public virtual async Task<ActionResult> SignIn(LogOnViewModel model, string returnUrl, bool linkingAccount)
{
// I think it should be obvious why we don't want the current URL to be the return URL here ;)
ViewData[Constants.ReturnUrlViewDataKey] = returnUrl;
if (Request.IsAuthenticated)
{
TempData["Message"] = Strings.AlreadyLoggedIn;
return SafeRedirect(returnUrl);
}
if (!ModelState.IsValid)
{
return LogOnView(model);
}
var user = await AuthService.Authenticate(model.SignIn.UserNameOrEmail, model.SignIn.Password);
if (user == null)
{
ModelState.AddModelError(
"SignIn",
Strings.UsernameAndPasswordNotFound);
return LogOnView(model);
}
if (linkingAccount)
{
// Link with an external account
user = await AssociateCredential(user, returnUrl);
if (user == null)
{
return ExternalLinkExpired();
}
}
// Now log in!
AuthService.CreateSession(OwinContext, user.User);
return SafeRedirect(returnUrl);
}
public async virtual Task<ActionResult> LinkExternalAccount(string returnUrl)
{
// Extract the external login info
var result = await AuthService.AuthenticateExternalLogin(OwinContext);
if (result.ExternalIdentity == null)
{
// User got here without an external login cookie (or an expired one)
// Send them to the logon action
return ExternalLinkExpired();
}
if (result.Authentication != null)
{
AuthService.CreateSession(OwinContext, result.Authentication.User);
return SafeRedirect(returnUrl);
}
else
{
// Gather data for view model
var authUI = result.Authenticator.GetUI();
var email = result.ExternalIdentity.GetClaimOrDefault(ClaimTypes.Email);
var name = result
.ExternalIdentity
.GetClaimOrDefault(ClaimTypes.Name);
// Check for a user with this email address
User existingUser = null;
if (!String.IsNullOrEmpty(email))
{
existingUser = UserService.FindByEmailAddress(email);
}
var external = new AssociateExternalAccountViewModel()
{
ProviderAccountNoun = authUI.AccountNoun,
AccountName = name,
FoundExistingUser = existingUser != null
};
var model = new LogOnViewModel()
{
External = external,
SignIn = new SignInViewModel()
{
UserNameOrEmail = email
},
Register = new RegisterViewModel()
{
EmailAddress = email
}
};
return LogOnView(model);
}
}
private ActionResult RegisterView(LogOnViewModel existingModel)
{
// Fill the providers list
existingModel.Providers = GetProviders();
// Reinitialize any nulled-out sub models
existingModel.Register = existingModel.Register ?? new RegisterViewModel();
return View("Register", existingModel);
}
public async virtual Task<ActionResult> RegisterUser(LogOnViewModel model, string returnUrl, bool linkingAccount)
{
// I think it should be obvious why we don't want the current URL to be the return URL here ;)
ViewData[Constants.ReturnUrlViewDataKey] = returnUrl;
if (Request.IsAuthenticated)
{
TempData["Message"] = Strings.AlreadyLoggedIn;
return SafeRedirect(returnUrl);
}
if (linkingAccount)
{
ModelState.Remove("Register.Password");
}
if (!ModelState.IsValid)
{
return LogOnView(model);
}
AuthenticatedUser user;
try
{
if (linkingAccount)
{
var result = await AuthService.ReadExternalLoginCredential(OwinContext);
if (result.ExternalIdentity == null)
{
return ExternalLinkExpired();
}
user = await AuthService.Register(
model.Register.Username,
model.Register.EmailAddress,
result.Credential);
}
else
{
user = await AuthService.Register(
model.Register.Username,
model.Register.EmailAddress,
CredentialBuilder.CreatePbkdf2Password(model.Register.Password));
}
}
catch (EntityException ex)
{
ModelState.AddModelError("Register", ex.Message);
return LogOnView(model);
}
// Send a new account email
MessageService.SendNewAccountEmail(
new MailAddress(user.User.UnconfirmedEmailAddress, user.User.Username),
Url.ConfirmationUrl(
"Confirm",
"Users",
user.User.Username,
user.User.EmailConfirmationToken));
// We're logging in!
AuthService.CreateSession(OwinContext, user.User);
return RedirectFromRegister(returnUrl);
}
