private void HandleWindowsLiveConfirmation(SiteUser siteUser) { if ((liveUser == null) || (windowsLive == null)) { return; } if (siteSettings.UseEmailForLogin) { FormsAuthentication.SetAuthCookie( siteUser.Email, liveUser.UsePersistentCookie); } else { FormsAuthentication.SetAuthCookie( siteUser.LoginName, liveUser.UsePersistentCookie); } if (WebConfigSettings.UseFoldersInsteadOfHostnamesForMultipleSites) { string cookieName = "siteguid" + siteSettings.SiteGuid; CookieHelper.SetCookie(cookieName, siteUser.UserGuid.ToString(), liveUser.UsePersistentCookie); } if (siteUser.UserId > -1 && siteSettings.AllowUserSkins && siteUser.Skin.Length > 0) { SiteUtils.SetSkinCookie(siteUser); } siteUser.UpdateLastLoginTime(); //WebUtils.SetupRedirect(this, SiteRoot + "/Secure/UserProfile.aspx"); }
private void DoNewUserLogic(OpenIdEventArgs e) { if (e == null) { return; } ClaimsResponse claim = e.Response.GetExtension<ClaimsResponse>(); if (claim == null) { return; } if (IsValidForUserCreation(e, claim)) { if (SiteUser.EmailExistsInDB(siteSettings.SiteId, claim.Email)) { // show message that user should login and associate // their open id account on their profile page. lblError.Text = Resource.OpenIDRegisterUserEmailExistsMessage; return; } else { // create user automagically since we have all // the needed data SiteUser newUser = new SiteUser(siteSettings); newUser.Email = claim.Email; newUser.Name = claim.FullName; string loginName = newUser.Name.Replace(" ", ".").ToLower(); if (loginName.Length > 50) loginName = loginName.Substring(0, 50); if (SiteUser.LoginExistsInDB( siteSettings.SiteId, loginName)) { loginName = e.ClaimedIdentifier.ToString().Replace("http://", string.Empty).Replace("https://", string.Empty).Replace("/", string.Empty); if (loginName.Length > 50) loginName = loginName.Substring(0, 50); int i = 1; while (SiteUser.LoginExistsInDB( siteSettings.SiteId, loginName)) { loginName += i.ToString(); if (loginName.Length > 50) loginName = loginName.Remove(40, 1); i++; } } newUser.LoginName = loginName; newUser.Password = SiteUser.CreateRandomPassword(7, WebConfigSettings.PasswordGeneratorChars); newUser.PasswordQuestion = Resource.ManageUsersDefaultSecurityQuestion; newUser.PasswordAnswer = Resource.ManageUsersDefaultSecurityAnswer; newUser.OpenIdUri = e.ClaimedIdentifier.ToString(); newUser.Save(); if (siteSettings.UseSecureRegistration) { newUser.SetRegistrationConfirmationGuid(Guid.NewGuid()); } // track user ip address UserLocation userLocation = new UserLocation(newUser.UserGuid, SiteUtils.GetIP4Address()); userLocation.SiteGuid = siteSettings.SiteGuid; userLocation.Hostname = Page.Request.UserHostName; userLocation.Save(); if ( (siteSettings.UseSecureRegistration) && (newUser.RegisterConfirmGuid != Guid.Empty) ) { Notification.SendRegistrationConfirmationLink( SiteUtils.GetSmtpSettings(), ResourceHelper.GetMessageTemplate("RegisterConfirmEmailMessage.config"), siteSettings.DefaultEmailFromAddress, siteSettings.DefaultFromEmailAlias, newUser.Email, siteSettings.SiteName, WebUtils.GetSiteRoot() + "/ConfirmRegistration.aspx?ticket=" + newUser.RegisterConfirmGuid.ToString()); lblError.Text = Resource.LoginUnconfirmedEmailMessage; log.Info("Automatically created User " + newUser.Name + " on login from open id. Tried to login but email address is not confirmed."); return; } if (siteSettings.UseEmailForLogin) { FormsAuthentication.SetAuthCookie( newUser.Email, true); } else { FormsAuthentication.SetAuthCookie( newUser.LoginName, true); } if (WebConfigSettings.UseFoldersInsteadOfHostnamesForMultipleSites) { string cookieName = "siteguid" + siteSettings.SiteGuid; CookieHelper.SetCookie(cookieName, newUser.UserGuid.ToString(), true); } newUser.UpdateLastLoginTime(); string redirectUrl = GetRedirectPath(); CookieHelper.ExpireCookie(returnUrlCookieName); WebUtils.SetupRedirect(this, redirectUrl); return; } } else { // user not found // required fields not available from open id // redirect to register page? // Or show message with Link to // register page string registerLinkHref = siteRoot + "/Secure/RegisterWithOpenID.aspx"; litNotRegisteredYetMessage.Text = string.Format( Resource.OpenIDMustRegisterBeforeLoginMesage, registerLinkHref); } }
private void DoExistingUserLogic(Guid userGuid) { // user found so login if allowed SiteUser user = new SiteUser(siteSettings, userGuid); if ( (siteSettings.UseSecureRegistration) && (user.RegisterConfirmGuid != Guid.Empty) ) { Notification.SendRegistrationConfirmationLink( SiteUtils.GetSmtpSettings(), ResourceHelper.GetMessageTemplate("RegisterConfirmEmailMessage.config"), siteSettings.DefaultEmailFromAddress, siteSettings.DefaultFromEmailAlias, user.Email, siteSettings.SiteName, WebUtils.GetSiteRoot() + "/ConfirmRegistration.aspx?ticket=" + user.RegisterConfirmGuid.ToString()); lblError.Text = Resource.LoginUnconfirmedEmailMessage; log.Info("User " + user.Name + " tried to login but email address is not confirmed."); return; } if (user.IsLockedOut) { lblError.Text = Resource.LoginAccountLockedMessage; log.Info("User " + user.Name + " tried to login but account is locked."); return; } if (siteSettings.UseEmailForLogin) { FormsAuthentication.SetAuthCookie( user.Email, true); } else { FormsAuthentication.SetAuthCookie( user.LoginName, true); } if (WebConfigSettings.UseFoldersInsteadOfHostnamesForMultipleSites) { string cookieName = "siteguid" + siteSettings.SiteGuid; CookieHelper.SetCookie(cookieName, user.UserGuid.ToString(), true); } user.UpdateLastLoginTime(); // track user ip address UserLocation userLocation = new UserLocation(user.UserGuid, SiteUtils.GetIP4Address()); userLocation.SiteGuid = siteSettings.SiteGuid; userLocation.Hostname = Page.Request.UserHostName; userLocation.Save(); string redirectUrl = GetRedirectPath(); CookieHelper.ExpireCookie(returnUrlCookieName); UserSignInEventArgs u = new UserSignInEventArgs(user); OnUserSignIn(u); WebUtils.SetupRedirect(this, redirectUrl); return; }
private void SignInUser(SiteUser user, bool isNewUser) { if ( (siteSettings.UseSecureRegistration) && (user.RegisterConfirmGuid != Guid.Empty) ) { Notification.SendRegistrationConfirmationLink( SiteUtils.GetSmtpSettings(), ResourceHelper.GetMessageTemplate("RegisterConfirmEmailMessage.config"), siteSettings.DefaultEmailFromAddress, siteSettings.DefaultFromEmailAlias, user.Email, siteSettings.SiteName, SiteRoot+ "/ConfirmRegistration.aspx?ticket=" + user.RegisterConfirmGuid.ToString()); log.Info("User " + user.Name + " tried to login but email address is not confirmed."); lblError.Text = Resource.RegistrationRequiresEmailConfirmationMessage; litInfoNeededMessage.Visible = false; pnlRequiredProfileProperties.Visible = false; btnCreateUser.Visible = false; return; } if (user.IsLockedOut) { log.Info("User " + user.Name + " tried to login but account is locked."); lblError.Text = Resource.LoginAccountLockedMessage; return; } if ((siteSettings.RequireApprovalBeforeLogin)&&(!user.ApprovedForLogin)) { log.Info("User " + user.Name + " tried to login but account is not approved yet."); lblError.Text = Resource.LoginNotApprovedMessage; return; } if (siteSettings.UseEmailForLogin) { FormsAuthentication.SetAuthCookie( user.Email, true); } else { FormsAuthentication.SetAuthCookie( user.LoginName, true); } if (WebConfigSettings.UseFoldersInsteadOfHostnamesForMultipleSites) { string cookieName = "siteguid" + siteSettings.SiteGuid; CookieHelper.SetCookie(cookieName, user.UserGuid.ToString(), true); } if (user.UserId > -1 && siteSettings.AllowUserSkins && user.Skin.Length > 0) { SiteUtils.SetSkinCookie(user); } user.UpdateLastLoginTime(); // track user ip address UserLocation userLocation = new UserLocation(user.UserGuid, SiteUtils.GetIP4Address()); userLocation.SiteGuid = siteSettings.SiteGuid; userLocation.Hostname = Request.UserHostName; userLocation.Save(); UserSignInEventArgs u = new UserSignInEventArgs(user); OnUserSignIn(u); if (CookieHelper.CookieExists(returnUrlCookieName)) { returnUrl = CookieHelper.GetCookieValue(returnUrlCookieName); CookieHelper.ExpireCookie(returnUrlCookieName); } string requestedReturnUrl = SiteUtils.GetReturnUrlParam(Page, SiteRoot); returnUrl = requestedReturnUrl; if (isNewUser) { if (WebConfigSettings.PageToRedirectToAfterRegistration.Length > 0) { returnUrl = SiteRoot + WebConfigSettings.PageToRedirectToAfterRegistration; } } if (String.IsNullOrEmpty(returnUrl) || returnUrl.Contains("AccessDenied") || returnUrl.Contains("Login") || returnUrl.Contains("SignIn") || returnUrl.Contains("ConfirmRegistration.aspx") || returnUrl.Contains("OpenIdRpxHandler.aspx") || returnUrl.Contains("RecoverPassword.aspx") || returnUrl.Contains("Register") ) { returnUrl = SiteRoot; } if (returnUrl.Length > 0) { if (SiteUtils.IsSecureRequest()) { if (returnUrl.StartsWith("http:")) { returnUrl = returnUrl.Replace("http:", "https:"); } } WebUtils.SetupRedirect(this, returnUrl); return; } if (SiteUtils.IsSecureRequest()) { if (SiteRoot.StartsWith("http:")) { WebUtils.SetupRedirect(this, SiteRoot.Replace("http:", "https:")); return; } } WebUtils.SetupRedirect(this, SiteRoot); return; }
private void DoUserLogin(SiteUser siteUser) { if ( (siteSettings.UseSecureRegistration) && (siteUser.RegisterConfirmGuid != Guid.Empty) ) { Notification.SendRegistrationConfirmationLink( SiteUtils.GetSmtpSettings(), ResourceHelper.GetMessageTemplate("RegisterConfirmEmailMessage.config"), siteSettings.DefaultEmailFromAddress, siteSettings.DefaultFromEmailAlias, siteUser.Email, siteSettings.SiteName, WebUtils.GetSiteRoot() + "/ConfirmRegistration.aspx?ticket=" + siteUser.RegisterConfirmGuid.ToString()); lblError.Text = Resource.RegistrationRequiresEmailConfirmationMessage; pnlWindowsLiveRegister.Visible = false; } else { if (siteUser.IsLockedOut) { lblError.Text = Resource.LoginAccountLockedMessage; pnlWindowsLiveRegister.Visible = false; } else { if (siteSettings.UseEmailForLogin) { FormsAuthentication.SetAuthCookie( siteUser.Email, persistCookie); } else { FormsAuthentication.SetAuthCookie( siteUser.LoginName, persistCookie); } if (WebConfigSettings.UseFoldersInsteadOfHostnamesForMultipleSites) { string cookieName = "siteguid" + siteSettings.SiteGuid; CookieHelper.SetCookie(cookieName, siteUser.UserGuid.ToString(), persistCookie); } if (siteUser.UserId > -1 && siteSettings.AllowUserSkins && siteUser.Skin.Length > 0) { SiteUtils.SetSkinCookie(siteUser); } siteUser.UpdateLastLoginTime(); WebUtils.SetupRedirect(this, SiteRoot + "/Secure/UserProfile.aspx"); } } }
private void DoExistingUserLogic(Guid userGuid) { // user found so login if allowed SiteUser user = new SiteUser(siteSettings, userGuid); bool canLogin = true; if ( (siteSettings.UseSecureRegistration) && (user.RegisterConfirmGuid != Guid.Empty) ) { Notification.SendRegistrationConfirmationLink( SiteUtils.GetSmtpSettings(), ResourceHelper.GetMessageTemplate("RegisterConfirmEmailMessage.config"), siteSettings.DefaultEmailFromAddress, siteSettings.DefaultFromEmailAlias, user.Email, siteSettings.SiteName, WebUtils.GetSiteRoot() + "/ConfirmRegistration.aspx?ticket=" + user.RegisterConfirmGuid.ToString()); log.Info("User " + user.Name + " tried to login but email address is not confirmed."); canLogin = false; } if (user.IsLockedOut) { log.Info("User " + user.Name + " tried to login but account is locked."); canLogin = false; } if ((siteSettings.RequireApprovalBeforeLogin) && (!user.ApprovedForLogin)) { log.Info("User " + user.Name + " tried to login but account is not approved yet."); canLogin = false; } if (canLogin) { if (siteSettings.UseEmailForLogin) { FormsAuthentication.SetAuthCookie( user.Email, persistCookie); } else { FormsAuthentication.SetAuthCookie( user.LoginName, persistCookie); } if (user.LiveMessengerDelegationToken.Length > 0) { WindowsLiveMessenger m = new WindowsLiveMessenger(windowsLive); ConsentToken token = m.DecodeToken(user.LiveMessengerDelegationToken); token = m.RefreshConsent(token); if (token != null) { CookieHelper.SetCookie(consentTokenCookie, token.Token); CookieHelper.SetCookie(delegationTokenCookie, token.DelegationToken); } } if (WebConfigSettings.UseFoldersInsteadOfHostnamesForMultipleSites) { string cookieName = "siteguid" + siteSettings.SiteGuid; CookieHelper.SetCookie(cookieName, user.UserGuid.ToString(), persistCookie); } if (user.UserId > -1 && siteSettings.AllowUserSkins && user.Skin.Length > 0) { SiteUtils.SetSkinCookie(user); } user.UpdateLastLoginTime(); // track user ip address UserLocation userLocation = new UserLocation(user.UserGuid, SiteUtils.GetIP4Address()); userLocation.SiteGuid = siteSettings.SiteGuid; userLocation.Hostname = Page.Request.UserHostName; userLocation.Save(); string redirectUrl = GetRedirectPath(); CookieHelper.ExpireCookie(returnUrlCookieName); UserSignInEventArgs u = new UserSignInEventArgs(user); OnUserSignIn(u); //WebUtils.SetupRedirect(this, redirectUrl); Response.Redirect(redirectUrl); return; } else { // redirect to login // need to make login page show // reason for failure //WebUtils.SetupRedirect(this, LoginPage); Response.Redirect(LoginPage); } }