public ActionResult Disassociate(string provider, string providerUserId) { string ownerAccount = OAuthWebSecurity.GetUserName(provider, providerUserId); ManageMessageId? message = null; // Only disassociate the account if the currently logged in user is the owner if (ownerAccount == User.Identity.Name) { // Use a transaction to prevent the user from deleting their last login credential using (var transaction = new SafeTransaction(TransactionScopeOption.Required, IsolationLevel.Serializable)) { bool hasLocalAccount = OAuthWebSecurity.HasLocalAccount(WebSecurity.GetUserId(User.Identity.Name)); if (hasLocalAccount || OAuthWebSecurity.GetAccountsFromUserName(User.Identity.Name).Count > 1) { OAuthWebSecurity.DeleteAccount(provider, providerUserId); transaction.Complete(); message = ManageMessageId.RemoveLoginSuccess; } } } return RedirectToAction("Manage", new { message }); }
public ActionResult ExternalLoginConfirmation(RegisterExternalLoginModel model, string returnUrl) { string provider = null; string providerUserId = null; if (User.Identity.IsAuthenticated || !OAuthWebSecurity.TryDeserializeProviderUserId(model.ExternalLoginData, out provider, out providerUserId)) { return RedirectToAction("Manage"); } if (ModelState.IsValid) { var config = Infrastructure.ApplicationConfigurationSection.GetConfig(); // Get the default administrator to add they to 'Administrators' group var adminName = config.DefaultAdminUserName; var adminProviderName = config.DefaultAdminProvider; // Insert a new user into the database var context = DependencyResolver.Current.GetService<Data.DatabaseContext>(); var user = context.Users.FirstOrDefault(u => u.UserName.ToLower() == model.UserName.ToLower()); // Check if user already exists if (user == null) { using (var transaction = new SafeTransaction()) { // Insert name into the profile table context.Users.Add(new UserEntity { UserName = model.UserName, DateRegistered = ServerTime.Now }); context.SaveChanges(); OAuthWebSecurity.CreateOrUpdateAccount(provider, providerUserId, model.UserName); OAuthWebSecurity.Login(provider, providerUserId, createPersistentCookie: false); transaction.Complete(); } // setup default admin at the first login if (!String.IsNullOrEmpty(model.OriginalUserName) && model.OriginalUserName.Equals(adminName) && provider.Equals(adminProviderName)) Roles.AddUserToRole(model.UserName, Infrastructure.AppConstants.AdministratorsGroup); return RedirectToLocal(returnUrl); } else { ModelState.AddModelError("UserName", "User name already exists. Please enter a different user name."); } } ViewBag.ProviderDisplayName = OAuthWebSecurity.GetOAuthClientData(provider).DisplayName; ViewBag.ReturnUrl = returnUrl; return View(model); }