public ActionResult Create(AccountCreatePostModel model) { var customer = HttpContext.GetCustomer(); if (!ModelState.IsValid) { return(RedirectToAction(ActionNames.Create)); } if (!Customer.NewEmailPassesDuplicationRules(model.Account.Email, customer.CustomerID)) { ModelState.AddModelError( key: "Account.Email", errorMessage: StringResourceProvider.GetString("createaccount_process.aspx.1")); return(RedirectToAction(ActionNames.Create)); } switch (ControllerHelper.ValidateAccountPassword(customer, model.Account.Password, model.Account.PasswordConfirmation)) { case AccountControllerHelper.PasswordValidationResult.DoesNotMatch: ModelState.AddModelError( key: "Account.PasswordConfirmation", errorMessage: StringResourceProvider.GetString("account.aspx.68")); return(RedirectToAction(ActionNames.Create)); case AccountControllerHelper.PasswordValidationResult.DoesNotMeetMinimum: ModelState.AddModelError( key: "Account.Password", errorMessage: StringResourceProvider.GetString("signin.newpassword.normalRegexFailure")); return(RedirectToAction(ActionNames.Create)); case AccountControllerHelper.PasswordValidationResult.NotStrong: ModelState.AddModelError( key: "Account.Password", errorMessage: StringResourceProvider.GetString("account.aspx.69")); return(RedirectToAction(ActionNames.Create)); } if (CaptchaSettings.CaptchaIsConfigured() && CaptchaSettings.RequireCaptchaOnCreateAccount) { var captchaResult = CaptchaVerificationProvider.ValidateCaptchaResponse(Request.Form[CaptchaVerificationProvider.RecaptchaFormKey], customer.LastIPAddress); if (!captchaResult.Success) { NoticeProvider.PushNotice(captchaResult.Error.Message, NoticeType.Failure); // This error isn't actually displayed; it is just used to trigger the persisting of form data for the next page load ModelState.AddModelError( key: CaptchaVerificationProvider.RecaptchaFormKey, errorMessage: "Captcha Failed"); return(RedirectToAction(ActionNames.Create)); } } var registeredCustomer = ControllerHelper.CreateAccount(model.Account, customer); ControllerHelper.Login( signedInCustomer: registeredCustomer, profile: HttpContext.Profile, username: model.Account.Email, password: model.Account.Password, skinId: registeredCustomer.SkinID, registering: true); Request .GetOwinContext() .Authentication .SignOut(); Request .GetOwinContext() .Authentication .SignIn( properties: new Microsoft.Owin.Security.AuthenticationProperties { IsPersistent = true }, identities: ClaimsIdentityProvider.Create(registeredCustomer)); if (AppConfigProvider.GetAppConfigValue <bool>("SendWelcomeEmail")) { SendWelcomeEmailProvider.SendWelcomeEmail(registeredCustomer); } NoticeProvider.PushNotice(StringResourceProvider.GetString("createaccount.aspx.86"), NoticeType.Success); return(RedirectToAction(ActionNames.Index)); }
public ActionResult Create(AccountCreatePostModel model) { var customer = HttpContext.GetCustomer(); if (!ModelState.IsValid) { return(RedirectToAction(ActionNames.Create)); } if (!Customer.NewEmailPassesDuplicationRules(model.Account.Email, customer.CustomerID)) { ModelState.AddModelError( key: "Account.Email", errorMessage: "That EMail Address is Already Used By Another Customer"); return(RedirectToAction(ActionNames.Create)); } switch (ControllerHelper.ValidateAccountPassword(customer, model.Account.Password, model.Account.PasswordConfirmation)) { case AccountControllerHelper.PasswordValidationResult.DoesNotMatch: ModelState.AddModelError( key: "Account.PasswordConfirmation", errorMessage: "The new passwords do not match!"); return(RedirectToAction(ActionNames.Create)); case AccountControllerHelper.PasswordValidationResult.DoesNotMeetMinimum: ModelState.AddModelError( key: "Account.Password", errorMessage: "The new password you created does not meet the minimum requirements. Please make sure that your password is at least 7 characters long and includes at least one letter and at least one number."); return(RedirectToAction(ActionNames.Create)); case AccountControllerHelper.PasswordValidationResult.NotStrong: ModelState.AddModelError( key: "Account.Password", errorMessage: "The new password you created is not a strong password. Please make sure that your password is at least 8 characters long and includes at least one upper case character, one lower case character, one number, and one \"symbol\" character (e.g. ?,&,#,$,%,etc)."); return(RedirectToAction(ActionNames.Create)); } if (AppConfigProvider.GetAppConfigValue <bool>("RequireOver13Checked") && !model.Account.IsOver13) { ModelState.AddModelError( key: "Account.IsOver13", errorMessage: "You Must Be Over 18 To Purchase or have Parental Consent"); return(RedirectToAction(ActionNames.Create)); } if (Settings.RequireCaptchaOnCreateAccount) { var securityCode = CaptchaStorageService.RetrieveSecurityCode(HttpContext, string.Concat(ControllerNames.Account, ActionNames.Create)); if (!ControllerHelper.IsCaptchaValid(securityCode, model.Account.CaptchaCode)) { CaptchaStorageService.ClearSecurityCode(HttpContext); ModelState.AddModelError( key: "Account.CaptchaCode", errorMessage: "The letters you entered did not match, please try again."); return(RedirectToAction(ActionNames.Create)); } } var registeredCustomer = ControllerHelper.CreateAccount(model.Account, customer); ControllerHelper.Login( signedInCustomer: registeredCustomer, profile: HttpContext.Profile, username: model.Account.Email, password: model.Account.Password, skinId: registeredCustomer.SkinID, registering: true); Request .GetOwinContext() .Authentication .SignOut(); Request .GetOwinContext() .Authentication .SignIn( properties: new Microsoft.Owin.Security.AuthenticationProperties { IsPersistent = true }, identities: ClaimsIdentityProvider .CreateClaimsIdentity(registeredCustomer)); // Clear the captcha so additional requests use a different security code. CaptchaStorageService.ClearSecurityCode(HttpContext); if (AppConfigProvider.GetAppConfigValue <bool>("SendWelcomeEmail")) { SendWelcomeEmailProvider.SendWelcomeEmail(registeredCustomer); } NoticeProvider.PushNotice("You have successfully created a new account", NoticeType.Success); return(RedirectToAction(ActionNames.Index)); }