public virtual ActionResult SetWhitelist(string list)
{
var openids = list.Split(';');
foreach (var i in Current.DB.OpenIDWhiteLists)
{
i.IsEnabled = false;
}
Current.DB.SubmitChanges();
foreach (var j in openids)
{
var openid = new OpenIDWhiteList();
openid.OpenID = j;
openid.IsEnabled = true;
Current.DB.OpenIDWhiteLists.InsertOnSubmit(openid);
}
Current.DB.SubmitChanges();
return(View("Index"));
}
public virtual ActionResult OpenidRegisterFormSubmit(OpenIdRegistrationViewModel model)
{
if (!ModelState.IsValid)
{
return(View("OpenidRegister", model));
}
var DecryptedOpenID = Crypto.DecryptStringAES(model.OpenIdClaim, "secretstring");
var validator = new IsSemiValidURLAttribute();
var isValid = validator.IsValid(DecryptedOpenID);
validator = null;
if (!isValid)
{
//User tried to spoof encryption
ModelState.AddModelError("OpenID", "There's a problem with the OpenID that you specified.");
return(View("OpenidRegister", model));
}
try
{
var db = Current.DB;
var userNameAvailable = (db.aspnet_Users.Where(u => u.UserName == model.Nickname).FirstOrDefault()) == null;
if (!userNameAvailable)
{
ModelState.AddModelError("Username", "This username is already taken.");
return(View("OpenidRegister", model));
}
// Attempt to register the user
MembershipCreateStatus createStatus = MembershipService.CreateUser(model.Nickname, Membership.GeneratePassword(7, 0), model.EmailAddress);
if (createStatus == MembershipCreateStatus.Success)
{
AccountProfile.NewUser.Initialize(model.Nickname, true);
AccountProfile.NewUser.FullName = model.FullName.Trim();
AccountProfile.NewUser.Grade = model.Grade;
AccountProfile.NewUser.Sex = model.SelectedSex;
AccountProfile.NewUser.Save();
try
{
//Check OpenID-whitelist status and add OpenID to whitelist if needed
if (WhiteListEnabled)
{
//If we got here, this means that the user used a valid one-time registration code.
var whitelistRecord = new OpenIDWhiteList();
whitelistRecord.OpenID = DecryptedOpenID;
whitelistRecord.IsEnabled = true;
db.OpenIDWhiteLists.InsertOnSubmit(whitelistRecord);
db.SubmitChanges();
}
var userid = db.aspnet_Users.Where(u => u.UserName == model.Nickname).Single().UserId; // if we fail here, this usually means that we didn't specify a constant ApplicationName in Web.config, so each user has multiple entries in that table.
var openid = new UserOpenId();
openid.OpenIdClaim = DecryptedOpenID;
openid.UserId = userid;
db.UserOpenIds.InsertOnSubmit(openid);
db.SubmitChanges();
FormsAuth.SignIn(model.Nickname, true /* createPersistentCookie */);
if (ConfigurationManager.AppSettings["PromptEmailConfirmation"] == "true")
{
ViewData["email"] = model.EmailAddress;
return(View("TimeToValidateYourEmailAddress"));
}
else
{
/*if (model.ReturnURL.HasValue())
* {
* return Redirect(model.ReturnURL);
* }*/
// Decide where to go next
if (System.Configuration.ConfigurationManager.AppSettings["ResultsOpen"] != "true")
{
return(RedirectToAction("Index", "Home")); // Send to questionnaire page.
}
else
{
return(RedirectToAction("Results", "Home")); // Send to results page (if they haven't submitted, it will redirect to form-is-closed page
}
}
}
catch
{
ModelState.AddModelError("_FORM", ErrorCodeToString(createStatus));
return(View("OpenidRegister", model));
}
}
else
{
ModelState.AddModelError("_FORM", ErrorCodeToString(createStatus));
return(View("OpenidRegister", model));
}
}
catch
{
return(RedirectToAction("InternalServerError", "Error"));
}
}
public virtual ActionResult OpenidRegisterFormSubmit(OpenIdRegistrationViewModel model, bool captchaValid)
{
if (!captchaValid)
{
ModelState.AddModelError("CAPTCHA", "It seems that you did not type the verification word(s) (CAPTCHA) correctly. Please try again.");
return(View("OpenidRegister", model));
}
if (!ModelState.IsValid)
{
return(View("OpenidRegister", model));
}
var DecryptedOpenID = Crypto.DecryptStringAES(model.OpenIdClaim, "OpenIDRegistrationFrenzy");
var validator = new IsSemiValidURLAttribute();
var isValid = validator.IsValid(DecryptedOpenID);
validator = null;
if (!isValid)
{
//User tried to spoof encryption
ModelState.AddModelError("OpenID", "There's a problem with the OpenID that you specified.");
return(View("OpenidRegister", model));
}
try
{
var db = Current.DB;
var userNameAvailable = (db.aspnet_Users.Where(u => u.UserName == model.Nickname).FirstOrDefault()) == null;
if (!userNameAvailable)
{
ModelState.AddModelError("Username", "This username is already taken.");
return(View("OpenidRegister", model));
}
// Attempt to register the user
MembershipCreateStatus createStatus = MembershipService.CreateUser(model.Nickname, Membership.GeneratePassword(7, 0), model.EmailAddress);
if (createStatus == MembershipCreateStatus.Success)
{
Roles.AddUserToRoles(model.Nickname, new string[] { RoleNames.ActiveUser, RoleNames.EmailNotConfirmed });
AccountProfile.NewUser.Initialize(model.Nickname, true);
AccountProfile.NewUser.ReinstateDate = DateTime.MinValue;
AccountProfile.NewUser.FullName = model.FullName.Trim();
AccountProfile.NewUser.AboutMe = (model.AboutMe.IsNullOrEmpty() ? null : HtmlUtilities.Safe(HtmlUtilities.Sanitize(model.AboutMe.Trim())));
AccountProfile.NewUser.Save();
try
{
//Check OpenID-whitelist status and add OpenID to whitelist if needed
if (WhiteListEnabled)
{
//If we got here, this means that the user used a valid one-time registration code.
var whitelistRecord = new OpenIDWhiteList();
whitelistRecord.OpenID = DecryptedOpenID;
whitelistRecord.IsEnabled = true;
db.OpenIDWhiteLists.InsertOnSubmit(whitelistRecord);
db.SubmitChanges();
}
var userid = db.aspnet_Users.Where(u => u.UserName == model.Nickname).Single().UserId; // if we fail here, this usually means that we didn't specify a constant ApplicationName in Web.config, so each user has multiple entries in that table.
var openid = new UserOpenId();
openid.OpenIdClaim = DecryptedOpenID;
openid.UserId = userid;
db.UserOpenIds.InsertOnSubmit(openid);
db.SubmitChanges();
var confirm = new ConfirmEmailAddress();
confirm.UserID = userid;
confirm.ConfirmID = Guid.NewGuid();
db.ConfirmEmailAddresses.InsertOnSubmit(confirm);
db.SubmitChanges();
SendEmailVerificationEmail(model.EmailAddress, confirm.ConfirmID);
// During beta only
try
{
SendNewUserEmail(userid, model.Nickname);
}
catch
{
// No big deal.
}
FormsAuth.SignIn(model.Nickname, true /* createPersistentCookie */);
if (ConfigurationManager.AppSettings["PromptEmailConfirmation"] == "true")
{
ViewData["email"] = model.EmailAddress;
return(View("TimeToValidateYourEmailAddress"));
}
else
{
if (model.ReturnURL.HasValue())
{
return(Redirect(model.ReturnURL));
}
return(RedirectToAction("Index", "Home"));
}
}
catch
{
ModelState.AddModelError("_FORM", ErrorCodeToString(createStatus));
return(View("OpenidRegister", model));
}
}
else
{
ModelState.AddModelError("_FORM", ErrorCodeToString(createStatus));
return(View("OpenidRegister", model));
}
}
catch
{
return(RedirectToAction("InternalServerError", "Error"));
}
}