public SimpleMembershipInitializer()
{
Database.SetInitializer<SmartDbContext>(null);
try
{
using (var context = new SmartDbContext())
{
if (!context.Database.Exists())
{
// Create the SimpleMembership database without Entity Framework migration schema
((IObjectContextAdapter)context).ObjectContext.CreateDatabase();
}
}
WebSecurity.InitializeDatabaseConnection("DefaultConnection", "UserProfile", "UserId", "UserName", autoCreateTables: true);
var roles = (SimpleRoleProvider)System.Web.Security.Roles.Provider;
//var membership = (SimpleMembershipProvider)System.Web.Security.Membership.Provider;
if (!roles.RoleExists("Admin"))
roles.CreateRole("Admin");
if (!roles.RoleExists("Staff"))
roles.CreateRole("Staff");
if (!roles.RoleExists("Referrer"))
roles.CreateRole("Referrer");
////following code will check user with name admin and if not found can create a default admin user with password as 'passowrd'
//var usr = membership.GetUser("admin", false);
//if (usr == null)
//{
// WebSecurity.CreateUserAndAccount("admin", "changeme");
// //WebSecurity.CreateAccount("admin", "password");
//}
//if (!roles.GetRolesForUser("admin").Contains("Admin"))
// roles.AddUsersToRoles(new[] { "admin" }, new[] { "Admin" });
}
catch (Exception ex)
{
throw new InvalidOperationException("The ASP.NET Simple Membership database could not be initialized. For more information, please see http://go.microsoft.com/fwlink/?LinkId=256588", ex);
}
}
public ActionResult ExternalLoginConfirmation(RegisterExternalLoginModel model, string returnUrl)
{
string provider = null;
string providerUserId = null;
if (User.Identity.IsAuthenticated || !OAuthWebSecurity.TryDeserializeProviderUserId(model.ExternalLoginData, out provider, out providerUserId))
{
return RedirectToAction("Manage");
}
if (ModelState.IsValid)
{
// Insert a new user into the database
using (SmartDbContext db = new SmartDbContext())
{
UserProfile user = db.UserProfiles.FirstOrDefault(u => u.UserName.ToLower() == model.UserName.ToLower());
// Check if user already exists
if (user == null)
{
// Insert name into the profile table
db.UserProfiles.Add(new UserProfile { UserName = model.UserName });
db.SaveChanges();
OAuthWebSecurity.CreateOrUpdateAccount(provider, providerUserId, model.UserName);
OAuthWebSecurity.Login(provider, providerUserId, createPersistentCookie: false);
return RedirectToLocal(returnUrl);
}
else
{
ModelState.AddModelError("UserName", "User name already exists. Please enter a different user name.");
}
}
}
ViewBag.ProviderDisplayName = OAuthWebSecurity.GetOAuthClientData(provider).DisplayName;
ViewBag.ReturnUrl = returnUrl;
return View(model);
}
public ActionResult LostPassword(LostPasswordModel model)
{
if (ModelState.IsValid)
{
MembershipUser user;
using (var context = new SmartDbContext())
{
var foundUserName = (from u in context.UserProfiles
where u.Email == model.Email
select u.UserName).FirstOrDefault();
if (foundUserName != null)
{
user = Membership.GetUser(foundUserName.ToString());
}
else
{
user = null;
}
}
if (user != null)
{
// Generae password token that will be used in the email link to authenticate user
var token = WebSecurity.GeneratePasswordResetToken(user.UserName);
// Generate the html link sent via email
string resetLink = "<a href'" + Url.Action("ResetPassword", "Account", new { rt = token }, "http") + "'>Reset Password Link</a>";
// Email stuff
string subject = "Reset your password for www.SmartDb.com";
string body = "You link: " + resetLink;
string from = "*****@*****.**";
MailMessage message = new MailMessage(from, model.Email);
message.Subject = subject;
message.Body = body;
SmtpClient client = new SmtpClient();
// Attempt to send the email
try
{
client.Send(message);
}
catch (Exception e)
{
ModelState.AddModelError("", "Issue sending email: " + e.Message);
}
}
else // Email not found
{
/* Note: You may not want to provide the following information
* since it gives an intruder information as to whether a
* certain email address is registered with this website or not.
* If you're really concerned about privacy, you may want to
* forward to the same "Success" page regardless whether an
* user was found or not. This is only for illustration purposes.
*/
ModelState.AddModelError("", "No user found by that email.");
}
}
/* You may want to send the user to a "Success" page upon the successful
* sending of the reset email link. Right now, if we are 100% successful
* nothing happens on the page. :P
*/
return View(model);
}
