public string CreateHash(UserProfilePart profilePart, ApplicationRecord applicationRecord)
{
UserProfilePartRecord profileRecord = _userprofileRepository.Get(profilePart.Id);
if (profileRecord == null)
{
return(null);
}
// first delete all hashes for this user and application
CleanupHashes(profilePart, applicationRecord);
var utcNow = _clock.UtcNow;
LoginsRecord r = new LoginsRecord();
r.Hash = createHash(profileRecord.Id, applicationRecord.Id, DelayToValidate);
r.UserProfilePartRecord = profileRecord;
r.ApplicationRecord = applicationRecord;
r.UpdatedUtc = utcNow;
_loginsRepository.Create(r);
return(r.Hash);
}
public IEnumerable <UserRoleRecord> GetUserRoles(UserProfilePart profilePart, ApplicationRecord appRecord)
{
UserProfilePartRecord profileRecord = _userprofileRepository.Get(profilePart.Id);
if (profileRecord == null)
{
return(null);
}
var record = profileRecord.Applications.FirstOrDefault(x => x.ApplicationRecord.Name == appRecord.Name);
if (record == null)
{
return(new List <UserRoleRecord>());
}
var Roles = new List <UserRoleRecord>();
foreach (UserUserRoleRecord con in profileRecord.Roles)
{
if (con.UserRoleRecord.ApplicationRecord.Id == appRecord.Id)
{
Roles.Add(con.UserRoleRecord);
}
}
return(Roles);
}
public string GetHash(UserProfilePart profilePart, ApplicationRecord applicationRecord)
{
UserProfilePartRecord profileRecord = _userprofileRepository.Get(profilePart.Id);
if (profileRecord == null)
{
return(null);
}
try
{
var logins = from login in _loginsRepository.Table where login.ApplicationRecord.Id == applicationRecord.Id && login.UserProfilePartRecord.Id == profilePart.Id select login;
//foreach (LoginsRecord login in logins)
//{
// _loginsRepository.Delete(login);
//}
var first = logins.FirstOrDefault();
if (first != null)
{
return(first.Hash);
}
}
catch
{
return(null);
}
return(null);
}
public void patchProfile(UserProfilePart profile)
{
profile.FirstName = string.IsNullOrWhiteSpace(FirstName) ? profile.FirstName : FirstName;
profile.LastName = string.IsNullOrWhiteSpace(LastName) ? profile.LastName : LastName;
profile.Location = string.IsNullOrWhiteSpace(Location) ? profile.Location : Location;
profile.WebSite = string.IsNullOrWhiteSpace(WebSite) ? profile.WebSite : WebSite;
profile.Bio = string.IsNullOrWhiteSpace(Bio) ? profile.Bio : Bio;
profile.ShowEmail = ShowEmail;
}
public void updateProfile(UserProfilePart profile)
{
profile.FirstName = string.IsNullOrWhiteSpace(FirstName) ? string.Empty : FirstName;
profile.LastName = string.IsNullOrWhiteSpace(LastName) ? string.Empty : LastName;
profile.Location = string.IsNullOrWhiteSpace(Location) ? string.Empty : Location;
profile.WebSite = string.IsNullOrWhiteSpace(WebSite) ? string.Empty : WebSite;
profile.Bio = string.IsNullOrWhiteSpace(Bio) ? string.Empty : Bio;
profile.ShowEmail = ShowEmail;
}
private IUser ValidateLogonFacebook(LoginFB login, out string Hash)
{
Hash = string.Empty;
ApplicationRecord apprecord = _applicationsService.GetApplicationByKey(login.ApiKey);
if (apprecord == null)
{
return(null); // wrong cloudbast application id
}
DebugFB debuginfo = FBHelper.GetDebugInfo(login.Token, apprecord);
if (!debuginfo.isValid)
{
return(null); // access token is not valid
}
if (debuginfo.Application != apprecord.Name || debuginfo.AppId != apprecord.fbAppKey)
{
return(null); // access token for another application
}
string email = login.Username;
var lowerEmail = email == null ? "" : email.ToLowerInvariant();
// load user with FBemail
IUser user = _orchardServices.ContentManager.Query <UserPart, UserPartRecord>().Where(u => u.Email == lowerEmail).List().FirstOrDefault();
UserProfilePart profile = null;
if (user == null)
{
var fb = new FacebookClient(login.Token);
dynamic me = fb.Get("me");
// since everything is correct, we have to create a new user
var registrationSettings = _orchardServices.WorkContext.CurrentSite.As <RegistrationSettingsPart>();
if (registrationSettings.UsersCanRegister)
{
// create a user with random password
user = _membershipService.CreateUser(new CreateUserParams(lowerEmail, Guid.NewGuid().ToString(), lowerEmail, null, null, true)) as UserPart;
// add facebook fields
profile = user.As <UserProfilePart>();
profile.FBemail = lowerEmail;
profile.FBtoken = login.Token;
profile.FirstName = me.first_name;
profile.LastName = me.last_name;
}
}
else
{
profile = user.As <UserProfilePart>();
profile.FBemail = lowerEmail;
profile.FBtoken = login.Token;
}
Hash = _loginsService.CreateHash(profile, apprecord);
_profileService.CreateUserForApplicationRecord(profile, apprecord);
_orchardServices.WorkContext.HttpContext.Session["doticca_aid"] = apprecord.Id;
return(user);
}
public void CleanupHashes(UserProfilePart profilePart, ApplicationRecord applicationRecord)
{
try
{
var logins = from login in _loginsRepository.Table where login.ApplicationRecord.Id == applicationRecord.Id && login.UserProfilePartRecord.Id == profilePart.Id select login;
foreach (LoginsRecord login in logins)
{
_loginsRepository.Delete(login);
}
}
catch
{
return;
}
}
public HttpResponseMessage Login(Login login)
{
IUser user = _orchardServices.WorkContext.CurrentUser;
ApplicationRecord apprecord = _applicationsService.GetApplicationByKey(login.ApiKey);
if (apprecord == null)
{
return(Request.CreateResponse(HttpStatusCode.NotFound, new uError("Not Found", 404)));
}
if (user != null)
{
IUser newUser = ValidateLogOn(login);
if (newUser != null && newUser.Id == user.Id)
{
Contrib.Foundation.UserProfile.OData.Profile profile = new Contrib.Foundation.UserProfile.OData.Profile(user, Request, _loginsService.GetHash(user.As <UserProfilePart>(), apprecord));
_orchardServices.WorkContext.HttpContext.Session["doticca_aid"] = apprecord.Id;
return(Request.CreateResponse(HttpStatusCode.OK, profile));
}
else
{
LogOut();
}
}
user = ValidateLogOn(login);
if (user != null)
{
UserProfilePart profilePart = user.As <UserProfilePart>(); //_profileService.Get(user).As<UserProfilePart>();
_profileService.CreateUserForApplicationRecord(profilePart, apprecord);
_authenticationService.SignIn(user, false);
_userEventHandler.LoggedIn(user);
string newHash = login.Hash;
if (string.IsNullOrWhiteSpace(newHash))
{
newHash = _loginsService.CreateHash(profilePart, apprecord);
}
Contrib.Foundation.UserProfile.OData.Profile profile = new Contrib.Foundation.UserProfile.OData.Profile(user, Request, newHash);
_orchardServices.WorkContext.HttpContext.Session["doticca_aid"] = apprecord.Id;
return(Request.CreateResponse(HttpStatusCode.OK, profile));
}
_orchardServices.WorkContext.HttpContext.Session.Remove("doticca_aid");
return(Request.CreateResponse(HttpStatusCode.Unauthorized, new uError("User not authorized", 401)));
}
public bool CreateUserForApplicationRecord(UserProfilePart profilePart, ApplicationRecord appRecord)
{
UserProfilePartRecord profileRecord = _userprofileRepository.Get(profilePart.Id);
if (profileRecord == null)
{
return(false);
}
var utcNow = _clock.UtcNow;
var record = profileRecord.Applications.FirstOrDefault(x => x.ApplicationRecord.Name == appRecord.Name);
if (record == null)
{
profileRecord.Applications.Add(new UserApplicationRecord
{
UserProfilePartRecord = profileRecord,
ApplicationRecord = appRecord,
RegistrationStart = utcNow
});
TriggerSignal();
}
if (profileRecord.Roles == null || profileRecord.Roles.Count == 0)
{
UserRoleRecord defaultrole = _applicationsService.GetDefaultRole(appRecord);
profileRecord.Roles.Add(new UserUserRoleRecord
{
UserProfilePartRecord = profileRecord,
UserRoleRecord = defaultrole
});
}
return(true);
}
public HttpResponseMessage Register(Register Register)
{
// ensure users can register
var registrationSettings = _orchardServices.WorkContext.CurrentSite.As <RegistrationSettingsPart>();
if (!registrationSettings.UsersCanRegister)
{
return(Request.CreateResponse(HttpStatusCode.MethodNotAllowed, new uError("Method Not Allowed", 405)));
}
if (Register.Password.Length < MinPasswordLength)
{
return(Request.CreateResponse(HttpStatusCode.MethodNotAllowed, new uError("Method Not Allowed", 405)));
}
if (!_profileService.VerifyUserUnicity(Register.Email, Register.Email))
{
return(Request.CreateResponse(HttpStatusCode.Conflict, new uError("Conflict on the Server", 409)));
}
ApplicationRecord apprecord = _applicationsService.GetApplicationByKey(Register.ApiKey);
if (apprecord == null)
{
return(Request.CreateResponse(HttpStatusCode.NotFound, new uError("Not Found", 404)));
}
if (ValidateRegistration(Register))
{
// Attempt to register the user
// No need to report this to IUserEventHandler because _membershipService does that for us
var user = _membershipService.CreateUser(new CreateUserParams(Register.Email, Register.Password, Register.Email, null, null, false));
if (user != null)
{
UserProfilePart profile = user.As <UserProfilePart>();
if (profile != null)
{
profile.FirstName = Register.FirstName;
profile.LastName = Register.LastName;
}
if (user.As <UserPart>().EmailStatus == UserStatus.Pending)
{
var siteUrl = _orchardServices.WorkContext.CurrentSite.BaseUrl;
//if (String.IsNullOrWhiteSpace(siteUrl))
//{
// siteUrl = Request.ToRootUrlString();
//}
//var url = Url.Route("challengeemail", new { controller = "login", action = "ChallengeEmail", returnUrl = "hello" });
var _Url = new System.Web.Mvc.UrlHelper(System.Web.HttpContext.Current.Request.RequestContext);
_profileService.SendChallengeMail(
apprecord,
user.As <UserPart>(),
nonce =>
_Url.MakeAbsolute(
_Url.Action("ChallengeEmail", "Account", new
{
Area = "Contrib.Foundation.UserProfile",
nonce = nonce
}
)
)
//_Url.MakeAbsolute(
// _Url.Action("ChallengeEmail", "login", new
// {
// httproute = true,
// area = "Contrib.Foundation.UserProfile",
// nonce = nonce
// }
// )
//)
//protocolChallengeEmail(nonce)
);
_userEventHandler.SentChallengeEmail(user);
return(Request.CreateResponse(HttpStatusCode.Created, new uError("Create", 201, false)));
}
if (user.As <UserPart>().RegistrationStatus == UserStatus.Pending)
{
return(Request.CreateResponse(HttpStatusCode.NotModified, new uError("Not Modified", 304)));
}
_authenticationService.SignIn(user, false);
return(Request.CreateResponse(HttpStatusCode.OK, new uError("OK", 200)));
}
return(Request.CreateResponse(HttpStatusCode.InternalServerError, new uError("Internal Server Error", 500)));
}
return(Request.CreateResponse(HttpStatusCode.InternalServerError, new uError("Internal Server Error", 500)));;
}
