public virtual async Task <ActionResult> Login(LoginModel model, [FromUri] string returnUrl) { if (ModelState.IsValid && Membership.ValidateUser(model.UserName, model.Password)) { var getEmployeeResult = await Task.Run(() => _employeesService.GetEmployeeDetailsByUserName(model.UserName)); if (getEmployeeResult.State == ResultState.Invalid) { ModelState.AddModelError("", UserMessages.UnauthorizedUser); return(View(model)); } getEmployeeResult.EnsureSuccessWithHttpResponseException(); var employee = getEmployeeResult.ResultingObject; if (!employee.IsActive) { ModelState.AddModelError("", UserMessages.InactiveEmployeeAccount); return(View(model)); } var claims = new List <Claim>(); claims.Add(new Claim(System.Security.Claims.ClaimTypes.NameIdentifier, employee.UserName)); claims.Add(new Claim(System.Security.Claims.ClaimTypes.Name, employee.DisplayName)); claims.Add(new Claim(System.Security.Claims.ClaimTypes.Email, employee.EmailAddress)); claims.Add(new Claim("EmployeeId", employee.EmployeeKey)); claims.Add(new Claim(ClaimTypes.SessionToken, Guid.NewGuid().ToString())); claims.Add(new Claim(ClaimTypes.UserToken, employee.UserName)); claims.AddRange(employee.Claims.Select(claim => new Claim(claim.Key, claim.Value))); var claimsPrincipal = new ClaimsPrincipal(new ClaimsIdentity(claims, "Forms")); var authManager = FederatedAuthentication.FederationConfiguration.IdentityConfiguration.ClaimsAuthenticationManager; authManager.Authenticate(string.Empty, claimsPrincipal); return(Url.IsLocalUrl(returnUrl) ? Redirect(returnUrl) as ActionResult : RedirectToAction("Index", "Home")); } ModelState.AddModelError("", "Invalid login."); return(View(model)); }
public virtual ActionResult Register(RegisterModel model) { if (ModelState.IsValid) { if (!string.IsNullOrWhiteSpace(model.EmployeeKey)) { var getEmployeeResult = _employeesService.GetEmployeeDetailsByUserName(model.UserName); if (getEmployeeResult.State == ResultState.Invalid) { ModelState.AddModelError("", string.Format("Employee with username \"{0}\" was not found.", model.UserName)); return(View(MVC.Security.Views.Register, model)); } if (!getEmployeeResult.ResultingObject.EmployeeKey.Equals(model.EmployeeKey, StringComparison.OrdinalIgnoreCase)) { ModelState.AddModelError("", string.Format("Employee ID and Username do not match.")); return(View(MVC.Security.Views.Register, model)); } if (!getEmployeeResult.Success) { throw new ApplicationException(string.Format("Unable to get employee data. Message: \"{0}\"", getEmployeeResult.Message)); } var updateEmployeeParam = new ActivateEmployeeParameters { EmployeeKey = model.EmployeeKey, EmailAddress = model.Email, }; var result = _employeesService.ActivateEmployee(updateEmployeeParam); if (!result.Success) { ModelState.AddModelError("", "Unable to update employee information."); return(View(MVC.Security.Views.Register, model)); } } else { var createEmployeeResult = _employeesService.CreateEmployee(new CreateEmployeeParameters { UserName = model.UserName, EmailAddress = model.Email, }); if (!createEmployeeResult.Success) { ModelState.AddModelError("", "Unable to create new employee."); return(View(MVC.Security.Views.Register, model)); } } // Attempt to register the user MembershipCreateStatus createStatus; Membership.CreateUser(model.UserName, model.Password, model.Email, passwordQuestion: null, passwordAnswer: null, isApproved: true, providerUserKey: null, status: out createStatus); if (createStatus == MembershipCreateStatus.Success) { MessengerService.SetMessage(MessageType.Informational, "Employee membership created successfully."); ViewBag.AsActionMessage = "Employee membership created successfully."; return(View()); } else { ModelState.AddModelError("", ErrorCodeToString(createStatus)); } } // If we got this far, something failed, redisplay form return(View(model)); }