예제 #1
0
        private void CreateUser(string windowsLiveId)
        {
            SiteUser newUser = new SiteUser(siteSettings);

            newUser.WindowsLiveId = windowsLiveId;
            newUser.Name          = txtUserName.Text;
            newUser.LoginName     = txtUserName.Text;
            newUser.Email         = txtEmail.Text;
            CMembershipProvider CMembership = (CMembershipProvider)Membership.Provider;

            newUser.Password = CMembership.EncodePassword(SiteUser.CreateRandomPassword(7), siteSettings);
            //newUser.Password = SiteUser.CreateRandomPassword(7);
            newUser.PasswordQuestion = Resource.ManageUsersDefaultSecurityQuestion;
            newUser.PasswordAnswer   = Resource.ManageUsersDefaultSecurityAnswer;
            newUser.Save();
            if (siteSettings.UseSecureRegistration)
            {
                newUser.SetRegistrationConfirmationGuid(Guid.NewGuid());
            }

            CProfileConfiguration profileConfig
                = CProfileConfiguration.GetConfig();

            // set default values first
            foreach (CProfilePropertyDefinition propertyDefinition in profileConfig.PropertyDefinitions)
            {
                CProfilePropertyDefinition.SavePropertyDefault(
                    newUser, propertyDefinition);
            }

            foreach (CProfilePropertyDefinition propertyDefinition in profileConfig.PropertyDefinitions)
            {
                if (propertyDefinition.RequiredForRegistration)
                {
                    CProfilePropertyDefinition.SaveProperty(
                        newUser,
                        pnlRequiredProfileProperties,
                        propertyDefinition,
                        timeOffset);
                }
            }

            // track user ip address
            UserLocation userLocation = new UserLocation(newUser.UserGuid, SiteUtils.GetIP4Address());

            userLocation.SiteGuid = siteSettings.SiteGuid;
            userLocation.Hostname = Page.Request.UserHostName;
            userLocation.Save();

            UserRegisteredEventArgs u = new UserRegisteredEventArgs(newUser);

            OnUserRegistered(u);

            CacheHelper.TouchMembershipStatisticsCacheDependencyFile();

            NewsletterHelper.ClaimExistingSubscriptions(newUser);

            DoUserLogin(newUser);
        }
예제 #2
0
        protected void SiteLogin_LoggedIn(object sender, EventArgs e)
        {
            if (siteSettings == null)
            {
                return;
            }

            SiteUser siteUser = new SiteUser(siteSettings, this.UserName);

            if (WebConfigSettings.UseFoldersInsteadOfHostnamesForMultipleSites)
            {
                string cookieName = "siteguid" + siteSettings.SiteGuid;
                CookieHelper.SetCookie(cookieName, siteUser.UserGuid.ToString(), this.RememberMeSet);
            }

            if (siteUser.UserId > -1 && siteSettings.AllowUserSkins && siteUser.Skin.Length > 0)
            {
                SiteUtils.SetSkinCookie(siteUser);
            }

            if (siteUser.UserGuid == Guid.Empty)
            {
                return;
            }

            // track user ip address
            try
            {
                UserLocation userLocation = new UserLocation(siteUser.UserGuid, SiteUtils.GetIP4Address());
                userLocation.SiteGuid = siteSettings.SiteGuid;
                userLocation.Hostname = Page.Request.UserHostName;
                userLocation.Save();
            }
            catch (Exception ex)
            {
                log.Error(SiteUtils.GetIP4Address(), ex);
            }


            UserSignInEventArgs u = new UserSignInEventArgs(siteUser);

            OnUserSignIn(u);
        }
        private void CreateUser(
            string openId,
            string email,
            string loginName,
            string name)
        {
            SiteUser newUser = new SiteUser(siteSettings);

            newUser.Email = email;

            if (loginName.Length > 50)
            {
                loginName = loginName.Substring(0, 50);
            }

            int i = 1;

            while (SiteUser.LoginExistsInDB(
                       siteSettings.SiteId, loginName))
            {
                loginName += i.ToString();
                if (loginName.Length > 50)
                {
                    loginName = loginName.Remove(40, 1);
                }
                i++;
            }
            if ((name == null) || (name.Length == 0))
            {
                name = loginName;
            }
            newUser.LoginName = loginName;
            newUser.Name      = name;
            //newUser.Password = SiteUser.CreateRandomPassword(7);
            mojoMembershipProvider mojoMembership = (mojoMembershipProvider)Membership.Provider;

            newUser.Password         = mojoMembership.EncodePassword(siteSettings, newUser, SiteUser.CreateRandomPassword(7, WebConfigSettings.PasswordGeneratorChars));
            newUser.PasswordQuestion = Resource.ManageUsersDefaultSecurityQuestion;
            newUser.PasswordAnswer   = Resource.ManageUsersDefaultSecurityAnswer;
            newUser.OpenIdUri        = openId;
            newUser.Save();
            if (siteSettings.UseSecureRegistration)
            {
                newUser.SetRegistrationConfirmationGuid(Guid.NewGuid());
            }

            mojoProfileConfiguration profileConfig
                = mojoProfileConfiguration.GetConfig();

            // set default values first
            foreach (mojoProfilePropertyDefinition propertyDefinition in profileConfig.PropertyDefinitions)
            {
                mojoProfilePropertyDefinition.SavePropertyDefault(
                    newUser, propertyDefinition);
            }

            foreach (mojoProfilePropertyDefinition propertyDefinition in profileConfig.PropertyDefinitions)
            {
                if ((propertyDefinition.RequiredForRegistration) || (propertyDefinition.ShowOnRegistration))
                {
                    mojoProfilePropertyDefinition.SaveProperty(
                        newUser,
                        pnlRequiredProfileProperties,
                        propertyDefinition,
                        timeOffset,
                        timeZone);
                }
            }

            // track user ip address
            UserLocation userLocation = new UserLocation(newUser.UserGuid, SiteUtils.GetIP4Address());

            userLocation.SiteGuid = siteSettings.SiteGuid;
            userLocation.Hostname = Page.Request.UserHostName;
            userLocation.Save();

            UserRegisteredEventArgs u = new UserRegisteredEventArgs(newUser);

            OnUserRegistered(u);

            CacheHelper.ClearMembershipStatisticsCache();

            NewsletterHelper.ClaimExistingSubscriptions(newUser);

            DoUserLogin(newUser);
        }
        void application_AuthenticateRequest(object sender, EventArgs e)
        {
            //if (debugLog) log.Debug("AuthHandlerHttpModule Application_AuthenticateRequest");

            if (sender == null)
            {
                return;
            }

            HttpApplication app = (HttpApplication)sender;

            if (app.Request == null)
            {
                return;
            }
            if (!app.Request.IsAuthenticated)
            {
                return;
            }

            if (WebUtils.IsRequestForStaticFile(app.Request.Path))
            {
                return;
            }
            if (app.Request.Path.ContainsCaseInsensitive(".ashx"))
            {
                return;
            }
            if (app.Request.Path.ContainsCaseInsensitive(".axd"))
            {
                return;
            }
            if (app.Request.Path.ContainsCaseInsensitive("setup/default.aspx"))
            {
                return;
            }


            //if (debugLog) log.Debug("IsAuthenticated == true");
            SiteSettings siteSettings;

            try
            {
                siteSettings = CacheHelper.GetCurrentSiteSettings();
            }
            catch (System.Data.Common.DbException ex)
            {
                // can happen during upgrades
                log.Error(ex);
                return;
            }
            catch (InvalidOperationException ex)
            {
                log.Error(ex);
                return;
            }
            catch (Exception ex)
            {
                // hate to trap System.Exception but SqlCeException doe snot inherit from DbException as it should
                if (DatabaseHelper.DBPlatform() != "SqlCe")
                {
                    throw;
                }
                log.Error(ex);
                return;
            }
            bool useFolderForSiteDetection = WebConfigSettings.UseFoldersInsteadOfHostnamesForMultipleSites;

            // Added by Haluk Eryuksel - 2006-01-23
            // support for Windows authentication
            if (
                (app.User.Identity.AuthenticationType == "NTLM") ||
                (app.User.Identity.AuthenticationType == "Negotiate")
                // || ( Context.User.Identity.AuthenticationType == "Windows" )
                )
            {
                //Added by Benedict Chan - 2008-08-05
                //Added Cookie here so that we don't have to check the users in every page, also to authenticate under NTLM with "useFolderForSiteDetection == true"
                string cookieName = "siteguid" + siteSettings.SiteGuid;
                if (!CookieHelper.CookieExists(cookieName))
                {
                    bool existsInDB;
                    existsInDB = SiteUser.LoginExistsInDB(siteSettings.SiteId, app.Context.User.Identity.Name);

                    if (!existsInDB)
                    {
                        SiteUser u = new SiteUser(siteSettings);
                        u.Name      = app.Context.User.Identity.Name;
                        u.LoginName = app.Context.User.Identity.Name;
                        u.Email     = GuessEmailAddress(u.Name);
                        u.Password  = SiteUser.CreateRandomPassword(7, WebConfigSettings.PasswordGeneratorChars);

                        mojoMembershipProvider m = Membership.Provider as mojoMembershipProvider;
                        if (m != null)
                        {
                            u.Password = m.EncodePassword(siteSettings, u, u.Password);
                        }

                        u.Save();
                        NewsletterHelper.ClaimExistingSubscriptions(u);

                        UserRegisteredEventArgs args = new UserRegisteredEventArgs(u);
                        OnUserRegistered(args);
                    }

                    SiteUser siteUser = new SiteUser(siteSettings, app.Context.User.Identity.Name);
                    CookieHelper.SetCookie(cookieName, siteUser.UserGuid.ToString(), true);

                    //Copied logic from SiteLogin.cs  Since we will skip them if we use NTLM
                    if (siteUser.UserId > -1 && siteSettings.AllowUserSkins && siteUser.Skin.Length > 0)
                    {
                        SiteUtils.SetSkinCookie(siteUser);
                    }

                    // track user ip address
                    try
                    {
                        UserLocation userLocation = new UserLocation(siteUser.UserGuid, SiteUtils.GetIP4Address());
                        userLocation.SiteGuid = siteSettings.SiteGuid;
                        userLocation.Hostname = app.Request.UserHostName;
                        userLocation.Save();
                        log.Info("Set UserLocation : " + app.Request.UserHostName + ":" + SiteUtils.GetIP4Address());
                    }
                    catch (Exception ex)
                    {
                        log.Error(SiteUtils.GetIP4Address(), ex);
                    }
                }

                //End-Added by Benedict Chan
            }
            // End-Added by Haluk Eryuksel


            if ((useFolderForSiteDetection) && (!WebConfigSettings.UseRelatedSiteMode))
            {
                // replace GenericPrincipal with custom one
                //string roles = string.Empty;
                if (!(app.Context.User is mojoIdentity))
                {
                    app.Context.User = new mojoPrincipal(app.Context.User);
                }
            }
        }
예제 #5
0
        private SiteUser CreateUser(
            string openId,
            string email,
            string loginName,
            string name,
            bool emailIsVerified)
        {
            SiteUser newUser = new SiteUser(siteSettings);

            newUser.Email = email;

            if (loginName.Length > 50)
            {
                loginName = loginName.Substring(0, 50);
            }

            int i = 1;

            while (SiteUser.LoginExistsInDB(
                       siteSettings.SiteId, loginName))
            {
                loginName += i.ToString();
                if (loginName.Length > 50)
                {
                    loginName = loginName.Remove(40, 1);
                }
                i++;
            }
            if ((name == null) || (name.Length == 0))
            {
                name = loginName;
            }
            newUser.LoginName = loginName;
            newUser.Name      = name;
            //newUser.Password = SiteUser.CreateRandomPassword(7);
            mojoMembershipProvider mojoMembership = (mojoMembershipProvider)Membership.Provider;

            newUser.Password         = mojoMembership.EncodePassword(siteSettings, newUser, SiteUser.CreateRandomPassword(7, WebConfigSettings.PasswordGeneratorChars));
            newUser.PasswordQuestion = Resource.ManageUsersDefaultSecurityQuestion;
            newUser.PasswordAnswer   = Resource.ManageUsersDefaultSecurityAnswer;
            newUser.OpenIdUri        = openId;
            newUser.Save();

            //test
            //emailIsVerified = false;

            if (siteSettings.UseSecureRegistration)
            {
                if (!emailIsVerified)
                {
                    newUser.SetRegistrationConfirmationGuid(Guid.NewGuid());
                }
            }



            mojoProfileConfiguration profileConfig
                = mojoProfileConfiguration.GetConfig();

            // set default values first
            foreach (mojoProfilePropertyDefinition propertyDefinition in profileConfig.PropertyDefinitions)
            {
                // we are using the new TimeZoneInfo list but it doesn't work under Mono
                // this makes us skip the TimeOffsetHours setting from mojoProfile.config which is not used under windows
                if (propertyDefinition.Name == mojoProfilePropertyDefinition.TimeOffsetHoursKey)
                {
                    continue;
                }
                mojoProfilePropertyDefinition.SavePropertyDefault(
                    newUser, propertyDefinition);
            }

            foreach (mojoProfilePropertyDefinition propertyDefinition in profileConfig.PropertyDefinitions)
            {
                // we are using the new TimeZoneInfo list but it doesn't work under Mono
                // this makes us skip the TimeOffsetHours setting from mojoProfile.config which is not used under windows
                if (propertyDefinition.Name == mojoProfilePropertyDefinition.TimeOffsetHoursKey)
                {
                    continue;
                }
                if ((propertyDefinition.RequiredForRegistration) || (propertyDefinition.ShowOnRegistration))
                {
                    mojoProfilePropertyDefinition.SaveProperty(
                        newUser,
                        pnlRequiredProfileProperties,
                        propertyDefinition,
                        timeOffset,
                        timeZone);
                }
            }

            // track user ip address
            UserLocation userLocation = new UserLocation(newUser.UserGuid, SiteUtils.GetIP4Address());

            userLocation.SiteGuid = siteSettings.SiteGuid;
            userLocation.Hostname = Page.Request.UserHostName;
            userLocation.Save();

            UserRegisteredEventArgs u = new UserRegisteredEventArgs(newUser);

            OnUserRegistered(u);

            CacheHelper.ClearMembershipStatisticsCache();

            // we'll map them next time they login
            //OpenIdRpxHelper rpxHelper = new OpenIdRpxHelper(rpxApiKey, rpxBaseUrl);
            //rpxHelper.Map(openId, newUser.UserGuid.ToString());

            DoSubscribe(newUser);

            NewsletterHelper.ClaimExistingSubscriptions(newUser);

            return(newUser);
        }
예제 #6
0
        private void SignInUser(SiteUser user, bool isNewUser)
        {
            if (
                (siteSettings.UseSecureRegistration) &&
                (user.RegisterConfirmGuid != Guid.Empty)
                )
            {
                Notification.SendRegistrationConfirmationLink(
                    SiteUtils.GetSmtpSettings(),
                    ResourceHelper.GetMessageTemplate("RegisterConfirmEmailMessage.config"),
                    siteSettings.DefaultEmailFromAddress,
                    siteSettings.DefaultFromEmailAlias,
                    user.Email,
                    siteSettings.SiteName,
                    SiteRoot + "/ConfirmRegistration.aspx?ticket=" +
                    user.RegisterConfirmGuid.ToString());


                log.Info("User " + user.Name + " tried to login but email address is not confirmed.");

                lblError.Text = Resource.RegistrationRequiresEmailConfirmationMessage;
                litInfoNeededMessage.Visible         = false;
                pnlRequiredProfileProperties.Visible = false;
                btnCreateUser.Visible = false;

                return;
            }

            if (user.IsLockedOut)
            {
                log.Info("User " + user.Name + " tried to login but account is locked.");

                lblError.Text = Resource.LoginAccountLockedMessage;

                return;
            }

            if ((siteSettings.RequireApprovalBeforeLogin) && (!user.ApprovedForLogin))
            {
                log.Info("User " + user.Name + " tried to login but account is not approved yet.");

                lblError.Text = Resource.LoginNotApprovedMessage;

                return;
            }


            if (siteSettings.UseEmailForLogin)
            {
                FormsAuthentication.SetAuthCookie(user.Email, true);
            }
            else
            {
                FormsAuthentication.SetAuthCookie(user.LoginName, true);
            }

            if (WebConfigSettings.UseFolderBasedMultiTenants)
            {
                string cookieName = "siteguid" + siteSettings.SiteGuid;
                CookieHelper.SetCookie(cookieName, user.UserGuid.ToString(), true);
            }

            if (user.UserId > -1 && siteSettings.AllowUserSkins && user.Skin.Length > 0)
            {
                SiteUtils.SetSkinCookie(user);
            }

            user.UpdateLastLoginTime();

            // track user ip address
            UserLocation userLocation = new UserLocation(user.UserGuid, SiteUtils.GetIP4Address());

            userLocation.SiteGuid = siteSettings.SiteGuid;
            userLocation.Hostname = Request.UserHostName;
            userLocation.Save();

            UserSignInEventArgs u = new UserSignInEventArgs(user);

            OnUserSignIn(u);

            if (CookieHelper.CookieExists(returnUrlCookieName))
            {
                returnUrl = CookieHelper.GetCookieValue(returnUrlCookieName);
                CookieHelper.ExpireCookie(returnUrlCookieName);
            }
            string requestedReturnUrl = SiteUtils.GetReturnUrlParam(Page, SiteRoot);

            returnUrl = requestedReturnUrl;

            if (isNewUser)
            {
                if (WebConfigSettings.PageToRedirectToAfterRegistration.Length > 0)
                {
                    returnUrl = SiteRoot + WebConfigSettings.PageToRedirectToAfterRegistration;
                }
            }

            if (String.IsNullOrEmpty(returnUrl) ||
                returnUrl.Contains("AccessDenied") ||
                returnUrl.Contains("Login") ||
                returnUrl.Contains("SignIn") ||
                returnUrl.Contains("ConfirmRegistration.aspx") ||
                returnUrl.Contains("OpenIdRpxHandler.aspx") ||
                returnUrl.Contains("RecoverPassword.aspx") ||
                returnUrl.Contains("Register")
                )
            {
                returnUrl = SiteRoot;
            }

            if (returnUrl.Length > 0)
            {
                if (SiteUtils.IsSecureRequest())
                {
                    if (returnUrl.StartsWith("http:"))
                    {
                        returnUrl = returnUrl.Replace("http:", "https:");
                    }
                }

                WebUtils.SetupRedirect(this, returnUrl);
                return;
            }

            if (SiteUtils.IsSecureRequest())
            {
                if (SiteRoot.StartsWith("http:"))
                {
                    WebUtils.SetupRedirect(this, SiteRoot.Replace("http:", "https:"));
                    return;
                }
            }


            WebUtils.SetupRedirect(this, SiteRoot);
            return;
        }
        private void DoExistingUserLogic(Guid userGuid)
        {
            // user found so login if allowed
            SiteUser user = new SiteUser(siteSettings, userGuid);

            bool canLogin = true;

            if (
                (siteSettings.UseSecureRegistration) &&
                (user.RegisterConfirmGuid != Guid.Empty)
                )
            {
                Notification.SendRegistrationConfirmationLink(
                    SiteUtils.GetSmtpSettings(),
                    ResourceHelper.GetMessageTemplate("RegisterConfirmEmailMessage.config"),
                    siteSettings.DefaultEmailFromAddress,
                    siteSettings.DefaultFromEmailAlias,
                    user.Email,
                    siteSettings.SiteName,
                    WebUtils.GetSiteRoot() + "/ConfirmRegistration.aspx?ticket=" +
                    user.RegisterConfirmGuid.ToString());


                log.Info("User " + user.Name + " tried to login but email address is not confirmed.");

                canLogin = false;
            }

            if (user.IsLockedOut)
            {
                log.Info("User " + user.Name + " tried to login but account is locked.");

                canLogin = false;
            }

            if ((siteSettings.RequireApprovalBeforeLogin) && (!user.ApprovedForLogin))
            {
                log.Info("User " + user.Name + " tried to login but account is not approved yet.");
                canLogin = false;
            }

            if (canLogin)
            {
                if (siteSettings.UseEmailForLogin)
                {
                    FormsAuthentication.SetAuthCookie(
                        user.Email, persistCookie);
                }
                else
                {
                    FormsAuthentication.SetAuthCookie(
                        user.LoginName, persistCookie);
                }

                if (user.LiveMessengerDelegationToken.Length > 0)
                {
                    WindowsLiveMessenger m     = new WindowsLiveMessenger(windowsLive);
                    ConsentToken         token = m.DecodeToken(user.LiveMessengerDelegationToken);
                    token = m.RefreshConsent(token);
                    if (token != null)
                    {
                        CookieHelper.SetCookie(consentTokenCookie, token.Token);
                        CookieHelper.SetCookie(delegationTokenCookie, token.DelegationToken);
                    }
                }

                if (WebConfigSettings.UseFolderBasedMultiTenants)
                {
                    string cookieName = "siteguid" + siteSettings.SiteGuid;
                    CookieHelper.SetCookie(cookieName, user.UserGuid.ToString(), persistCookie);
                }

                if (user.UserId > -1 && siteSettings.AllowUserSkins && user.Skin.Length > 0)
                {
                    SiteUtils.SetSkinCookie(user);
                }


                user.UpdateLastLoginTime();

                // track user ip address
                UserLocation userLocation = new UserLocation(user.UserGuid, SiteUtils.GetIP4Address());
                userLocation.SiteGuid = siteSettings.SiteGuid;
                userLocation.Hostname = Page.Request.UserHostName;
                userLocation.Save();

                string redirectUrl = GetRedirectPath();
                CookieHelper.ExpireCookie(returnUrlCookieName);

                UserSignInEventArgs u = new UserSignInEventArgs(user);
                OnUserSignIn(u);

                //WebUtils.SetupRedirect(this, redirectUrl);
                Response.Redirect(redirectUrl);
                return;
            }
            else
            {
                // redirect to login
                // need to make login page show
                // reason for failure
                //WebUtils.SetupRedirect(this, LoginPage);
                Response.Redirect(LoginPage);
            }
        }
예제 #8
0
        void application_AuthenticateRequest(object sender, EventArgs e)
        {
            if (log.IsDebugEnabled)
            {
                log.Debug("AuthHandlerHttpModule Application_AuthenticateRequest");
            }

            if (sender == null)
            {
                return;
            }

            HttpApplication app = (HttpApplication)sender;

            if (
                (app.Request.Path.EndsWith(".gif", StringComparison.InvariantCultureIgnoreCase)) ||
                (app.Request.Path.EndsWith(".js", StringComparison.InvariantCultureIgnoreCase)) ||
                (app.Request.Path.EndsWith(".png", StringComparison.InvariantCultureIgnoreCase)) ||
                (app.Request.Path.EndsWith(".jpg", StringComparison.InvariantCultureIgnoreCase)) ||
                (app.Request.Path.EndsWith(".css", StringComparison.InvariantCultureIgnoreCase)) ||
                (app.Request.Path.EndsWith(".axd", StringComparison.InvariantCultureIgnoreCase)) ||
                (app.Request.Path.EndsWith("thumbnailservice.ashx", StringComparison.InvariantCultureIgnoreCase)) ||
                (app.Request.Path.Contains("csshandler.ashx")) ||
                (app.Request.Path.EndsWith("/Data/", StringComparison.InvariantCultureIgnoreCase)) ||
                (app.Request.Path.StartsWith("/Data/", StringComparison.InvariantCultureIgnoreCase)) ||
                (app.Request.Path.Contains("GCheckoutNotificationHandler.ashx"))
                )
            {
                return;
            }



            if (app.Request.IsAuthenticated)
            {
                if (log.IsDebugEnabled)
                {
                    log.Debug("IsAuthenticated == true");
                }

                SiteSettings siteSettings = CacheHelper.GetCurrentSiteSettings();
                bool         useFolderForSiteDetection = WebConfigSettings.UseFoldersInsteadOfHostnamesForMultipleSites;

                // Added by Haluk Eryuksel - 2006-01-23
                // support for Windows authentication
                if (
                    (app.User.Identity.AuthenticationType == "NTLM") ||
                    (app.User.Identity.AuthenticationType == "Negotiate")
                    // || ( Context.User.Identity.AuthenticationType == "Windows" )
                    )
                {
                    //Added by Benedict Chan - 2008-08-05
                    //Added Cookie here so that we don't have to check the users in every page, also to authenticate under NTLM with "useFolderForSiteDetection == true"
                    string cookieName = "siteguid" + siteSettings.SiteGuid;
                    if (!CookieHelper.CookieExists(cookieName))
                    {
                        bool existsInDB;
                        existsInDB = SiteUser.LoginExistsInDB(siteSettings.SiteId, app.Context.User.Identity.Name);

                        if (!existsInDB)
                        {
                            SiteUser u = new SiteUser(siteSettings);
                            u.Name      = app.Context.User.Identity.Name;
                            u.LoginName = app.Context.User.Identity.Name;
                            u.Email     = "";
                            u.Password  = SiteUser.CreateRandomPassword(7);
                            u.Save();
                            NewsletterHelper.ClaimExistingSubscriptions(u);

                            UserRegisteredEventArgs args = new UserRegisteredEventArgs(u);
                            OnUserRegistered(args);
                        }

                        SiteUser siteUser = new SiteUser(siteSettings, app.Context.User.Identity.Name);
                        CookieHelper.SetCookie(cookieName, siteUser.UserGuid.ToString(), true);

                        //Copied logic from SiteLogin.cs  Since we will skip them if we use NTLM
                        if (siteUser.UserId > -1 && siteSettings.AllowUserSkins && siteUser.Skin.Length > 0)
                        {
                            SiteUtils.SetSkinCookie(siteUser);
                        }

                        // track user ip address
                        try
                        {
                            UserLocation userLocation = new UserLocation(siteUser.UserGuid, SiteUtils.GetIP4Address());
                            userLocation.SiteGuid = siteSettings.SiteGuid;
                            userLocation.Hostname = app.Request.UserHostName;
                            userLocation.Save();
                            log.Info("Set UserLocation : " + app.Request.UserHostName + ":" + SiteUtils.GetIP4Address());
                        }
                        catch (Exception ex)
                        {
                            log.Error(SiteUtils.GetIP4Address(), ex);
                        }
                    }

                    //End-Added by Benedict Chan
                }
                // End-Added by Haluk Eryuksel


                if ((useFolderForSiteDetection) && (!WebConfigSettings.UseRelatedSiteMode))
                {
                    // replace GenericPrincipal with custom one
                    //string roles = string.Empty;
                    if (!(app.Context.User is CIdentity))
                    {
                        app.Context.User = new CPrincipal(app.Context.User);
                    }
                }
            }
        }
예제 #9
0
        void RegisterUser_CreatedUser(object sender, EventArgs e)
        {
            TextBox txtEmail    = (TextBox)CreateUserWizardStep1.ContentTemplateContainer.FindControl("Email");
            TextBox txtUserName = (TextBox)CreateUserWizardStep1.ContentTemplateContainer.FindControl("UserName");

            if (txtEmail == null)
            {
                return;
            }
            if (txtUserName == null)
            {
                return;
            }

            SiteUser siteUser;

            if (siteSettings.UseEmailForLogin)
            {
                siteUser = new SiteUser(siteSettings, txtEmail.Text);
            }
            else
            {
                siteUser = new SiteUser(siteSettings, txtUserName.Text);
            }

            if (siteUser.UserId == -1)
            {
                return;
            }

            if (pnlProfile != null)
            {
                CProfileConfiguration profileConfig = CProfileConfiguration.GetConfig();

                // set default values first
                foreach (CProfilePropertyDefinition propertyDefinition in profileConfig.PropertyDefinitions)
                {
                    CProfilePropertyDefinition.SavePropertyDefault(siteUser, propertyDefinition);
                }

                foreach (CProfilePropertyDefinition propertyDefinition in profileConfig.PropertyDefinitions)
                {
                    if (propertyDefinition.RequiredForRegistration)
                    {
                        CProfilePropertyDefinition.SaveProperty(
                            siteUser,
                            pnlProfile,
                            propertyDefinition,
                            timeOffset);
                    }
                }
            }


            // track user ip address
            UserLocation userLocation = new UserLocation(siteUser.UserGuid, SiteUtils.GetIP4Address());

            userLocation.SiteGuid = siteSettings.SiteGuid;
            userLocation.Hostname = Page.Request.UserHostName;
            userLocation.Save();

            CacheHelper.TouchMembershipStatisticsCacheDependencyFile();

            if (!siteSettings.UseSecureRegistration)
            {
                if (siteSettings.UseEmailForLogin)
                {
                    FormsAuthentication.SetAuthCookie(
                        siteUser.Email, false);
                }
                else
                {
                    FormsAuthentication.SetAuthCookie(
                        siteUser.LoginName, false);
                }

                if (WebConfigSettings.UseFoldersInsteadOfHostnamesForMultipleSites)
                {
                    string cookieName = "siteguid" + siteSettings.SiteGuid;
                    CookieHelper.SetCookie(cookieName, siteUser.UserGuid.ToString(), false);
                }

                siteUser.UpdateLastLoginTime();
            }



            UserRegisteredEventArgs u = new UserRegisteredEventArgs(siteUser);

            OnUserRegistered(u);
        }
예제 #10
0
        private void DoNewUserLogic(OpenIdEventArgs e)
        {
            if (e == null)
            {
                return;
            }

            ClaimsResponse claim = e.Response.GetExtension <ClaimsResponse>();

            if (claim == null)
            {
                return;
            }

            if (IsValidForUserCreation(e, claim))
            {
                if (SiteUser.EmailExistsInDB(siteSettings.SiteId, claim.Email))
                {
                    // show message that user should login and associate
                    // their open id account on their profile page.
                    lblError.Text = Resource.OpenIDRegisterUserEmailExistsMessage;
                    return;
                }
                else
                {
                    // create user automagically since we have all
                    // the needed data
                    SiteUser newUser = new SiteUser(siteSettings);
                    newUser.Email = claim.Email;
                    newUser.Name  = claim.FullName;
                    string loginName = newUser.Name.Replace(" ", ".").ToLower();
                    if (loginName.Length > 50)
                    {
                        loginName = loginName.Substring(0, 50);
                    }

                    if (SiteUser.LoginExistsInDB(
                            siteSettings.SiteId, loginName))
                    {
                        loginName = e.ClaimedIdentifier.ToString().Replace("http://", string.Empty).Replace("https://", string.Empty).Replace("/", string.Empty);
                        if (loginName.Length > 50)
                        {
                            loginName = loginName.Substring(0, 50);
                        }

                        int i = 1;
                        while (SiteUser.LoginExistsInDB(
                                   siteSettings.SiteId, loginName))
                        {
                            loginName += i.ToString();
                            if (loginName.Length > 50)
                            {
                                loginName = loginName.Remove(40, 1);
                            }
                            i++;
                        }
                    }

                    newUser.LoginName        = loginName;
                    newUser.Password         = SiteUser.CreateRandomPassword(7, WebConfigSettings.PasswordGeneratorChars);
                    newUser.PasswordQuestion = Resource.ManageUsersDefaultSecurityQuestion;
                    newUser.PasswordAnswer   = Resource.ManageUsersDefaultSecurityAnswer;
                    newUser.OpenIdUri        = e.ClaimedIdentifier.ToString();
                    newUser.Save();
                    if (siteSettings.UseSecureRegistration)
                    {
                        newUser.SetRegistrationConfirmationGuid(Guid.NewGuid());
                    }


                    // track user ip address
                    UserLocation userLocation = new UserLocation(newUser.UserGuid, SiteUtils.GetIP4Address());
                    userLocation.SiteGuid = siteSettings.SiteGuid;
                    userLocation.Hostname = Page.Request.UserHostName;
                    userLocation.Save();

                    if (
                        (siteSettings.UseSecureRegistration) &&
                        (newUser.RegisterConfirmGuid != Guid.Empty)
                        )
                    {
                        Notification.SendRegistrationConfirmationLink(
                            SiteUtils.GetSmtpSettings(),
                            ResourceHelper.GetMessageTemplate("RegisterConfirmEmailMessage.config"),
                            siteSettings.DefaultEmailFromAddress,
                            siteSettings.DefaultFromEmailAlias,
                            newUser.Email,
                            siteSettings.SiteName,
                            WebUtils.GetSiteRoot() + "/ConfirmRegistration.aspx?ticket=" +
                            newUser.RegisterConfirmGuid.ToString());

                        lblError.Text = Resource.LoginUnconfirmedEmailMessage;
                        log.Info("Automatically created User " + newUser.Name + " on login from open id. Tried to login but email address is not confirmed.");

                        return;
                    }

                    if (siteSettings.UseEmailForLogin)
                    {
                        FormsAuthentication.SetAuthCookie(
                            newUser.Email, true);
                    }
                    else
                    {
                        FormsAuthentication.SetAuthCookie(
                            newUser.LoginName, true);
                    }

                    if (WebConfigSettings.UseFoldersInsteadOfHostnamesForMultipleSites)
                    {
                        string cookieName = "siteguid" + siteSettings.SiteGuid;
                        CookieHelper.SetCookie(cookieName, newUser.UserGuid.ToString(), true);
                    }

                    newUser.UpdateLastLoginTime();

                    string redirectUrl = GetRedirectPath();
                    CookieHelper.ExpireCookie(returnUrlCookieName);
                    WebUtils.SetupRedirect(this, redirectUrl);
                    return;
                }
            }
            else
            {
                // user not found
                // required fields not available from open id
                // redirect to register page?
                // Or show message with Link to
                // register page
                string registerLinkHref = siteRoot
                                          + "/Secure/RegisterWithOpenID.aspx";

                litNotRegisteredYetMessage.Text
                    = string.Format(
                          Resource.OpenIDMustRegisterBeforeLoginMesage,
                          registerLinkHref);
            }
        }
예제 #11
0
        private void DoExistingUserLogic(Guid userGuid)
        {
            // user found so login if allowed
            SiteUser user = new SiteUser(siteSettings, userGuid);

            if (
                (siteSettings.UseSecureRegistration) &&
                (user.RegisterConfirmGuid != Guid.Empty)
                )
            {
                Notification.SendRegistrationConfirmationLink(
                    SiteUtils.GetSmtpSettings(),
                    ResourceHelper.GetMessageTemplate("RegisterConfirmEmailMessage.config"),
                    siteSettings.DefaultEmailFromAddress,
                    siteSettings.DefaultFromEmailAlias,
                    user.Email,
                    siteSettings.SiteName,
                    WebUtils.GetSiteRoot() + "/ConfirmRegistration.aspx?ticket=" +
                    user.RegisterConfirmGuid.ToString());

                lblError.Text = Resource.LoginUnconfirmedEmailMessage;
                log.Info("User " + user.Name + " tried to login but email address is not confirmed.");

                return;
            }

            if (user.IsLockedOut)
            {
                lblError.Text = Resource.LoginAccountLockedMessage;
                log.Info("User " + user.Name + " tried to login but account is locked.");

                return;
            }


            if (siteSettings.UseEmailForLogin)
            {
                FormsAuthentication.SetAuthCookie(
                    user.Email, true);
            }
            else
            {
                FormsAuthentication.SetAuthCookie(
                    user.LoginName, true);
            }

            if (WebConfigSettings.UseFoldersInsteadOfHostnamesForMultipleSites)
            {
                string cookieName = "siteguid" + siteSettings.SiteGuid;
                CookieHelper.SetCookie(cookieName, user.UserGuid.ToString(), true);
            }

            user.UpdateLastLoginTime();

            // track user ip address
            UserLocation userLocation = new UserLocation(user.UserGuid, SiteUtils.GetIP4Address());

            userLocation.SiteGuid = siteSettings.SiteGuid;
            userLocation.Hostname = Page.Request.UserHostName;
            userLocation.Save();

            string redirectUrl = GetRedirectPath();

            CookieHelper.ExpireCookie(returnUrlCookieName);

            UserSignInEventArgs u = new UserSignInEventArgs(user);

            OnUserSignIn(u);

            WebUtils.SetupRedirect(this, redirectUrl);
            return;
        }
        private void CreateUser(string windowsLiveId)
        {
            SiteUser newUser = new SiteUser(siteSettings);

            newUser.WindowsLiveId = windowsLiveId;
            newUser.Name          = SecurityHelper.RemoveMarkup(txtUserName.Text);
            newUser.LoginName     = newUser.Name;
            newUser.Email         = txtEmail.Text;
            mojoMembershipProvider mojoMembership = (mojoMembershipProvider)Membership.Provider;

            newUser.Password = mojoMembership.EncodePassword(siteSettings, newUser, SiteUser.CreateRandomPassword(7, WebConfigSettings.PasswordGeneratorChars));
            //newUser.Password = SiteUser.CreateRandomPassword(7);
            newUser.PasswordQuestion = Resource.ManageUsersDefaultSecurityQuestion;
            newUser.PasswordAnswer   = Resource.ManageUsersDefaultSecurityAnswer;
            newUser.Save();
            if (siteSettings.UseSecureRegistration)
            {
                newUser.SetRegistrationConfirmationGuid(Guid.NewGuid());
            }

            mojoProfileConfiguration profileConfig
                = mojoProfileConfiguration.GetConfig();

            // set default values first
            foreach (mojoProfilePropertyDefinition propertyDefinition in profileConfig.PropertyDefinitions)
            {
#if !MONO
                // we are using the new TimeZoneInfo list but it doesn't work under Mono
                // this makes us skip the TimeOffsetHours setting from mojoProfile.config which is not used under windows
                if (propertyDefinition.Name == mojoProfilePropertyDefinition.TimeOffsetHoursKey)
                {
                    continue;
                }
#endif
                mojoProfilePropertyDefinition.SavePropertyDefault(
                    newUser, propertyDefinition);
            }

            foreach (mojoProfilePropertyDefinition propertyDefinition in profileConfig.PropertyDefinitions)
            {
#if !MONO
                // we are using the new TimeZoneInfo list but it doesn't work under Mono
                // this makes us skip the TimeOffsetHours setting from mojoProfile.config which is not used under windows
                if (propertyDefinition.Name == mojoProfilePropertyDefinition.TimeOffsetHoursKey)
                {
                    continue;
                }
#endif
                if ((propertyDefinition.RequiredForRegistration) || (propertyDefinition.ShowOnRegistration))
                {
                    mojoProfilePropertyDefinition.SaveProperty(
                        newUser,
                        pnlRequiredProfileProperties,
                        propertyDefinition,
                        timeOffset,
                        timeZone);
                }
            }

            // track user ip address
            UserLocation userLocation = new UserLocation(newUser.UserGuid, SiteUtils.GetIP4Address());
            userLocation.SiteGuid = siteSettings.SiteGuid;
            userLocation.Hostname = Page.Request.UserHostName;
            userLocation.Save();

            UserRegisteredEventArgs u = new UserRegisteredEventArgs(newUser);
            OnUserRegistered(u);

            CacheHelper.ClearMembershipStatisticsCache();

            NewsletterHelper.ClaimExistingSubscriptions(newUser);

            DoUserLogin(newUser);
        }
        private SiteUser CreateUser(
            string openId,
            string email,
            string loginName,
            string name,
            bool emailIsVerified)
        {
            SiteUser newUser = new SiteUser(siteSettings);

            newUser.Email = email;

            if (loginName.Length > 50)
            {
                loginName = loginName.Substring(0, 50);
            }

            int i = 1;

            while (SiteUser.LoginExistsInDB(
                       siteSettings.SiteId, loginName))
            {
                loginName += i.ToString();
                if (loginName.Length > 50)
                {
                    loginName = loginName.Remove(40, 1);
                }
                i++;
            }
            if ((name == null) || (name.Length == 0))
            {
                name = loginName;
            }
            newUser.LoginName = loginName;
            newUser.Name      = name;
            //newUser.Password = SiteUser.CreateRandomPassword(7);
            CMembershipProvider CMembership = (CMembershipProvider)Membership.Provider;

            newUser.Password         = CMembership.EncodePassword(SiteUser.CreateRandomPassword(7), siteSettings);
            newUser.PasswordQuestion = Resource.ManageUsersDefaultSecurityQuestion;
            newUser.PasswordAnswer   = Resource.ManageUsersDefaultSecurityAnswer;
            newUser.OpenIdUri        = openId;
            newUser.Save();
            if (siteSettings.UseSecureRegistration)
            {
                if (!emailIsVerified)
                {
                    newUser.SetRegistrationConfirmationGuid(Guid.NewGuid());
                }
            }

            CProfileConfiguration profileConfig
                = CProfileConfiguration.GetConfig();

            // set default values first
            foreach (CProfilePropertyDefinition propertyDefinition in profileConfig.PropertyDefinitions)
            {
                CProfilePropertyDefinition.SavePropertyDefault(
                    newUser, propertyDefinition);
            }

            foreach (CProfilePropertyDefinition propertyDefinition in profileConfig.PropertyDefinitions)
            {
                if (propertyDefinition.RequiredForRegistration)
                {
                    CProfilePropertyDefinition.SaveProperty(
                        newUser,
                        pnlRequiredProfileProperties,
                        propertyDefinition,
                        timeOffset);
                }
            }

            // track user ip address
            UserLocation userLocation = new UserLocation(newUser.UserGuid, SiteUtils.GetIP4Address());

            userLocation.SiteGuid = siteSettings.SiteGuid;
            userLocation.Hostname = Page.Request.UserHostName;
            userLocation.Save();

            UserRegisteredEventArgs u = new UserRegisteredEventArgs(newUser);

            OnUserRegistered(u);

            CacheHelper.TouchMembershipStatisticsCacheDependencyFile();

            // we'll map them next time they login
            //OpenIdRpxHelper rpxHelper = new OpenIdRpxHelper(rpxApiKey, rpxBaseUrl);
            //rpxHelper.Map(openId, newUser.UserGuid.ToString());

            NewsletterHelper.ClaimExistingSubscriptions(newUser);

            return(newUser);
        }