private string AddNewMember(AccountRegistration data, Func<Member> memberCallback, string noticeTemplate) { if (string.IsNullOrWhiteSpace(data.Email)) return "Email is required"; if (!Regex.IsMatch(data.Email, @"^\S+@\S+\.\S+$")) return "Unrecognized email address"; if (string.IsNullOrWhiteSpace(data.Username)) return "Username is required"; if (data.Username.Length < 3) return "Username must be 3 or more characters"; if (data.Username.Length > 200) return "Username must be less than 200 characters"; if (!Regex.IsMatch(data.Username, @"^[a-zA-Z0-9\.\-_]+$")) return "Username can only contain numbers, letters, and the characters '.', '-', and '_'"; if (membership.GetUser(data.Username, false) != null) return "Username is already taken"; if (string.IsNullOrWhiteSpace(data.Password)) return "Password is required"; if (data.Password.Length < 6) return "Password must be at least 6 characters"; if (data.Password.Length > 64) return "Password must be less than 64 characters"; MembershipCreateStatus status; var user = membership.CreateUser(data.Username, data.Password, data.Email, null, null, false, null, out status); if (status != MembershipCreateStatus.Success) return "Could not create user"; try { System.Web.Security.FormsAuthenticationTicket ticket = new System.Web.Security.FormsAuthenticationTicket(data.Username, false, 5); Thread.CurrentPrincipal = new System.Web.Security.RolePrincipal(new System.Web.Security.FormsIdentity(ticket)); var member = memberCallback(); SarMembership.KcsarUserProfile profile = ProfileBase.Create(data.Username) as SarMembership.KcsarUserProfile; if (profile != null) { profile.FirstName = member.FirstName; profile.LastName = member.LastName; profile.LinkKey = member.Id.ToString(); profile.Save(); } string mailSubject = string.Format("{0} account verification", ConfigurationManager.AppSettings["dbNameShort"] ?? "KCSARA"); string mailTemplate = File.ReadAllText(Path.Combine(AppDomain.CurrentDomain.BaseDirectory, "Templates", "Email", noticeTemplate)); string mailBody = mailTemplate .Replace("%Username%", data.Username) .Replace("%VerifyLink%", new Uri(this.Request.RequestUri, Url.Route("Default", new { httproute = "", controller = "Account", action = "Verify", id = data.Username })).AbsoluteUri + "?key=" + user.ProviderUserKey.ToString()) .Replace("%WebsiteContact%", ConfigurationManager.AppSettings["MailFrom"] ?? "*****@*****.**"); db.SaveChanges(); EmailService.SendMail(data.Email, mailSubject, mailBody); } catch (Exception ex) { log.Error(ex.ToString()); membership.DeleteUser(data.Username, true); return "An error occured while creating your user account"; } return "OK"; }
public string Register(AccountRegistration data) { var emailCheck = CheckEmail(data.Email); if (emailCheck != RegistrationEmailStatus.Ready) { throw new InvalidOperationException("Email verification returned: " + emailCheck.ToString()); } if (CheckUsername(data.Username) != "Available") { throw new InvalidOperationException("Username not available"); } Guid memberId = Guid.Empty; var result = AddNewMember(data, () => { var member = db.PersonContact.Where(f => f.Type == "email" && f.Value == data.Email).Select(f => f.Person).Single(); memberId = member.Id; var now = DateTime.Now; // For all units where the member is active and they have accounts turned on... foreach (var unit in member.Memberships.Where(f => f.Activated < now && (f.EndTime == null || f.EndTime > now) && f.Status.GetsAccount).Select(f => f.Unit)) { string roleName = string.Format("sec.{0}.members", unit.DisplayName.Replace(" ", "").ToLowerInvariant()); // Give them rights as a member of the unit. if (System.Web.Security.Roles.RoleExists(roleName)) { System.Web.Security.Roles.AddUserToRole(data.Username, roleName); } } return member; }, "register-account.html"); if (result == "OK" && memberId != Guid.Empty) { var member = db.Members.Single(f => f.Id == memberId); member.Username = data.Username; db.SaveChanges(); } return result; }