public async Task <ActionResult> Register(CombinedLRViewModel model) { if (ModelState.IsValid) { var user = new ApplicationUser { UserName = model.RegisterViewModel.Email, Email = model.RegisterViewModel.Email }; var result = await UserManager.CreateAsync(user, model.RegisterViewModel.Password); if (result.Succeeded) { // Adds person registering to role user IdentityResult roleUser = UserManager.AddToRole(user.Id, "User"); //Create new User User newUser = new User(user.Id, model.RegisterViewModel.FirstName, model.RegisterViewModel.LastName); db.Users.Add(newUser); // Check and see if place exists in database/////////////////////// Place place = db.Places.Find(model.RegisterViewModel.PlaceID); if (place == null) { Place newPlace = new Place(model.RegisterViewModel.PlaceID, model.RegisterViewModel.PlaceName, model.RegisterViewModel.Lat, model.RegisterViewModel.Lng); db.Places.Add(newPlace); } // Create new UserProfile UserProfile userProfile = new UserProfile { UserID = user.Id, DOB = model.RegisterViewModel.DOB, HomeTown = model.RegisterViewModel.PlaceID }; db.UserProfiles.Add(userProfile); db.SaveChanges(); // Comment the following line to prevent log in until the user is confirmed. // await SignInManager.SignInAsync(user, isPersistent:false, rememberBrowser:false); // For more information on how to enable account confirmation and password reset please visit http://go.microsoft.com/fwlink/?LinkID=320771 // Send an email with this link string code = await UserManager.GenerateEmailConfirmationTokenAsync(user.Id); var callbackUrl = Url.Action("ConfirmEmail", "Account", new { userId = user.Id, code = code }, protocol: Request.Url.Scheme); await UserManager.SendEmailAsync(user.Id, "Confirm your account", "Please confirm your Bewander.com account by clicking <a href=\"" + callbackUrl + "\">here</a>"); // Uncomment to debug locally without sending email-connect to Views\Shared\Info.cshtml // TempData["ViewBagLink"] = callbackUrl; // require new users to have a confirmed email before they are logged in (authenticated). ViewBag.Message = "Check your email and confirm your account, you must be confirmed " + "before you can log in."; return(View("Info")); //return RedirectToAction("Index", "Home"); } AddErrors(result); } // If we got this far, something failed, redisplay form // As of early Feb 2017 the Registration and Login page are combined. //Therefore if registration fails, we want to display the "Login" view, not "Register" if it fails. return(View("Login", model)); }
public async Task <ActionResult> Login(CombinedLRViewModel model, string returnUrl) { if (!ModelState.IsValid) { return(View(model)); } // Require the user to have a confirmed email before they can log on. var user = await UserManager.FindByNameAsync(model.LoginViewModel.Email); if (user != null) { if (!await UserManager.IsEmailConfirmedAsync(user.Id)) { ViewBag.errorMessage = "You must have a confirmed email to log on."; return(View("Error")); } } var loggedinUser = await UserManager.FindAsync(model.LoginViewModel.Email, model.LoginViewModel.Password); if (loggedinUser != null) { // Now user have entered correct username and password. // Time to change the security stamp await UserManager.UpdateSecurityStampAsync(loggedinUser.Id); } // This doesn't count login failures towards account lockout // To disable password failures to trigger account lockout, change to shouldLockout: false var result = await SignInManager.PasswordSignInAsync(model.LoginViewModel.Email, model.LoginViewModel.Password, model.LoginViewModel.RememberMe, shouldLockout : true); switch (result) { case SignInStatus.Success: return(RedirectToLocal(returnUrl)); case SignInStatus.LockedOut: //This code will pretty much be untested, but it's intended to prevent an edge-case where the user is locked out //and their time for LockoutEndDate set to 1:37:59, aka our flag time to indicate an admin lock. //This will hopefully present edge cases where the user is locked out of their account at a really specific time (there's only 1 second of the day //where this is possible, but this is aimed to prevent that). If this code doesn't work... oops. There's really no way to test it without implementing //test driven development principals accross this project. var userid = await UserManager.FindByNameAsync(model.LoginViewModel.Email); DateTime tod = new DateTime(1992, 5, 22, 1, 37, 59); if (userid.LockoutEndDateUtc.Value.TimeOfDay == tod.TimeOfDay) { DateTime newtime = userid.LockoutEndDateUtc.Value; await UserManager.SetLockoutEndDateAsync(userid.Id, newtime.Date.AddMinutes(-1)); } return(View("Lockout")); case SignInStatus.RequiresVerification: return(RedirectToAction("SendCode", new { ReturnUrl = returnUrl, RememberMe = model.LoginViewModel.RememberMe })); case SignInStatus.Failure: default: ModelState.AddModelError("", "Invalid login attempt."); return(View(model)); } }