//public Task SendAsync(IdentityMessage message)
public async Task SendAsync(IdentityMessage message)
{
// Plug in your email service here to send an email.
bool IsSmtpServer = RBAC_ExtendedMethods.GetConfigSettingAsBool("");
//await Send(message);
Send2HotmailAccount(message);
}
public EmailService()
{
this.m_Server = RBAC_ExtendedMethods.GetConfigSetting(cKey_SmtpServer);
this.m_Port = RBAC_ExtendedMethods.GetConfigSettingAsInt(cKey_SmtpPort);
this.m_Username = RBAC_ExtendedMethods.GetConfigSetting(cKey_SmtpUsername);
this.m_Password = RBAC_ExtendedMethods.GetConfigSetting(cKey_SmtpPassword);
this.m_EMailFrom = RBAC_ExtendedMethods.GetConfigSetting(cKey_SmtpEMailFrom);
this.m_IsSmtpNetworkDeliveryMethodEnabled = RBAC_ExtendedMethods.GetConfigSettingAsBool(cKey_SmtpNetworkDeliveryMethodEnabled);
}
public static ApplicationUserManager Create(IdentityFactoryOptions <ApplicationUserManager> options, IOwinContext context)
{
var manager = new ApplicationUserManager(new ApplicationUserStore(context.Get <RBACDbContext>()));
// Configure validation logic for usernames
manager.UserValidator = new UserValidator <ApplicationUser, int>(manager)
{
AllowOnlyAlphanumericUserNames = false,
RequireUniqueEmail = true
};
// Configure validation logic for passwords
manager.PasswordValidator = new PasswordValidator
{
RequiredLength = RBAC_ExtendedMethods.GetConfigSettingAsInt(RBAC_ExtendedMethods.cKey_PasswordRequiredLength, 6),
RequireNonLetterOrDigit = RBAC_ExtendedMethods.GetConfigSettingAsBool(RBAC_ExtendedMethods.cKey_PasswordRequireNonLetterOrDigit, true),
RequireDigit = RBAC_ExtendedMethods.GetConfigSettingAsBool(RBAC_ExtendedMethods.cKey_PasswordRequireDigit, true),
RequireLowercase = RBAC_ExtendedMethods.GetConfigSettingAsBool(RBAC_ExtendedMethods.cKey_PasswordRequireLowercase, true),
RequireUppercase = RBAC_ExtendedMethods.GetConfigSettingAsBool(RBAC_ExtendedMethods.cKey_PasswordRequireUppercase, true),
};
// Configure user lockout defaults
manager.UserLockoutEnabledByDefault = RBAC_ExtendedMethods.GetConfigSettingAsBool(RBAC_ExtendedMethods.cKey_UserLockoutEnabled);
manager.DefaultAccountLockoutTimeSpan = TimeSpan.FromMinutes(RBAC_ExtendedMethods.GetConfigSettingAsDouble(RBAC_ExtendedMethods.cKey_AccountLockoutTimeSpan));
manager.MaxFailedAccessAttemptsBeforeLockout = RBAC_ExtendedMethods.GetConfigSettingAsInt(RBAC_ExtendedMethods.cKey_MaxFailedAccessAttemptsBeforeLockout);
// Register two factor authentication providers. This application uses Phone and Emails as a step of receiving a code for verifying the user
// You can write your own provider and plug it in here.
manager.RegisterTwoFactorProvider("Phone Code", new PhoneNumberTokenProvider <ApplicationUser, int>
{
MessageFormat = "Your security code is {0}"
});
manager.RegisterTwoFactorProvider("Email Code", new EmailTokenProvider <ApplicationUser, int>
{
Subject = "Security Code",
BodyFormat = "Your security code is {0}"
});
manager.EmailService = new EmailService();
manager.SmsService = new SmsService();
var dataProtectionProvider = options.DataProtectionProvider;
if (dataProtectionProvider != null)
{
manager.UserTokenProvider =
new DataProtectorTokenProvider <ApplicationUser, int>(dataProtectionProvider.Create("ASP.NET Identity"));
}
return(manager);
}
public override void OnAuthorization(AuthorizationContext filterContext)
{
try
{
//Redirect user to Offline if Maintenance is Enabled!
if (RBAC_ExtendedMethods.GetConfigSettingAsBool(RBAC_ExtendedMethods.cKey_GeneralMaintenanceEnabled))
{
string allowedIPs = RBAC_ExtendedMethods.GetConfigSetting(RBAC_ExtendedMethods.cKey_GeneralMaintenanceAllowedIPs);
if (/*!filterContext.HttpContext.Request.IsLocal && */ !allowedIPs.Contains(filterContext.HttpContext.Request.UserHostAddress))
{
filterContext.Result = new RedirectToRouteResult(new RouteValueDictionary(new { controller = "Unauthorised", action = "Offline" }));
}
}
//Audit params
//string strController = filterContext.ActionDescriptor.ControllerDescriptor.ControllerName;
//string strAction = filterContext.ActionDescriptor.ActionName;
//AuditHelpers.AppEventInfo(AppSession.Profile.Id.ToString(), String.Format("Your are accessing to : {0}/{1}", strController, strAction), filterContext.HttpContext.Request.RawUrl);
if (!filterContext.HttpContext.Request.IsAuthenticated)
{
//Redirect user to login page if not yet authenticated. This is a protected resource!
filterContext.Result = new RedirectToRouteResult(new RouteValueDictionary(new { controller = "Account", action = "Login", returnUrl = filterContext.HttpContext.Request.FilePath }));
}
else
{
//Create permission string based on the requested controller name and action name in the format 'controllername-action'
string requiredPermission = String.Format("{0}-{1}", filterContext.ActionDescriptor.ControllerDescriptor.ControllerName, filterContext.ActionDescriptor.ActionName);
if (!filterContext.HttpContext.User.HasPermission(requiredPermission) & !filterContext.HttpContext.User.IsSysAdmin())
{
//User doesn't have the required permission and is not a SysAdmin, return our custom “401 Unauthorized” access error
//Since we are setting filterContext.Result to contain an ActionResult page, the controller's action will not be run.
//The custom “401 Unauthorized” access error will be returned to the browser in response to the initial request.
filterContext.Result = new RedirectToRouteResult(new RouteValueDictionary {
{ "action", "Index" }, { "controller", "Unauthorised" }
});
}
//If the user has the permission to run the controller's action, the filterContext.Result will be uninitialized and
//executing the controller's action is dependant on whether filterContext.Result is uninitialized.
}
}
catch (Exception ex)
{
filterContext.Result = new RedirectToRouteResult(new RouteValueDictionary(new { controller = "Unauthorised", action = "Error", _errorMsg = ex.Message }));
}
}