public ActionResult Register(AccountsModel accountmodel)
{
var returnController = "Home";
var returnAction = "Index";
if (!string.IsNullOrEmpty(Request.Form["returnController"]) && !string.IsNullOrEmpty(Request.Form["returnAction"]))
{
returnController = Request.Form["returnController"];
returnAction = Request.Form["returnAction"];
}
if (ModelState.IsValid)
{
//Set default values for account
var confirm_password = Request.Form["RepeatPassword"];
//If passwords do not match
if (accountmodel.Password != confirm_password)
{
TempData["ProcessRegisterFailureMessage"] = "Passwords do not match.";
TempData["displayModal"] = "registerModal";
return(RedirectToAction(returnAction, returnController));
}
//Check if email exist already
if (db.Accounts.Where(s => s.Email == accountmodel.Email).Any())
{
TempData["ProcessRegisterFailureMessage"] = "The email provided already exist, please try again with a different email.";
TempData["displayModal"] = "registerModal";
return(RedirectToAction(returnAction, returnController));
}
//Add registration
if (SecurityFunctions.AddNewRegistration(accountmodel.Email, accountmodel.Password, false))
{
string to_name = AppFunctions.FirstLetterToUpper(AppFunctions.GetUsernameFromEmail(accountmodel.Email));
string h1_text = "Welcome to Gambia Review.";
string h2_text = null;
string p1_text = "You've successfully registered in Gambia Review application system.";
string p2_text = "You can contact us by phone +7 (495) 280-14- 81 (ext. 3397) or by using the feedback form, which is presented on the questionnaire page. Our staff will promptly provide answers to your questions. You can fill in the questionnaire sections in any order convenient for you.";
//Send email to registerer
AppEmailer.SendEmail(GMailer.GetGambiaReviewEmail(), "Gambia Review", accountmodel.Email, to_name, "Welcome to Gambia Review",
h1_text, h2_text, p1_text, p2_text, null, null, null, null, null);
//Send email to Gambia Review
to_name = "Gambia Review Team";
h1_text = "New User Registered";
h2_text = null;
p1_text = "User with email :" + accountmodel.Email + " has registered.";
p2_text = null;
AppEmailer.SendEmail(GMailer.GetGambiaReviewEmail(), "Gambia Review", "*****@*****.**", to_name, "Welcome to Gambia Review",
h1_text, h2_text, p1_text, p2_text, null, null, null, null, null);
//Add Login data
var SessionID = SecurityFunctions.ComputeSha256Hash(AppFunctions.RandomString(12).ToString());
if (!SecurityFunctions.AddLoginInfo(accountmodel.Email, DateTime.Now, 0, 0, null, 0, SessionID, DateTime.Now))
{
//Think of what to do here
//Log Error
}
TempData["ProcessSuccessMessage"] = "Registration successfull.";
SecurityFunctions Security = new SecurityFunctions();
Session["sessionID"] = SessionID;
Session["sessionEmail"] = accountmodel.Email;
Session["sessionFullName"] = Security.ReturnAccountData(accountmodel.Email, "FirstName") + " " + Security.ReturnAccountData(accountmodel.Email, "LastName");
if (string.IsNullOrEmpty(Security.ReturnAccountData(accountmodel.Email, "FirstName")))
{
Session["sessionFullName"] = accountmodel.Email;
}
Session["sessionProfilePic"] = Security.ReturnAccountData(accountmodel.Email, "DirectoryName") + "/" + Security.ReturnAccountProfilePic(accountmodel.Email);
if (string.IsNullOrEmpty(Security.ReturnAccountData(accountmodel.Email, "DirectoryName")))
{
Session["sessionProfilePic"] = AppFunctions.GetDefaultProfileLink();
}
return(RedirectToAction("Index", "Home"));
}
else
{
TempData["ProcessFailureMessage"] = "Registration failed, please try again.";
return(RedirectToAction(returnAction, returnController));
}
}
else
{
StringBuilder result = new StringBuilder();
foreach (var item in ModelState)
{
string key = item.Key;
var errors = item.Value.Errors;
foreach (var error in errors)
{
result.Append(key + " " + error.ErrorMessage + "#");
}
}
TempData["ProcessRegisterFailureMessage"] = result.ToString();
TempData["displayModal"] = "registerModal";
}
return(RedirectToAction(returnAction, returnController));
}
public async Task <ActionResult> ExternalLoginCallback(string returnUrl)
{
var ReturnUrl = "Index";
if (TempData["ReturnUrl"] != null)
{
ReturnUrl = TempData["ReturnUrl"].ToString();
}
var loginInfo = await AuthenticationManager.GetExternalLoginInfoAsync();
if (loginInfo == null)
{
return(RedirectToAction("Login", "Home"));
}
// Sign in the user with this external login provider if the user already has a login
var result = await SignInManager.ExternalSignInAsync(loginInfo, isPersistent : false);
switch (result)
{
case SignInStatus.Success:
return(RedirectToLocal(returnUrl));
case SignInStatus.LockedOut:
return(View("Lockout"));
case SignInStatus.RequiresVerification:
return(RedirectToAction("SendCode", new { ReturnUrl = returnUrl, RememberMe = false }));
case SignInStatus.Failure:
default:
// If the user does not have an account, then prompt the user to create an account
ViewBag.ReturnUrl = returnUrl;
ViewBag.LoginProvider = loginInfo.Login.LoginProvider;
//Check if New Oauth Login
if (!db.Accounts.Any(s => s.Email == loginInfo.Email))
{
//Add registration
try
{
SecurityFunctions.AddNewRegistration(loginInfo.Email, AppFunctions.GetUsernameFromEmail(loginInfo.Email), true);
}
catch (Exception ex)
{
Console.WriteLine(ex);
//Log Error
SecurityFunctions.LogError(ex, loginInfo.Email, "ExternalLoginCallback", returnUrl);
}
}
//Login valid
var SessionID = SecurityFunctions.ComputeSha256Hash(AppFunctions.RandomString(12).ToString());
if (!SecurityFunctions.AddLoginInfo(loginInfo.Email, DateTime.Now, 0, 0, null, 0, SessionID, DateTime.Now))
{
//Think of what to do here
//Log Error
//SecurityFunctions.LogError(ex, loginInfo.Email, "ExternalLoginCallback", returnUrl);
}
//My Custom Edits
SecurityFunctions Security = new SecurityFunctions();
Session["sessionID"] = SessionID;
Session["sessionEmail"] = loginInfo.Email;
Session["sessionFullName"] = Security.ReturnAccountData(loginInfo.Email, "FirstName") + " " + Security.ReturnAccountData(loginInfo.Email, "LastName");
Session["sessionProfilePic"] = Security.ReturnAccountData(loginInfo.Email, "DirectoryName") + "/" + Security.ReturnAccountProfilePic(loginInfo.Email);
Session["sessionOauth"] = true;
if (string.IsNullOrEmpty(Security.ReturnAccountData(loginInfo.Email, "FirstName")))
{
Session["sessionFullName"] = loginInfo.Email;
}
Session["sessionProfilePic"] = Security.ReturnAccountData(loginInfo.Email, "DirectoryName") + "/" + Security.ReturnAccountProfilePic(loginInfo.Email);
if (string.IsNullOrEmpty(Security.ReturnAccountData(loginInfo.Email, "DirectoryName")) || string.IsNullOrEmpty(Security.ReturnAccountProfilePic(loginInfo.Email)))
{
Session["sessionProfilePic"] = AppFunctions.GetDefaultProfileLink();
}
//Set Admin Session Values
//System Admin
int sys_admin_id = AppFunctions.GetRoleID("SystemAdmin");
if (AppFunctions.ValidateUserRole(sys_admin_id))
{
Session["sessionSystemAdmin"] = true;
}
//Editor
int editor_id = AppFunctions.GetRoleID("Editor");
if (AppFunctions.ValidateUserRole(editor_id))
{
Session["sessionEditor"] = true;
}
//Author
int author_id = AppFunctions.GetRoleID("Author");
if (AppFunctions.ValidateUserRole(author_id))
{
Session["sessionAuthor"] = true;
}
//Censor
int censor_id = AppFunctions.GetRoleID("Censor");
if (AppFunctions.ValidateUserRole(censor_id))
{
Session["sessionCensor"] = true;
}
//Advertiser
int advitiser_id = AppFunctions.GetRoleID("Advertiser");
if (AppFunctions.ValidateUserRole(censor_id))
{
Session["sessionAdvertiser"] = true;
}
if (AppFunctions.UserHasRole()) //ie user has an admin role
{
return(RedirectToAction("Index", "Admin"));
}
//If user (Currently always the case)
if (!string.IsNullOrEmpty(ReturnUrl) && ReturnUrl != "Index")
{
//return Redirect(ReturnUrl);
}
return(RedirectToAction("Index", "Home"));
//Overriding
//return View("ExternalLoginConfirmation", new ExternalLoginConfirmationViewModel { Email = loginInfo.Email });
}
}
public ActionResult Login(AccountsModel usersmodel)
{
var returnController = "Home";
var returnAction = "Index";
if (!string.IsNullOrEmpty(Request.Form["returnController"]) && !string.IsNullOrEmpty(Request.Form["returnAction"]))
{
returnController = Request.Form["returnController"];
returnAction = Request.Form["returnAction"];
}
//If both inputs not empty
if (!string.IsNullOrEmpty(Request.Form["userEmail"]) && !string.IsNullOrEmpty(Request.Form["userPassword"]))
{
var user_email = Request.Form["userEmail"];
var user_password = Request.Form["userPassword"]; //Hash password
var remember = Request.Form["RememberMe"];
//bool remember_me = false; //Convert.ToBoolean(Request.Form["RememberMe"]);
SecurityFunctions Security = new SecurityFunctions();
if (Security.IsLoginValid(user_email, user_password))
{
//Check if account is active
int AccountStatus = Security.ReturnAccountStatus(user_email);
if (AccountStatus == 0)
{
//Login valid but pending approval
TempData["ProcessLoginFailureMessage"] = "This account has not yet been approved by the administrator.";
TempData["displayModal"] = "loginModal";
return(RedirectToAction(returnAction, returnController));
}
if (AccountStatus == 2)
{
//Login valid but pending approval
TempData["ProcessLoginFailureMessage"] = "This account is currently suspended. Please contact us at (+90) 5314950226 or send us a message.";
TempData["displayModal"] = "loginModal";
return(RedirectToAction(returnAction, returnController));
}
//Valid Login Status
if (Security.IsAccountLocked(user_email))
{
//Login valid but account locked
TempData["ProcessLoginFailureMessage"] = "This account is currently locked. Try again later.";
TempData["displayModal"] = "loginModal";
return(RedirectToAction(returnAction, returnController));
}
//If All Good
if (AccountStatus == 1)
{
//Login valid
var SessionID = SecurityFunctions.ComputeSha256Hash(AppFunctions.RandomString(12).ToString());
if (!SecurityFunctions.AddLoginInfo(user_email, DateTime.Now, 0, 0, null, 0, SessionID, DateTime.Now))
{
//Think of what to do here
//Log Error
}
Session["sessionID"] = SessionID;
Session["sessionEmail"] = user_email;
Session["sessionFullName"] = Security.ReturnAccountData(user_email, "FirstName") + " " + Security.ReturnAccountData(user_email, "LastName");
Session["sessionOauth"] = false;
if (string.IsNullOrEmpty(Security.ReturnAccountData(user_email, "FirstName")))
{
Session["sessionFullName"] = user_email;
}
Session["sessionProfilePic"] = Security.ReturnAccountData(user_email, "DirectoryName") + "/" + Security.ReturnAccountProfilePic(user_email);
if (string.IsNullOrEmpty(Security.ReturnAccountData(user_email, "DirectoryName")) || string.IsNullOrEmpty(Security.ReturnAccountProfilePic(user_email)))
{
Session["sessionProfilePic"] = AppFunctions.GetDefaultProfileLink();
}
//Set Admin Session Values
//System Admin
int sys_admin_id = AppFunctions.GetRoleID("SystemAdmin");
if (AppFunctions.ValidateUserRole(sys_admin_id))
{
Session["sessionSystemAdmin"] = true;
}
//Editor
int editor_id = AppFunctions.GetRoleID("Editor");
if (AppFunctions.ValidateUserRole(editor_id))
{
Session["sessionEditor"] = true;
}
//Author
int author_id = AppFunctions.GetRoleID("Author");
if (AppFunctions.ValidateUserRole(author_id))
{
Session["sessionAuthor"] = true;
}
//Censor
int censor_id = AppFunctions.GetRoleID("Censor");
if (AppFunctions.ValidateUserRole(censor_id))
{
Session["sessionCensor"] = true;
}
//Advertiser
int advitiser_id = AppFunctions.GetRoleID("Advertiser");
if (AppFunctions.ValidateUserRole(censor_id))
{
Session["sessionAdvertiser"] = true;
}
if (AppFunctions.UserHasRole())//ie user has an admin role
{
return(RedirectToAction("Index", "Admin"));
}
return(RedirectToAction("Index", "User"));
}
}
else
{
//Login not valid
TempData["ProcessLoginFailureMessage"] = "Wrong username or password! Please try again.";
TempData["displayModal"] = "loginModal";
return(RedirectToAction(returnAction, returnController));
}
}
// If we got this far, something failed, redisplay form
//Login not valid
TempData["ProcessLoginFailureMessage"] = "Email and password field required.";
TempData["displayModal"] = "loginModal";
return(RedirectToAction(returnAction, returnController));
}