPrefix() + "12345678"); } else { pilot.MobilNumber = MobilNumberValidator.ParseMobilNumber(pilot.MobilNumber); } } if (ModelState.IsValid) { db.Entry(pilot).State = EntityState.Modified; db.SaveChanges(); return(RedirectToAction("Index")); } ViewBag.ClubId = new SelectList(db.Clubs, "ClubId", "ShortName", pilot.ClubId); return(View(pilot)); }
public async Task <SignInStatus> MobilSignIn(string userName, bool isPersistent) { // Restrict MobilSignIn to Only mobil UserName if (!MobilNumberValidator.IsValid(userName, true)) { return(SignInStatus.Failure); } var user = await UserManager.FindByNameAsync(userName); if (user == null) { var pilots = MobilNumberValidator.FindPilotsByMobilNumber(userName); // userName is mobil number if (!pilots.Any()) { return(SignInStatus.Failure); } // TODO: Handle multiple pilot profile registration if (pilots.Count() > 1) { return(SignInStatus.Failure); } // HACK: We only attach to the first pilot profil in this setup. var pilot = pilots.First(); // Create mobilPhone Application User, Email is required and + is removed user = new ApplicationUser() { UserName = userName, Email = userName.Substring(userName.Length - 1) + pilot.Email.ToLower(), EmailConfirmed = true, BoundToPilotId = pilot.PilotId.ToString(), PhoneNumberConfirmed = true, PhoneNumber = MobilNumberValidator.ParseMobilNumber(userName), TwoFactorEnabled = true }; var result = UserManager.Create(user); if (!result.Succeeded) { throw new SecurityException(string.Format("Failed to generate user {0} for {1}", userName, result.Errors.FirstOrDefault())); //return SignInStatus.Failure; } result = UserManager.SetLockoutEnabled(user.Id, false); return(await SignInOrTwoFactor(user, isPersistent)); } if (await UserManager.IsLockedOutAsync(user.Id)) { return(SignInStatus.LockedOut); } // Password is null we require TwoFactor return(await SignInOrTwoFactor(user, isPersistent)); }
public async Task <SignInStatus> PasswordSignIn(string userName, string password, bool isPersistent, bool shouldLockout) { // Disallow mobil userName signin through Password SignIn if (MobilNumberValidator.IsValid(userName)) { return(SignInStatus.Failure); } var user = await UserManager.FindByNameAsync(userName); if (user == null) { return(SignInStatus.Failure); } if (!user.EmailConfirmed) { return(SignInStatus.UnConfirmed); } if (await UserManager.IsLockedOutAsync(user.Id)) { return(SignInStatus.LockedOut); } if (await UserManager.CheckPasswordAsync(user, password)) { return(await SignInOrTwoFactor(user, isPersistent)); } if (shouldLockout) { // If lockout is requested, increment access failed count which might lock out the user await UserManager.AccessFailedAsync(user.Id); if (await UserManager.IsLockedOutAsync(user.Id)) { return(SignInStatus.LockedOut); } } return(SignInStatus.Failure); }
public ActionResult SetMobilNumber(PilotSetMobilNumberViewModel model) { Pilot pilot = this.db.Pilots.Find(model.PilotId); if (pilot == null) { return(new JsonResult() { @Data = new { Success = false } }); } if (!MobilNumberValidator.IsValid(model.MobilNumber)) { return(new JsonResult() { @Data = new { Success = false } }); } if (!User.IsManager()) { return(RedirectToAction("Restricted", "Error", new { message = "Restricted to your own club" })); } if (!User.IsAdministrator() && Request.Club().ClubId != pilot.ClubId) { return(RedirectToAction("Restricted", "Error", new { message = "Restricted to your own club" })); } pilot.MobilNumber = MobilNumberValidator.ParseMobilNumber(model.MobilNumber); this.db.SaveChanges(); return(new JsonResult() { @Data = new { Success = true } }); }
public async Task <ActionResult> TokenLogin(LoginViewModel model, string returnUrl) { ViewBag.ReturnUrl = returnUrl; ViewBag.LiveDemoMemberships = Demo.GetLiveDemoMemberships(); ViewBag.EnableDemo = (ViewBag.LiveDemoMemberships != null && ViewBag.LiveDemoMemberships.Count > 0); ViewBag.EnableMobil = UserManager.TwoFactorProviders.ContainsKey("PhoneCode"); model.LoginState = LoginViewModel.State.TokenLogin; if (!model.MobilNumberValidated) { if (!MobilNumberValidator.IsValid(model.MobilNumber, true)) { ModelState.AddModelError("MobilNumber", "Der blev ikke fundet en pilot med dette nummer."); return(View("Login", model)); } else { model.MobilNumberValidated = true; model.MobilNumber = MobilNumberValidator.ParseMobilNumber(model.MobilNumber); var result = await SignInHelper.MobilSignIn(model.MobilNumber, model.RememberBrowser); switch (result) { case SignInStatus.LockedOut: return(View("Lockout")); case SignInStatus.UnConfirmed: case SignInStatus.Success: case SignInStatus.RequiresTwoFactorAuthentication: model.MobilNumberValidated = true; // Does not function because we are working prior to cookies being written. //var userId = await SignInHelper.GetVerifiedUserIdAsync(); var user = await UserManager.FindByNameAsync(model.MobilNumber); var userId = user.Id; if (userId == null) { model.MobilNumberValidated = false; ModelState.AddModelError("MobilNumber", "Unable to find verified user"); return(View("Login", model)); } var userFactors = await UserManager.GetValidTwoFactorProvidersAsync(userId); if (userFactors.All(p => p != "PhoneCode")) { model.MobilNumberValidated = false; ModelState.AddModelError("MobilNumber", "SMS Provider not available"); return(View("Login", model)); } if (!await SignInHelper.SendTwoFactorCode("PhoneCode", userId)) { model.MobilNumberValidated = false; ModelState.AddModelError("MobilNumber", "Unable to send verification code"); return(View("Login", model)); } if (HttpContext.IsDebuggingEnabled) { // To exercise the flow without actually sending codes, uncomment the following line ModelState.AddModelError("VerifyCode", "For DEMO purposes the current verification code is: " + await UserManager.GenerateTwoFactorTokenAsync(userId, "PhoneCode")); } return(View("Login", model)); case SignInStatus.Failure: default: model.MobilNumberValidated = false; ModelState.AddModelError("MobilNumber", "Unable to sign-in"); return(View("Login", model)); } } } // Ready to handle Verification Code if (!string.IsNullOrWhiteSpace(model.VerifyCode)) { var result = await SignInHelper.TwoFactorSignIn("PhoneCode", model.VerifyCode, model.RememberBrowser, false); switch (result) { case SignInStatus.Success: return(RedirectToLocal(returnUrl)); case SignInStatus.UnConfirmed: return(RedirectToAction("EmailNotConfirmed")); // State should not be possible to reach on mobil login accounts case SignInStatus.LockedOut: return(View("Lockout")); case SignInStatus.Failure: default: ModelState.AddModelError("VerifyCode", "Invalid code"); return(View("Login", model)); } } return(View("Login", model)); }
/// <summary> /// Profilen kan enten være en mobil telefon token login eller en normal email bruger login /// Mobil telefon login har ikke nogen profil visning... /// </summary> /// <param name="principal"></param> /// <returns></returns> public static bool IsMobilProfile(this IPrincipal principal) { return(MobilNumberValidator.IsValid(principal.Identity.Name)); }