public ActionResult Edit(Pilot pilot)
{
if (!User.IsManager())
{
return(RedirectToAction("Restricted", "Error", new { message = "Restricted to your own club" }));
}
if (Request.IsClub())
{
// There is a bug where the club from the request is bound into the resolving of the club on the pilot modelstate validation, we force this through
// HACK: This probably means there is an evil bug hidden when we are going to save more information on club level.
ModelState.Remove("Club");
}
if (!string.IsNullOrWhiteSpace(pilot.MobilNumber))
{
if (!MobilNumberValidator.IsValid(pilot.MobilNumber, false))
{
ModelState.AddModelError("MobilNumber", "Invalid format, please use the format " + Request.PhoneNumberInternationalPrefix() + "12345678");
}
else
{
pilot.MobilNumber = MobilNumberValidator.ParseMobilNumber(pilot.MobilNumber);
}
}
if (ModelState.IsValid)
{
db.Entry(pilot).State = EntityState.Modified;
db.SaveChanges();
return(RedirectToAction("Index"));
}
ViewBag.ClubId = new SelectList(db.Clubs, "ClubId", "ShortName", pilot.ClubId);
return(View(pilot));
}
public async Task <SignInStatus> MobilSignIn(string userName, bool isPersistent)
{
// Restrict MobilSignIn to Only mobil UserName
if (!MobilNumberValidator.IsValid(userName, true))
{
return(SignInStatus.Failure);
}
var user = await UserManager.FindByNameAsync(userName);
if (user == null)
{
var pilots = MobilNumberValidator.FindPilotsByMobilNumber(userName); // userName is mobil number
if (!pilots.Any())
{
return(SignInStatus.Failure);
}
// TODO: Handle multiple pilot profile registration
if (pilots.Count() > 1)
{
return(SignInStatus.Failure);
}
// HACK: We only attach to the first pilot profil in this setup.
var pilot = pilots.First();
// Create mobilPhone Application User, Email is required and + is removed
user = new ApplicationUser()
{
UserName = userName,
Email = userName.Substring(userName.Length - 1) + pilot.Email.ToLower(),
EmailConfirmed = true,
BoundToPilotId = pilot.PilotId.ToString(),
PhoneNumberConfirmed = true,
PhoneNumber = MobilNumberValidator.ParseMobilNumber(userName),
TwoFactorEnabled = true
};
var result = UserManager.Create(user);
if (!result.Succeeded)
{
throw new SecurityException(string.Format("Failed to generate user {0} for {1}", userName, result.Errors.FirstOrDefault()));
//return SignInStatus.Failure;
}
result = UserManager.SetLockoutEnabled(user.Id, false);
return(await SignInOrTwoFactor(user, isPersistent));
}
if (await UserManager.IsLockedOutAsync(user.Id))
{
return(SignInStatus.LockedOut);
}
// Password is null we require TwoFactor
return(await SignInOrTwoFactor(user, isPersistent));
}
public async Task <SignInStatus> PasswordSignIn(string userName, string password, bool isPersistent, bool shouldLockout)
{
// Disallow mobil userName signin through Password SignIn
if (MobilNumberValidator.IsValid(userName))
{
return(SignInStatus.Failure);
}
var user = await UserManager.FindByNameAsync(userName);
if (user == null)
{
return(SignInStatus.Failure);
}
if (!user.EmailConfirmed)
{
return(SignInStatus.UnConfirmed);
}
if (await UserManager.IsLockedOutAsync(user.Id))
{
return(SignInStatus.LockedOut);
}
if (await UserManager.CheckPasswordAsync(user, password))
{
return(await SignInOrTwoFactor(user, isPersistent));
}
if (shouldLockout)
{
// If lockout is requested, increment access failed count which might lock out the user
await UserManager.AccessFailedAsync(user.Id);
if (await UserManager.IsLockedOutAsync(user.Id))
{
return(SignInStatus.LockedOut);
}
}
return(SignInStatus.Failure);
}
public ActionResult SetMobilNumber(PilotSetMobilNumberViewModel model)
{
Pilot pilot = this.db.Pilots.Find(model.PilotId);
if (pilot == null)
{
return(new JsonResult()
{
@Data = new { Success = false }
});
}
if (!MobilNumberValidator.IsValid(model.MobilNumber))
{
return(new JsonResult()
{
@Data = new { Success = false }
});
}
if (!User.IsManager())
{
return(RedirectToAction("Restricted", "Error", new { message = "Restricted to your own club" }));
}
if (!User.IsAdministrator() && Request.Club().ClubId != pilot.ClubId)
{
return(RedirectToAction("Restricted", "Error", new { message = "Restricted to your own club" }));
}
pilot.MobilNumber = MobilNumberValidator.ParseMobilNumber(model.MobilNumber);
this.db.SaveChanges();
return(new JsonResult()
{
@Data = new { Success = true }
});
}
public async Task <ActionResult> TokenLogin(LoginViewModel model, string returnUrl)
{
ViewBag.ReturnUrl = returnUrl;
ViewBag.LiveDemoMemberships = Demo.GetLiveDemoMemberships();
ViewBag.EnableDemo = (ViewBag.LiveDemoMemberships != null && ViewBag.LiveDemoMemberships.Count > 0);
ViewBag.EnableMobil = UserManager.TwoFactorProviders.ContainsKey("PhoneCode");
model.LoginState = LoginViewModel.State.TokenLogin;
if (!model.MobilNumberValidated)
{
if (!MobilNumberValidator.IsValid(model.MobilNumber, true))
{
ModelState.AddModelError("MobilNumber", "Der blev ikke fundet en pilot med dette nummer.");
return(View("Login", model));
}
else
{
model.MobilNumberValidated = true;
model.MobilNumber = MobilNumberValidator.ParseMobilNumber(model.MobilNumber);
var result = await SignInHelper.MobilSignIn(model.MobilNumber, model.RememberBrowser);
switch (result)
{
case SignInStatus.LockedOut:
return(View("Lockout"));
case SignInStatus.UnConfirmed:
case SignInStatus.Success:
case SignInStatus.RequiresTwoFactorAuthentication:
model.MobilNumberValidated = true;
// Does not function because we are working prior to cookies being written.
//var userId = await SignInHelper.GetVerifiedUserIdAsync();
var user = await UserManager.FindByNameAsync(model.MobilNumber);
var userId = user.Id;
if (userId == null)
{
model.MobilNumberValidated = false;
ModelState.AddModelError("MobilNumber", "Unable to find verified user");
return(View("Login", model));
}
var userFactors = await UserManager.GetValidTwoFactorProvidersAsync(userId);
if (userFactors.All(p => p != "PhoneCode"))
{
model.MobilNumberValidated = false;
ModelState.AddModelError("MobilNumber", "SMS Provider not available");
return(View("Login", model));
}
if (!await SignInHelper.SendTwoFactorCode("PhoneCode", userId))
{
model.MobilNumberValidated = false;
ModelState.AddModelError("MobilNumber", "Unable to send verification code");
return(View("Login", model));
}
if (HttpContext.IsDebuggingEnabled)
{
// To exercise the flow without actually sending codes, uncomment the following line
ModelState.AddModelError("VerifyCode", "For DEMO purposes the current verification code is: " + await UserManager.GenerateTwoFactorTokenAsync(userId, "PhoneCode"));
}
return(View("Login", model));
case SignInStatus.Failure:
default:
model.MobilNumberValidated = false;
ModelState.AddModelError("MobilNumber", "Unable to sign-in");
return(View("Login", model));
}
}
}
// Ready to handle Verification Code
if (!string.IsNullOrWhiteSpace(model.VerifyCode))
{
var result = await SignInHelper.TwoFactorSignIn("PhoneCode", model.VerifyCode, model.RememberBrowser, false);
switch (result)
{
case SignInStatus.Success:
return(RedirectToLocal(returnUrl));
case SignInStatus.UnConfirmed:
return(RedirectToAction("EmailNotConfirmed")); // State should not be possible to reach on mobil login accounts
case SignInStatus.LockedOut:
return(View("Lockout"));
case SignInStatus.Failure:
default:
ModelState.AddModelError("VerifyCode", "Invalid code");
return(View("Login", model));
}
}
return(View("Login", model));
}
/// <summary>
/// Profilen kan enten være en mobil telefon token login eller en normal email bruger login
/// Mobil telefon login har ikke nogen profil visning...
/// </summary>
/// <param name="principal"></param>
/// <returns></returns>
public static bool IsMobilProfile(this IPrincipal principal)
{
return(MobilNumberValidator.IsValid(principal.Identity.Name));
}
