public ActionResult Create(CreateSessionViewModel viewModel)
{
if (!ModelState.IsValid)
{
return(View(viewModel));
}
using (var sqlStorage = new SqlStorage())
{
// trimmin
viewModel.Username = (viewModel.Username ?? "").Trim();
var branchIdentity =
sqlStorage.BranchIdentities.FirstOrDefault(
i => i.Email.ToLower() == viewModel.Username.ToLower() || i.Username.ToLower() == viewModel.Username.ToLower());
if (branchIdentity == null)
{
ModelState.AddModelError("Username", "An Identity with that Username/Email doesn't exist.");
return(View(viewModel));
}
if (!Pbkdf2Crypto.ValidateHash(viewModel.Password, branchIdentity.PasswordHash, branchIdentity.PasswordSalt, branchIdentity.PasswordIterations))
{
ModelState.AddModelError("Password", "Incorrect Password.");
return(View(viewModel));
}
// Create Session
var ipAddress = Request.ServerVariables.Get("HTTP_CF_CONNECTING_IP") ?? Request.UserHostAddress;
var branchSession = BranchSession.Create(ipAddress, Request.UserAgent, branchIdentity, viewModel.RememberMe);
sqlStorage.BranchSessions.Add(branchSession);
branchIdentity.BranchIdentitySessions.Add(branchSession);
// Set Cookie
var cookie = new HttpCookie("SessionIdentifier", branchSession.Identifier.ToString())
{
Expires = branchSession.ExpiresAt
};
Response.SetCookie(cookie);
sqlStorage.SaveChanges();
return(RedirectToRoute("BranchIdentityView", new { controller = "Home", action = "Index", slug = branchIdentity.Username }));
}
}
public ActionResult Index(CreateIdentityViewModel viewModel)
{
using (var sqlStorage = new SqlStorage())
{
if (!ModelState.IsValid)
{
return(View(viewModel));
}
// Trimmin'
viewModel.Email = viewModel.Email.Trim();
viewModel.FullName = viewModel.FullName.Trim();
viewModel.Gamertag = viewModel.Gamertag.Trim();
viewModel.Username = viewModel.Username.Trim();
viewModel.InvitationCode = viewModel.InvitationCode.Trim();
// Validate uniqueness of Username and Email
var user = sqlStorage.BranchIdentities
.FirstOrDefault(i =>
i.Username.ToLower() == viewModel.Username.ToLower() ||
i.Email.ToLower() == viewModel.Email.ToLower());
if (user != null)
{
ModelState.AddModelError("Username", "Either this username has already been taken, or that email has already been used.");
ModelState.AddModelError("Email", "Either this username has already been taken, or that email has already been used.");
}
// Validate Invite Code
var invite =
sqlStorage.BranchIdentityInvitations.FirstOrDefault(
i => i.InvitationCode.ToLower() == viewModel.InvitationCode.ToLower() && !i.Used);
if (invite == null)
{
ModelState.AddModelError("InvitationCode", "This invite code has either been used or isn't valid. Sorry bae.");
}
// Check Password is identical
if (viewModel.Password != viewModel.PasswordConfirm)
{
ModelState.AddModelError("Password", "Your password and confirmation do not match.");
}
// Check Password Complexity
var complexity = 0;
if (Regex.IsMatch(viewModel.Password, @"\d+"))
{
complexity++;
}
if (Regex.IsMatch(viewModel.Password, @"[a-z]+"))
{
complexity++;
}
if (Regex.IsMatch(viewModel.Password, @"[A-Z]+"))
{
complexity++;
}
if (Regex.IsMatch(viewModel.Password, @"[^a-zA-Z\d]+"))
{
complexity++;
}
if (complexity < 2)
{
ModelState.AddModelError("Password", "Your password is not complex enough.");
}
if (!ModelState.IsValid)
{
viewModel.Password = viewModel.PasswordConfirm = "";
return(View(viewModel));
}
// All gucci, create Branch Identity
var password = Pbkdf2Crypto.ComputeHash(viewModel.Password, new Random().Next(1000, 1200));
var branchIdentity = new BranchIdentity
{
BranchRole = sqlStorage.BranchRoles.First(r => r.Type == RoleType.User),
Email = viewModel.Email,
FullName = viewModel.FullName,
Username = viewModel.Username,
PasswordHash = password.Hash,
PasswordIterations = password.Iterations,
PasswordSalt = password.Salt,
BranchIdentityInvitation = invite
};
// Set invite as used
// ReSharper disable once PossibleNullReferenceException
invite.Used = true;
// Check gamer ids
GlobalStorage.H4Manager.GetPlayerServiceRecord(viewModel.Gamertag, true);
GlobalStorage.HReachManager.GetPlayerServiceRecord(viewModel.Gamertag, true);
var gamerIdSafe = GamerIdentity.EscapeGamerId(viewModel.Gamertag);
var gamerId = sqlStorage.GamerIdentities.FirstOrDefault(g => g.GamerIdSafe == gamerIdSafe);
if (gamerId != null)
{
branchIdentity.GamerIdentity = gamerId;
}
sqlStorage.BranchIdentities.Add(branchIdentity);
sqlStorage.SaveChanges();
var ipAddress = Request.ServerVariables.Get("HTTP_CF_CONNECTING_IP") ?? Request.UserHostAddress;
var branchSession = BranchSession.Create(ipAddress, Request.UserAgent, branchIdentity, false);
sqlStorage.BranchSessions.Add(branchSession);
var cookie = new HttpCookie("SessionIdentifier", branchSession.Identifier.ToString())
{
Expires = branchSession.ExpiresAt
};
Response.SetCookie(cookie);
sqlStorage.SaveChanges();
return(RedirectToRoute("BranchIdentityView", new { controller = "Home", action = "Index", slug = branchIdentity.Username }));
}
}
