protected void Application_PostAuthenticateRequest(Object sender, EventArgs e) { if (!RequestRequiresAuth()) { return; } if (!User.Identity.IsAuthenticated) { return; } if (User is ExceptionlessPrincipal) { return; } CheckDbOrCacheDown(); try { var userRepository = DependencyResolver.Current.GetService <IUserRepository>(); User user = userRepository.GetByEmailAddress(User.Identity.Name); if (user == null) { FormsAuthentication.SignOut(); FormsAuthentication.RedirectToLoginPage(); return; } var principal = new ExceptionlessPrincipal(user); Thread.CurrentPrincipal = principal; if (HttpContext.Current != null) { HttpContext.Current.User = principal; } } catch (MongoConnectionException ex) { Log.Error().Exception(ex).Message("Error getting user: {0}", ex.Message).Report().Write(); MarkDbDown(); RedirectToMaintenancePage(); } catch (SocketException ex) { Log.Error().Exception(ex).Message("Error getting user: {0}", ex.Message).Report().Write(); MarkDbDown(); RedirectToMaintenancePage(); } }
//[ValidateJsonAntiForgeryToken] public ActionResult Manage(ManageModel model) { ModelState state = ModelState["OldPassword"]; if (state != null) { state.Errors.Clear(); } state = ModelState["NewPassword"]; if (state != null) { state.Errors.Clear(); } state = ModelState["ConfirmPassword"]; if (state != null) { state.Errors.Clear(); } User user = User.UserEntity; if (ModelState.IsValid) { try { _userRepository.InvalidateCache(user); if (!String.Equals(user.EmailAddress, model.EmailAddress, StringComparison.OrdinalIgnoreCase)) { if (_userRepository.GetByEmailAddress(model.EmailAddress) != null) { throw new InvalidOperationException("A user with this email address already exists."); } user.IsEmailAddressVerified = user.OAuthAccounts.Count(oa => String.Equals(oa.EmailAddress(), model.EmailAddress, StringComparison.OrdinalIgnoreCase)) > 0; } user.EmailAddress = model.EmailAddress; user.EmailNotificationsEnabled = model.EmailNotificationsEnabled; user.FullName = model.FullName; _membershipProvider.UpdateAccount(user); // NOTE: If a user is updating their profile but hasn't verified the email address.. I think we should send them a notification every time.. if (!user.IsEmailAddressVerified) { user.VerifyEmailAddressToken = _membershipProvider.GenerateVerifyEmailToken(user.EmailAddress); _mailer.SendVerifyEmailAsync(user); } var principal = new ExceptionlessPrincipal(user); Thread.CurrentPrincipal = principal; if (System.Web.HttpContext.Current != null) { System.Web.HttpContext.Current.User = principal; } } catch (Exception e) { ModelState.AddModelError("", e.Message); } } if (!ModelState.IsValid) { Response.StatusCode = (int)HttpStatusCode.BadRequest; return(Json(ModelState.ToDictionary())); } return(Json(new { IsVerified = user.IsEmailAddressVerified })); }