public async Task <IHttpActionResult> VerificationEmail(VerificationEmailBindingModel model)
{
if (!ModelState.IsValid)
{
return(BadRequest(ModelState));
}
var user = await UserManager.FindByEmailAsync(model.Email);
if (user == null)
{
return(NotFound());
}
if (user.EmailConfirmed)
{
ModelState.AddModelError("", "User already confirmed");
return(BadRequest(ModelState));
}
var token = await UserManager.GenerateEmailConfirmationTokenAsync(user.Id);
var callbackUrl = string.Format("{0}?email={1}&token={2}", model.CallbackUrl, user.Email, token.Base64ForUrlEncode());
await UserManager.SendEmailAsync(user.Id, "Confirm your account", "Please confirm your account by clicking <a href=\"" + callbackUrl + "\">here</a>");
return(Ok());
}
public override async Task GrantResourceOwnerCredentials(OAuthGrantResourceOwnerCredentialsContext context)
{
var allowedOrigin = context.OwinContext.Get <string>("as:clientAllowedOrigin");
if (allowedOrigin == null)
{
allowedOrigin = "*";
}
context.OwinContext.Response.Headers.Add("Access-Control-Allow-Origin", new[] { allowedOrigin });
var userManager = context.OwinContext.GetUserManager <ApplicationUserManager>();
User user = await userManager.FindAsync(context.UserName, context.Password);
if (user == null)
{
context.SetError("The user name or password is incorrect.");
return;
}
if (!user.EmailConfirmed)
{
var verificationModel = new VerificationEmailBindingModel
{
Email = user.Email
};
context.SetError(JsonConvert.SerializeObject(verificationModel));
return;
}
ClaimsIdentity oAuthIdentity = await user.GenerateUserIdentityAsync(userManager,
OAuthDefaults.AuthenticationType);
ClaimsIdentity cookiesIdentity = await user.GenerateUserIdentityAsync(userManager,
CookieAuthenticationDefaults.AuthenticationType);
AuthenticationProperties properties = CreateProperties(user.UserName);
AuthenticationTicket ticket = new AuthenticationTicket(oAuthIdentity, properties);
context.Validated(ticket);
context.Request.Context.Authentication.SignIn(cookiesIdentity);
}
