public async Task <ActionResult> Register(CombinedLRViewModel model)
{
if (ModelState.IsValid)
{
var user = new ApplicationUser {
UserName = model.RegisterViewModel.Email, Email = model.RegisterViewModel.Email
};
var result = await UserManager.CreateAsync(user, model.RegisterViewModel.Password);
if (result.Succeeded)
{
// Adds person registering to role user
IdentityResult roleUser = UserManager.AddToRole(user.Id, "User");
//Create new User
User newUser = new User(user.Id, model.RegisterViewModel.FirstName, model.RegisterViewModel.LastName);
db.Users.Add(newUser);
// Check and see if place exists in database///////////////////////
Place place = db.Places.Find(model.RegisterViewModel.PlaceID);
if (place == null)
{
Place newPlace = new Place(model.RegisterViewModel.PlaceID, model.RegisterViewModel.PlaceName, model.RegisterViewModel.Lat, model.RegisterViewModel.Lng);
db.Places.Add(newPlace);
}
// Create new UserProfile
UserProfile userProfile = new UserProfile {
UserID = user.Id, DOB = model.RegisterViewModel.DOB, HomeTown = model.RegisterViewModel.PlaceID
};
db.UserProfiles.Add(userProfile);
db.SaveChanges();
// Comment the following line to prevent log in until the user is confirmed.
// await SignInManager.SignInAsync(user, isPersistent:false, rememberBrowser:false);
// For more information on how to enable account confirmation and password reset please visit http://go.microsoft.com/fwlink/?LinkID=320771
// Send an email with this link
string code = await UserManager.GenerateEmailConfirmationTokenAsync(user.Id);
var callbackUrl = Url.Action("ConfirmEmail", "Account", new { userId = user.Id, code = code }, protocol: Request.Url.Scheme);
await UserManager.SendEmailAsync(user.Id, "Confirm your account", "Please confirm your Bewander.com account by clicking <a href=\"" + callbackUrl + "\">here</a>");
// Uncomment to debug locally without sending email-connect to Views\Shared\Info.cshtml
// TempData["ViewBagLink"] = callbackUrl;
// require new users to have a confirmed email before they are logged in (authenticated).
ViewBag.Message = "Check your email and confirm your account, you must be confirmed "
+ "before you can log in.";
return(View("Info"));
//return RedirectToAction("Index", "Home");
}
AddErrors(result);
}
// If we got this far, something failed, redisplay form
// As of early Feb 2017 the Registration and Login page are combined.
//Therefore if registration fails, we want to display the "Login" view, not "Register" if it fails.
return(View("Login", model));
}
public async Task <ActionResult> Login(CombinedLRViewModel model, string returnUrl)
{
if (!ModelState.IsValid)
{
return(View(model));
}
// Require the user to have a confirmed email before they can log on.
var user = await UserManager.FindByNameAsync(model.LoginViewModel.Email);
if (user != null)
{
if (!await UserManager.IsEmailConfirmedAsync(user.Id))
{
ViewBag.errorMessage = "You must have a confirmed email to log on.";
return(View("Error"));
}
}
var loggedinUser = await UserManager.FindAsync(model.LoginViewModel.Email, model.LoginViewModel.Password);
if (loggedinUser != null)
{
// Now user have entered correct username and password.
// Time to change the security stamp
await UserManager.UpdateSecurityStampAsync(loggedinUser.Id);
}
// This doesn't count login failures towards account lockout
// To disable password failures to trigger account lockout, change to shouldLockout: false
var result = await SignInManager.PasswordSignInAsync(model.LoginViewModel.Email, model.LoginViewModel.Password, model.LoginViewModel.RememberMe, shouldLockout : true);
switch (result)
{
case SignInStatus.Success:
return(RedirectToLocal(returnUrl));
case SignInStatus.LockedOut:
//This code will pretty much be untested, but it's intended to prevent an edge-case where the user is locked out
//and their time for LockoutEndDate set to 1:37:59, aka our flag time to indicate an admin lock.
//This will hopefully present edge cases where the user is locked out of their account at a really specific time (there's only 1 second of the day
//where this is possible, but this is aimed to prevent that). If this code doesn't work... oops. There's really no way to test it without implementing
//test driven development principals accross this project.
var userid = await UserManager.FindByNameAsync(model.LoginViewModel.Email);
DateTime tod = new DateTime(1992, 5, 22, 1, 37, 59);
if (userid.LockoutEndDateUtc.Value.TimeOfDay == tod.TimeOfDay)
{
DateTime newtime = userid.LockoutEndDateUtc.Value;
await UserManager.SetLockoutEndDateAsync(userid.Id, newtime.Date.AddMinutes(-1));
}
return(View("Lockout"));
case SignInStatus.RequiresVerification:
return(RedirectToAction("SendCode", new { ReturnUrl = returnUrl, RememberMe = model.LoginViewModel.RememberMe }));
case SignInStatus.Failure:
default:
ModelState.AddModelError("", "Invalid login attempt.");
return(View(model));
}
}
