public async Task <ActionResult> LogoffDirect() { Manager.SetSuperUserRole(false);// explicit logoff clears superuser state await LoginModuleController.UserLogoffAsync(); return(new EmptyResult()); }
/// <summary> /// Log off /// </summary> public async Task <ActionResult> Logoff(string nextUrl) { Manager.SetSuperUserRole(false);// explicit logoff clears superuser state await LoginModuleController.UserLogoffAsync(); LoginConfigData config = await LoginConfigDataProvider.GetConfigAsync(); string url = nextUrl; if (string.IsNullOrWhiteSpace(url)) { url = config.LoggedOffUrl; } if (string.IsNullOrWhiteSpace(url)) { url = Manager.CurrentSite.HomePageUrl; } // Because this is a plain MVC controller, this Redirect really redirects (no Unified Page Set handling) which is the desired behavior url = QueryHelper.AddRando(url); // to defeat client-side caching return(Redirect(url)); }
// User login public static async Task UserLoginAsync(UserDefinition user, bool?rememberme = null) { await LoginModuleController.UserLogoffAsync(); bool isPersistent; if (rememberme == null) { LoginConfigData config = await LoginConfigDataProvider.GetConfigAsync(); isPersistent = config.PersistentLogin; } else { isPersistent = (bool)rememberme; } SignInManager <UserDefinition> _signinManager = (SignInManager <UserDefinition>)YetaWFManager.ServiceProvider.GetService(typeof(SignInManager <UserDefinition>)); await _signinManager.SignInAsync(user, isPersistent); // superuser int superuserRole = Resource.ResourceAccess.GetSuperuserRoleId(); if (user.RolesList != null && user.RolesList.Contains(new Role { RoleId = superuserRole }, new RoleComparer())) { Manager.SetSuperUserRole(true); } // accept user user.LastLoginDate = DateTime.UtcNow; user.LastLoginIP = Manager.UserHostAddress; user.LastActivityDate = DateTime.UtcNow; user.LastActivityIP = Manager.UserHostAddress; user.LoginFailures = 0; await Managers.GetUserManager().UpdateAsync(user); }
public async Task <ActionResult> LoginSelector_Partial(EditModel model) { model.UpdateData(Module); if (!ModelState.IsValid) { return(PartialView(model)); } int userId = model.UserId; if (userId == 0) { await LoginModuleController.UserLogoffAsync(); } else { await Resource.ResourceAccess.LoginAsAsync(userId); } if (model.SuperuserStillActive != null && !(bool)model.SuperuserStillActive) { Manager.SetSuperUserRole(false); } return(Redirect(Manager.ReturnToUrl, ForceRedirect: true)); }
public async Task <IActionResult> ExternalLoginCallback(string returnUrl = null, string remoteError = null) { if (remoteError != null) { throw new Error(this.__ResStr("extErr", "The external login provider reported this error: {0}", remoteError)); } SignInManager <UserDefinition> _signinManager = (SignInManager <UserDefinition>)YetaWFManager.ServiceProvider.GetService(typeof(SignInManager <UserDefinition>)); ExternalLoginInfo loginInfo = await _signinManager.GetExternalLoginInfoAsync(); if (loginInfo == null) { Logging.AddErrorLog("AuthenticationManager.GetExternalLoginInfoAsync() returned null"); return(Redirect(Helper.GetSafeReturnUrl(Manager.CurrentSite.LoginUrl))); } using (LoginConfigDataProvider logConfigDP = new LoginConfigDataProvider()) { List <LoginConfigDataProvider.LoginProviderDescription> loginProviders = await logConfigDP.GetActiveExternalLoginProvidersAsync(); if ((from l in loginProviders where l.InternalName == loginInfo.LoginProvider select l).FirstOrDefault() == null) { Logging.AddErrorLog("Callback from external login provider {0} which is not active", loginInfo.LoginProvider); return(Redirect(Helper.GetSafeReturnUrl(Manager.CurrentSite.LoginUrl))); } } // get our registration defaults LoginConfigData config = await LoginConfigDataProvider.GetConfigAsync(); // Sign in the user with this external login provider if the user already has a login UserDefinition user = await Managers.GetUserManager().FindByLoginAsync(loginInfo.LoginProvider, loginInfo.ProviderKey); if (user == null) { // If the user does not have an account, then prompt the user to create an account // we will go to a page where the user can set up a local account Manager.OriginList = new List <Origin>(); if (!string.IsNullOrWhiteSpace(returnUrl)) { Manager.OriginList.Add(new Origin() { Url = returnUrl }); // where to go after setup } Manager.OriginList.Add(new Origin() { Url = Helper.GetSafeReturnUrl(Manager.CurrentSite.ExternalAccountSetupUrl) }); // setup return(Redirect(Manager.ReturnToUrl)); } if (string.IsNullOrWhiteSpace(returnUrl) && Manager.HaveReturnToUrl) { returnUrl = Manager.ReturnToUrl; } if (string.IsNullOrWhiteSpace(returnUrl)) { returnUrl = await Resource.ResourceAccess.GetUserPostLoginUrlAsync((from u in user.RolesList select u.RoleId).ToList()); } if (string.IsNullOrWhiteSpace(returnUrl)) { returnUrl = Manager.CurrentSite.PostLoginUrl; } returnUrl = Helper.GetSafeReturnUrl(returnUrl); // determine what to do based on account status if (user.UserStatus == UserStatusEnum.Approved) { await LoginModuleController.UserLoginAsync(user); Logging.AddLog("User {0} - logged on", user.UserName); returnUrl = QueryHelper.AddRando(returnUrl); // to defeat client-side caching return(Redirect(returnUrl)); } else if (user.UserStatus == UserStatusEnum.Rejected) { await LoginModuleController.UserLogoffAsync(); Logging.AddErrorLog("User {0} - rejected user", user.UserName); if (string.IsNullOrWhiteSpace(config.RejectedUrl)) { return(Redirect(MessageUrl("Your account has been rejected by the site administrator."))); } return(Redirect(Helper.GetSafeReturnUrl(config.RejectedUrl))); } else if (user.UserStatus == UserStatusEnum.Suspended) { await LoginModuleController.UserLogoffAsync(); Logging.AddErrorLog("User {0} - suspended user", user.UserName); if (string.IsNullOrWhiteSpace(config.SuspendedUrl)) { return(Redirect(MessageUrl("Your account has been suspended by the site administrator."))); } return(Redirect(Helper.GetSafeReturnUrl(config.SuspendedUrl))); } else if (user.UserStatus == UserStatusEnum.NeedValidation) { await LoginModuleController.UserLogoffAsync(); Logging.AddErrorLog("User {0} - not yet validated", user.UserName); if (string.IsNullOrWhiteSpace(config.VerificationPendingUrl)) { return(Redirect(MessageUrl(this.__ResStr("notValidated", "Your account has not yet been verified. You will receive an email with verification information. Once received, please use the information in the email to complete the registration.")))); } return(Redirect(Helper.GetSafeReturnUrl(config.VerificationPendingUrl))); } else if (user.UserStatus == UserStatusEnum.NeedApproval) { await LoginModuleController.UserLogoffAsync(); Logging.AddErrorLog("User {0} - not yet approved", user.UserName); if (string.IsNullOrWhiteSpace(config.ApprovalPendingUrl)) { return(Redirect(MessageUrl(this.__ResStr("notApproved", "Your account has not yet been approved by the site administrator. You will receive an email confirmation as soon as your account is active.")))); } return(Redirect(Helper.GetSafeReturnUrl(config.ApprovalPendingUrl))); } else { await LoginModuleController.UserLogoffAsync(); throw new InternalError("badUserStatus", "Unexpected account status {0}", user.UserStatus); } }
public async Task <ActionResult> UserAccount_Partial(EditModel model) { // make sure this user exists UserManager <UserDefinition> userManager = Managers.GetUserManager(); UserDefinition user; #if MVC6 user = await userManager.FindByNameAsync(model.OriginalUserName); #else user = userManager.FindByName(model.OriginalUserName); #endif if (user == null) { throw new Error(this.__ResStr("alreadyDeleted", "The user named \"{0}\" has been removed and can no longer be updated.", model.OriginalUserName)); } if (!ModelState.IsValid) { return(PartialView(model)); } // update email/user name - can't use an existing email address // get the registration module for some defaults LoginConfigData config = await LoginConfigDataProvider.GetConfigAsync(); switch (config.RegistrationType) { default: case RegistrationTypeEnum.NameAndEmail: { using (UserDefinitionDataProvider dataProvider = new UserDefinitionDataProvider()) { List <DataProviderFilterInfo> filters = DataProviderFilterInfo.Join(null, new DataProviderFilterInfo { Field = nameof(UserDefinition.Email), Operator = "==", Value = model.Email, }); UserDefinition userExists = await dataProvider.GetItemAsync(filters); if (userExists != null && user.UserName != userExists.UserName) { ModelState.AddModelError(nameof(model.Email), this.__ResStr("emailUsed", "An account using email address {0} already exists.", model.Email)); return(PartialView(model)); } } break; } case RegistrationTypeEnum.EmailOnly: model.UserName = model.Email; break; case RegistrationTypeEnum.NameOnly: model.Email = model.UserName; break; } // save new user info ObjectSupport.CopyData(model, user); // merge new data into original model.SetData(user); // and all the data back into model for final display if (model.OriginalUserName != user.UserName) { // user name changed - change data through data provider directly using (UserDefinitionDataProvider dataProvider = new UserDefinitionDataProvider()) { UpdateStatusEnum status = await dataProvider.UpdateItemAsync(model.OriginalUserName, user); switch (status) { default: case UpdateStatusEnum.RecordDeleted: ModelState.AddModelError(nameof(model.UserName), this.__ResStr("alreadyDeleted", "The user named \"{0}\" has been removed and can no longer be updated.", model.OriginalUserName)); return(PartialView(model)); case UpdateStatusEnum.NewKeyExists: ModelState.AddModelError(nameof(model.UserName), this.__ResStr("alreadyExists", "A user named \"{0}\" already exists.", model.UserName)); return(PartialView(model)); case UpdateStatusEnum.OK: break; } } // log the user off and back on so new name takes effect //IAuthenticationManager authManager = HttpContext.GetOwinContext().Authentication; //deleted, done in UserLogff authManager.SignOut(DefaultAuthenticationTypes.ExternalCookie, DefaultAuthenticationTypes.ApplicationCookie, DefaultAuthenticationTypes.ExternalBearer); await LoginModuleController.UserLogoffAsync(); await LoginModuleController.UserLoginAsync(user); } else { IdentityResult result; result = await userManager.UpdateAsync(user); if (!result.Succeeded) { throw new Error(string.Join(" - ", (from e in result.Errors select e.Description))); } } return(FormProcessed(model, this.__ResStr("okSaved", "Your account information has been saved"), OnClose: OnCloseEnum.ReloadPage, OnPopupClose: OnPopupCloseEnum.ReloadParentPage, ForceRedirect: true));// reload for tiny login module to refresh }