public virtual async Task <ActionResult> Login(LoginModel model, [FromUri] string returnUrl)
{
if (ModelState.IsValid && Membership.ValidateUser(model.UserName, model.Password))
{
var getEmployeeResult = await Task.Run(() => _employeesService.GetEmployeeDetailsByUserName(model.UserName));
if (getEmployeeResult.State == ResultState.Invalid)
{
ModelState.AddModelError("", UserMessages.UnauthorizedUser);
return(View(model));
}
getEmployeeResult.EnsureSuccessWithHttpResponseException();
var employee = getEmployeeResult.ResultingObject;
if (!employee.IsActive)
{
ModelState.AddModelError("", UserMessages.InactiveEmployeeAccount);
return(View(model));
}
var claims = new List <Claim>();
claims.Add(new Claim(System.Security.Claims.ClaimTypes.NameIdentifier, employee.UserName));
claims.Add(new Claim(System.Security.Claims.ClaimTypes.Name, employee.DisplayName));
claims.Add(new Claim(System.Security.Claims.ClaimTypes.Email, employee.EmailAddress));
claims.Add(new Claim("EmployeeId", employee.EmployeeKey));
claims.Add(new Claim(ClaimTypes.SessionToken, Guid.NewGuid().ToString()));
claims.Add(new Claim(ClaimTypes.UserToken, employee.UserName));
claims.AddRange(employee.Claims.Select(claim => new Claim(claim.Key, claim.Value)));
var claimsPrincipal = new ClaimsPrincipal(new ClaimsIdentity(claims, "Forms"));
var authManager = FederatedAuthentication.FederationConfiguration.IdentityConfiguration.ClaimsAuthenticationManager;
authManager.Authenticate(string.Empty, claimsPrincipal);
return(Url.IsLocalUrl(returnUrl)
? Redirect(returnUrl) as ActionResult
: RedirectToAction("Index", "Home"));
}
ModelState.AddModelError("", "Invalid login.");
return(View(model));
}
public virtual ActionResult Register(RegisterModel model)
{
if (ModelState.IsValid)
{
if (!string.IsNullOrWhiteSpace(model.EmployeeKey))
{
var getEmployeeResult = _employeesService.GetEmployeeDetailsByUserName(model.UserName);
if (getEmployeeResult.State == ResultState.Invalid)
{
ModelState.AddModelError("",
string.Format("Employee with username \"{0}\" was not found.", model.UserName));
return(View(MVC.Security.Views.Register, model));
}
if (!getEmployeeResult.ResultingObject.EmployeeKey.Equals(model.EmployeeKey, StringComparison.OrdinalIgnoreCase))
{
ModelState.AddModelError("", string.Format("Employee ID and Username do not match."));
return(View(MVC.Security.Views.Register, model));
}
if (!getEmployeeResult.Success)
{
throw new ApplicationException(string.Format("Unable to get employee data. Message: \"{0}\"", getEmployeeResult.Message));
}
var updateEmployeeParam = new ActivateEmployeeParameters
{
EmployeeKey = model.EmployeeKey,
EmailAddress = model.Email,
};
var result = _employeesService.ActivateEmployee(updateEmployeeParam);
if (!result.Success)
{
ModelState.AddModelError("", "Unable to update employee information.");
return(View(MVC.Security.Views.Register, model));
}
}
else
{
var createEmployeeResult = _employeesService.CreateEmployee(new CreateEmployeeParameters
{
UserName = model.UserName,
EmailAddress = model.Email,
});
if (!createEmployeeResult.Success)
{
ModelState.AddModelError("", "Unable to create new employee.");
return(View(MVC.Security.Views.Register, model));
}
}
// Attempt to register the user
MembershipCreateStatus createStatus;
Membership.CreateUser(model.UserName, model.Password, model.Email, passwordQuestion: null, passwordAnswer: null, isApproved: true, providerUserKey: null, status: out createStatus);
if (createStatus == MembershipCreateStatus.Success)
{
MessengerService.SetMessage(MessageType.Informational, "Employee membership created successfully.");
ViewBag.AsActionMessage = "Employee membership created successfully.";
return(View());
}
else
{
ModelState.AddModelError("", ErrorCodeToString(createStatus));
}
}
// If we got this far, something failed, redisplay form
return(View(model));
}
