public async Task <IActionResult> NewComment(Guid postId, NewCommentModel model, [FromServices] ISessionBasedCaptcha captcha) { if (!string.IsNullOrWhiteSpace(model.Email) && !Helper.IsValidEmailAddress(model.Email)) { ModelState.AddModelError(nameof(model.Email), "Invalid Email address."); return(BadRequest(ModelState.CombineErrorMessages())); } if (!_blogConfig.ContentSettings.EnableComments) { return(Forbid()); } if (!captcha.ValidateCaptchaCode(model.CaptchaCode, HttpContext.Session)) { ModelState.AddModelError(nameof(model.CaptchaCode), "Wrong Captcha Code"); return(Conflict(ModelState)); } var response = await _commentService.CreateAsync(new(postId) { Username = model.Username, Content = model.Content, Email = model.Email, IpAddress = (bool)HttpContext.Items["DNT"] ? "N/A" : HttpContext.Connection.RemoteIpAddress?.ToString() });
public async Task <IActionResult> NewComment(PostSlugViewModelWrapper model, [FromServices] ISessionBasedCaptcha captcha) { try { if (!ModelState.IsValid) { Response.StatusCode = (int)HttpStatusCode.BadRequest; return(Json(new CommentResponse(false, CommentResponseCode.InvalidModel))); } if (!_blogConfig.ContentSettings.EnableComments) { Response.StatusCode = (int)HttpStatusCode.Forbidden; return(Json(new CommentResponse(false, CommentResponseCode.CommentDisabled))); } // Validate BasicCaptcha Code if (!captcha.ValidateCaptchaCode(model.NewCommentViewModel.CaptchaCode, HttpContext.Session)) { Logger.LogWarning("Wrong Captcha Code"); ModelState.AddModelError(nameof(model.NewCommentViewModel.CaptchaCode), "Wrong Captcha Code"); Response.StatusCode = (int)HttpStatusCode.BadRequest; return(Json(new CommentResponse(false, CommentResponseCode.WrongCaptcha))); } var commentPostModel = model.NewCommentViewModel; var response = await _commentService.CreateAsync(new NewCommentRequest(commentPostModel.PostId) { Username = commentPostModel.Username, Content = commentPostModel.Content, Email = commentPostModel.Email, IpAddress = HttpContext.Connection.RemoteIpAddress.ToString() }); if (_blogConfig.NotificationSettings.SendEmailOnNewComment && null != _notificationClient) { _ = Task.Run(async() => { await _notificationClient.NotifyNewCommentAsync(response, s => Utils.MarkdownToContent(s, Utils.MarkdownConvertType.Html)); }); } var cResponse = new CommentResponse(true, _blogConfig.ContentSettings.RequireCommentReview ? CommentResponseCode.Success : CommentResponseCode.SuccessNonReview); return(Json(cResponse)); } catch (Exception e) { Logger.LogError(e, "Error NewComment"); Response.StatusCode = (int)HttpStatusCode.InternalServerError; return(Json(new CommentResponse(false, CommentResponseCode.UnknownError))); } }
public async Task <IActionResult> Register(RegisterViewModel model) { if (!_captcha.ValidateCaptchaCode(model.CaptchaCode, HttpContext.Session)) { ModelState.AddModelError(string.Empty, "Invalid captacha code!"); } var app = (await _apiService.AppInfoAsync(model.AppId)).App; if (!ModelState.IsValid) { model.Recover(app.AppName, app.IconPath); return(View(model)); } bool exists = _dbContext.UserEmails.Any(t => t.EmailAddress == model.Email.ToLower()); if (exists) { ModelState.AddModelError(string.Empty, $"An user with email '{model.Email}' already exists!"); model.Recover(app.AppName, app.IconPath); return(View(model)); } var user = new GatewayUser { UserName = model.Email, Email = model.Email, NickName = model.Email.Split('@')[0], PreferedLanguage = model.PreferedLanguage, IconFilePath = Values.DefaultImagePath, RegisterIPAddress = HttpContext.Connection.RemoteIpAddress.ToString() }; var result = await _userManager.CreateAsync(user, model.Password); if (result.Succeeded) { var primaryMail = new UserEmail { EmailAddress = model.Email.ToLower(), OwnerId = user.Id, ValidateToken = Guid.NewGuid().ToString("N") }; _dbContext.UserEmails.Add(primaryMail); await _dbContext.SaveChangesAsync(); // Send him an confirmation email here: await _emailSender.SendConfirmation(user.Id, primaryMail.EmailAddress, primaryMail.ValidateToken); await _authLogger.LogAuthRecord(user.Id, HttpContext.Connection.RemoteIpAddress.ToString(), true, app.AppId); await _signInManager.SignInAsync(user, isPersistent : true); return(await _authManager.FinishAuth(user, model, app.ForceConfirmation)); } AddErrors(result); model.Recover(app.AppName, app.IconPath); return(View(model)); }
public IActionResult Index(HomeModel model) { if (ModelState.IsValid) { bool isValidCaptcha = _captcha.ValidateCaptchaCode(model.CaptchaCode, HttpContext.Session); return(Content(isValidCaptcha ? "Success" : "Invalid captcha code")); } return(BadRequest()); }
public async Task <IActionResult> Post(PostCommentDto dto) { if (ModelState.IsValid) { if (_captcha.ValidateCaptchaCode(dto.Code, HttpContext.Session)) { dto.IPv4 = Request.Host.ToString(); await _commentService.CreateAsync(dto); return(RedirectToAction("Detail", "Article", new { id = dto.ArticleId })); } else { TempData["ErrorCaptcha"] = true; } } TempData.Put("ErrorModel", dto); return(RedirectToAction("Detail", "Article", new { id = dto.ArticleId })); }
public async Task <IActionResult> NewComment(Guid postId, NewCommentModel model, [FromServices] ISessionBasedCaptcha captcha) { if (!ModelState.IsValid) { return(BadRequest(ModelState)); } if (!_blogConfig.ContentSettings.EnableComments) { return(Forbid()); } if (!captcha.ValidateCaptchaCode(model.CaptchaCode, HttpContext.Session)) { ModelState.AddModelError(nameof(model.CaptchaCode), "Wrong Captcha Code"); return(Conflict(ModelState)); } var response = await _commentService.CreateAsync(new CommentRequest(postId) { Username = model.Username, Content = model.Content, Email = model.Email, IpAddress = DNT ? "N/A" : HttpContext.Connection.RemoteIpAddress.ToString() }); if (_blogConfig.NotificationSettings.SendEmailOnNewComment && _notificationClient is not null) { _ = Task.Run(async() => { await _notificationClient.NotifyCommentAsync(response, s => ContentProcessor.MarkdownToContent(s, ContentProcessor.MarkdownConvertType.Html)); }); } if (_blogConfig.ContentSettings.RequireCommentReview) { return(Created("moonglade://empty", response)); } return(Ok()); }
public async Task <IActionResult> NewComment(PostSlugViewModelWrapper model, [FromServices] ISessionBasedCaptcha captcha) { try { if (ModelState.IsValid) { // Validate BasicCaptcha Code if (!captcha.ValidateCaptchaCode(model.NewCommentViewModel.CaptchaCode, HttpContext.Session)) { Logger.LogWarning("Wrong Captcha Code"); ModelState.AddModelError(nameof(model.NewCommentViewModel.CaptchaCode), "Wrong Captcha Code"); Response.StatusCode = (int)HttpStatusCode.BadRequest; var cResponse = new CommentResponse(false, CommentResponseCode.WrongCaptcha); return(Json(cResponse)); } var commentPostModel = model.NewCommentViewModel; var response = await _commentService.AddCommentAsync(new NewCommentRequest(commentPostModel.PostId) { Username = commentPostModel.Username, Content = commentPostModel.Content, Email = commentPostModel.Email, IpAddress = HttpContext.Connection.RemoteIpAddress.ToString(), UserAgent = GetUserAgent() }); if (response.IsSuccess) { if (_blogConfig.EmailSettings.SendEmailOnNewComment && null != _notificationClient) { _ = Task.Run(async() => { await _notificationClient.SendNewCommentNotificationAsync(response.Item, s => Utils.ConvertMarkdownContent(s, Utils.MarkdownConvertType.Html)); }); } var cResponse = new CommentResponse(true, _blogConfig.ContentSettings.RequireCommentReview ? CommentResponseCode.Success : CommentResponseCode.SuccessNonReview); return(Json(cResponse)); } CommentResponse failedResponse; switch (response.ResponseCode) { case (int)ResponseFailureCode.EmailDomainBlocked: Logger.LogWarning("User email domain is blocked."); Response.StatusCode = (int)HttpStatusCode.Forbidden; failedResponse = new CommentResponse(false, CommentResponseCode.EmailDomainBlocked); break; case (int)ResponseFailureCode.CommentDisabled: Logger.LogWarning("Comment is disabled in settings, but user somehow called NewComment() method."); Response.StatusCode = (int)HttpStatusCode.Forbidden; failedResponse = new CommentResponse(false, CommentResponseCode.CommentDisabled); break; default: Response.StatusCode = (int)HttpStatusCode.InternalServerError; failedResponse = new CommentResponse(false, CommentResponseCode.UnknownError); break; } return(Json(failedResponse)); } Response.StatusCode = (int)HttpStatusCode.BadRequest; return(Json(new CommentResponse(false, CommentResponseCode.InvalidModel))); } catch (Exception e) { Logger.LogError(e, "Error NewComment"); Response.StatusCode = (int)HttpStatusCode.InternalServerError; return(Json(new CommentResponse(false, CommentResponseCode.UnknownError))); } }
public IActionResult NewComment(PostSlugViewModelWrapper model) { try { if (ModelState.IsValid) { // Validate BasicCaptcha Code if (!_captcha.ValidateCaptchaCode(model.NewCommentModel.CaptchaCode, HttpContext.Session)) { Logger.LogWarning($"Wrong Captcha Code, model: {JsonConvert.SerializeObject(model.NewCommentModel)}"); ModelState.AddModelError(nameof(model.NewCommentModel.CaptchaCode), "Wrong Captcha Code"); Response.StatusCode = (int)HttpStatusCode.BadRequest; var cResponse = new CommentResponse(false, CommentResponseCode.WrongCaptcha); return(Json(cResponse)); } var commentPostModel = model.NewCommentModel; var response = _commentService.NewComment(commentPostModel.Username, commentPostModel.Content, commentPostModel.PostId, commentPostModel.Email, HttpContext.Connection.RemoteIpAddress.ToString(), GetUserAgent()); if (response.IsSuccess) { if (_blogConfig.EmailConfiguration.SendEmailOnNewComment) { var postTitle = _postService.GetPostTitle(commentPostModel.PostId); Task.Run(async() => { await _emailService.SendNewCommentNotificationAsync(response.Item, postTitle); }); } var cResponse = new CommentResponse(true, CommentResponseCode.Success); return(Json(cResponse)); } CommentResponse failedResponse; switch (response.ResponseCode) { case (int)ResponseFailureCode.EmailDomainBlocked: Logger.LogWarning($"User email domain is blocked. model: {JsonConvert.SerializeObject(model)}"); Response.StatusCode = (int)HttpStatusCode.Forbidden; failedResponse = new CommentResponse(false, CommentResponseCode.EmailDomainBlocked); break; case (int)ResponseFailureCode.CommentDisabled: Logger.LogWarning($"Comment is disabled in settings, but user somehow called NewComment() method. model: {JsonConvert.SerializeObject(model)}"); Response.StatusCode = (int)HttpStatusCode.Forbidden; failedResponse = new CommentResponse(false, CommentResponseCode.CommentDisabled); break; default: Response.StatusCode = (int)HttpStatusCode.InternalServerError; failedResponse = new CommentResponse(false, CommentResponseCode.UnknownError); break; } return(Json(failedResponse)); } Response.StatusCode = (int)HttpStatusCode.BadRequest; return(Json(new CommentResponse(false, CommentResponseCode.InvalidModel))); } catch (Exception e) { Logger.LogError(e, "Error NewComment"); Response.StatusCode = (int)HttpStatusCode.InternalServerError; return(Json(new CommentResponse(false, CommentResponseCode.UnknownError))); } }
public async Task <IActionResult> Register(RegisterViewModel model) { if (!_allowRegistering) { return(Unauthorized()); } if (!_captcha.ValidateCaptchaCode(model.CaptchaCode, HttpContext.Session)) { ModelState.AddModelError(string.Empty, "Invalid captcha code!"); } var app = (await _apiService.AppInfoAsync(model.AppId)).App; if (!ModelState.IsValid) { model.Recover(app.AppName, app.IconPath); return(View(model)); } bool exists = _dbContext.UserEmails.Any(t => t.EmailAddress == model.Email.ToLower()); if (exists) { ModelState.AddModelError(string.Empty, $"An user with email '{model.Email}' already exists!"); model.Recover(app.AppName, app.IconPath); return(View(model)); } var countStart = DateTime.UtcNow - TimeSpan.FromDays(1); var requestIp = HttpContext.Connection.RemoteIpAddress.ToString(); if (await _dbContext.Users .Where(t => t.RegisterIPAddress == requestIp) .Where(t => t.AccountCreateTime > countStart) .CountAsync() > 5) { ModelState.AddModelError(string.Empty, "You can't create more than 5 accounts in one day!"); model.Recover(app.AppName, app.IconPath); return(View(model)); } var user = new GatewayUser { UserName = model.Email, Email = model.Email, NickName = model.Email.Split('@')[0], PreferedLanguage = model.PreferedLanguage, IconFilePath = AuthValues.DefaultImagePath, RegisterIPAddress = requestIp }; var result = await _userManager.CreateAsync(user, model.Password); if (result.Succeeded) { var primaryMail = new UserEmail { EmailAddress = model.Email.ToLower(), OwnerId = user.Id, ValidateToken = Guid.NewGuid().ToString("N"), LastSendTime = DateTime.UtcNow }; await _dbContext.UserEmails.AddAsync(primaryMail); await _dbContext.SaveChangesAsync(); // Send him an confirmation email here: _cannonService.FireAsync <ConfirmationEmailSender>(async(sender) => { await sender.SendConfirmation(user.Id, primaryMail.EmailAddress, primaryMail.ValidateToken); }); await _authLogger.LogAuthRecord(user.Id, HttpContext, true, app.AppId); await _signInManager.SignInAsync(user, isPersistent : true); return(await _authManager.FinishAuth(user, model, app.ForceConfirmation, app.TrustedApp)); } AddErrors(result); model.Recover(app.AppName, app.IconPath); return(View(model)); }