コード例 #1
0
        public virtual ActionResult SetWhitelist(string list)
        {
            var openids = list.Split(';');

            foreach (var i in Current.DB.OpenIDWhiteLists)
            {
                i.IsEnabled = false;
            }
            Current.DB.SubmitChanges();

            foreach (var j in openids)
            {
                var openid = new OpenIDWhiteList();
                openid.OpenID    = j;
                openid.IsEnabled = true;
                Current.DB.OpenIDWhiteLists.InsertOnSubmit(openid);
            }
            Current.DB.SubmitChanges();

            return(View("Index"));
        }
コード例 #2
0
        public virtual ActionResult OpenidRegisterFormSubmit(OpenIdRegistrationViewModel model)
        {
            if (!ModelState.IsValid)
            {
                return(View("OpenidRegister", model));
            }

            var DecryptedOpenID = Crypto.DecryptStringAES(model.OpenIdClaim, "secretstring");
            var validator       = new IsSemiValidURLAttribute();
            var isValid         = validator.IsValid(DecryptedOpenID);

            validator = null;
            if (!isValid)
            {
                //User tried to spoof encryption
                ModelState.AddModelError("OpenID", "There's a problem with the OpenID that you specified.");
                return(View("OpenidRegister", model));
            }

            try
            {
                var db = Current.DB;
                var userNameAvailable = (db.aspnet_Users.Where(u => u.UserName == model.Nickname).FirstOrDefault()) == null;
                if (!userNameAvailable)
                {
                    ModelState.AddModelError("Username", "This username is already taken.");
                    return(View("OpenidRegister", model));
                }

                // Attempt to register the user
                MembershipCreateStatus createStatus = MembershipService.CreateUser(model.Nickname, Membership.GeneratePassword(7, 0), model.EmailAddress);

                if (createStatus == MembershipCreateStatus.Success)
                {
                    AccountProfile.NewUser.Initialize(model.Nickname, true);
                    AccountProfile.NewUser.FullName = model.FullName.Trim();
                    AccountProfile.NewUser.Grade    = model.Grade;
                    AccountProfile.NewUser.Sex      = model.SelectedSex;
                    AccountProfile.NewUser.Save();
                    try
                    {
                        //Check OpenID-whitelist status and add OpenID to whitelist if needed
                        if (WhiteListEnabled)
                        {
                            //If we got here, this means that the user used a valid one-time registration code.
                            var whitelistRecord = new OpenIDWhiteList();
                            whitelistRecord.OpenID    = DecryptedOpenID;
                            whitelistRecord.IsEnabled = true;
                            db.OpenIDWhiteLists.InsertOnSubmit(whitelistRecord);
                            db.SubmitChanges();
                        }

                        var userid = db.aspnet_Users.Where(u => u.UserName == model.Nickname).Single().UserId; // if we fail here, this usually means that we didn't specify a constant ApplicationName in Web.config, so each user has multiple entries in that table.

                        var openid = new UserOpenId();
                        openid.OpenIdClaim = DecryptedOpenID;
                        openid.UserId      = userid;
                        db.UserOpenIds.InsertOnSubmit(openid);
                        db.SubmitChanges();

                        FormsAuth.SignIn(model.Nickname, true /* createPersistentCookie */);

                        if (ConfigurationManager.AppSettings["PromptEmailConfirmation"] == "true")
                        {
                            ViewData["email"] = model.EmailAddress;
                            return(View("TimeToValidateYourEmailAddress"));
                        }
                        else
                        {
                            /*if (model.ReturnURL.HasValue())
                             * {
                             *  return Redirect(model.ReturnURL);
                             * }*/

                            // Decide where to go next
                            if (System.Configuration.ConfigurationManager.AppSettings["ResultsOpen"] != "true")
                            {
                                return(RedirectToAction("Index", "Home")); // Send to questionnaire page.
                            }
                            else
                            {
                                return(RedirectToAction("Results", "Home")); // Send to results page (if they haven't submitted, it will redirect to form-is-closed page
                            }
                        }
                    }

                    catch
                    {
                        ModelState.AddModelError("_FORM", ErrorCodeToString(createStatus));
                        return(View("OpenidRegister", model));
                    }
                }
                else
                {
                    ModelState.AddModelError("_FORM", ErrorCodeToString(createStatus));
                    return(View("OpenidRegister", model));
                }
            }
            catch
            {
                return(RedirectToAction("InternalServerError", "Error"));
            }
        }
コード例 #3
0
ファイル: AccountController.cs プロジェクト: maximz/legato
        public virtual ActionResult OpenidRegisterFormSubmit(OpenIdRegistrationViewModel model, bool captchaValid)
        {
            if (!captchaValid)
            {
                ModelState.AddModelError("CAPTCHA", "It seems that you did not type the verification word(s) (CAPTCHA) correctly. Please try again.");
                return(View("OpenidRegister", model));
            }
            if (!ModelState.IsValid)
            {
                return(View("OpenidRegister", model));
            }

            var DecryptedOpenID = Crypto.DecryptStringAES(model.OpenIdClaim, "OpenIDRegistrationFrenzy");
            var validator       = new IsSemiValidURLAttribute();
            var isValid         = validator.IsValid(DecryptedOpenID);

            validator = null;
            if (!isValid)
            {
                //User tried to spoof encryption
                ModelState.AddModelError("OpenID", "There's a problem with the OpenID that you specified.");
                return(View("OpenidRegister", model));
            }

            try
            {
                var db = Current.DB;
                var userNameAvailable = (db.aspnet_Users.Where(u => u.UserName == model.Nickname).FirstOrDefault()) == null;
                if (!userNameAvailable)
                {
                    ModelState.AddModelError("Username", "This username is already taken.");
                    return(View("OpenidRegister", model));
                }

                // Attempt to register the user
                MembershipCreateStatus createStatus = MembershipService.CreateUser(model.Nickname, Membership.GeneratePassword(7, 0), model.EmailAddress);

                if (createStatus == MembershipCreateStatus.Success)
                {
                    Roles.AddUserToRoles(model.Nickname, new string[] { RoleNames.ActiveUser, RoleNames.EmailNotConfirmed });
                    AccountProfile.NewUser.Initialize(model.Nickname, true);
                    AccountProfile.NewUser.ReinstateDate = DateTime.MinValue;
                    AccountProfile.NewUser.FullName      = model.FullName.Trim();
                    AccountProfile.NewUser.AboutMe       = (model.AboutMe.IsNullOrEmpty() ? null : HtmlUtilities.Safe(HtmlUtilities.Sanitize(model.AboutMe.Trim())));
                    AccountProfile.NewUser.Save();
                    try
                    {
                        //Check OpenID-whitelist status and add OpenID to whitelist if needed
                        if (WhiteListEnabled)
                        {
                            //If we got here, this means that the user used a valid one-time registration code.
                            var whitelistRecord = new OpenIDWhiteList();
                            whitelistRecord.OpenID    = DecryptedOpenID;
                            whitelistRecord.IsEnabled = true;
                            db.OpenIDWhiteLists.InsertOnSubmit(whitelistRecord);
                            db.SubmitChanges();
                        }

                        var userid = db.aspnet_Users.Where(u => u.UserName == model.Nickname).Single().UserId; // if we fail here, this usually means that we didn't specify a constant ApplicationName in Web.config, so each user has multiple entries in that table.

                        var openid = new UserOpenId();
                        openid.OpenIdClaim = DecryptedOpenID;
                        openid.UserId      = userid;
                        db.UserOpenIds.InsertOnSubmit(openid);
                        db.SubmitChanges();

                        var confirm = new ConfirmEmailAddress();
                        confirm.UserID    = userid;
                        confirm.ConfirmID = Guid.NewGuid();
                        db.ConfirmEmailAddresses.InsertOnSubmit(confirm);
                        db.SubmitChanges();

                        SendEmailVerificationEmail(model.EmailAddress, confirm.ConfirmID);

                        // During beta only
                        try
                        {
                            SendNewUserEmail(userid, model.Nickname);
                        }
                        catch
                        {
                            // No big deal.
                        }


                        FormsAuth.SignIn(model.Nickname, true /* createPersistentCookie */);

                        if (ConfigurationManager.AppSettings["PromptEmailConfirmation"] == "true")
                        {
                            ViewData["email"] = model.EmailAddress;
                            return(View("TimeToValidateYourEmailAddress"));
                        }
                        else
                        {
                            if (model.ReturnURL.HasValue())
                            {
                                return(Redirect(model.ReturnURL));
                            }
                            return(RedirectToAction("Index", "Home"));
                        }
                    }

                    catch
                    {
                        ModelState.AddModelError("_FORM", ErrorCodeToString(createStatus));
                        return(View("OpenidRegister", model));
                    }
                }
                else
                {
                    ModelState.AddModelError("_FORM", ErrorCodeToString(createStatus));
                    return(View("OpenidRegister", model));
                }
            }
            catch
            {
                return(RedirectToAction("InternalServerError", "Error"));
            }
        }