public ActionResult Create(RegisterModel model)
{
string restrictedErr = "Sorry, access from your host is restricted. It is possible this restriction is no longer valid. If you think this is the case, please contact support.";
if (!ModelState.IsValidField("Extra"))
{
log.Warn(string.Format("An attempt was made to fill the bot decoy field from {0}.", Hostname));
ipRuleManager.TempBannedIPs.Add(Hostname);
return(View(model));
}
if (config.SiteSettings.SignupsDisabled)
{
ModelState.AddModelError(string.Empty, "Signups are disabled");
}
if (!ReCaptcha.Validate(ConfigurationManager.AppSettings["ReCAPTCHAKey"]))
{
var captchaResponse = Request.Params["recaptcha_response_field"] ?? string.Empty;
ErrorLogger.LogMessage(Request, string.Format("Invalid CAPTCHA (response was {0})", captchaResponse), LogLevel.Warn);
otherService.AuditLog("failed CAPTCHA", Hostname, AuditLogCategory.UserCreateFailCaptcha);
ModelState.AddModelError("CAPTCHA", ViewRes.User.CreateStrings.CaptchaInvalid);
}
if (!ModelState.IsValid)
{
return(View(model));
}
if (!ipRuleManager.IsAllowed(Hostname))
{
ModelState.AddModelError("Restricted", restrictedErr);
return(View(model));
}
var time = TimeSpan.FromTicks(DateTime.Now.Ticks - model.EntryTime);
// Attempt to register the user
try {
var url = VocaUriBuilder.CreateAbsolute(Url.Action("VerifyEmail", "User")).ToString();
var user = Data.Create(model.UserName, model.Password, model.Email ?? string.Empty, Hostname, time, ipRuleManager.TempBannedIPs, url);
FormsAuthentication.SetAuthCookie(user.Name, false);
return(RedirectToAction("Index", "Home"));
} catch (UserNameAlreadyExistsException) {
ModelState.AddModelError("UserName", ViewRes.User.CreateStrings.UsernameTaken);
return(View(model));
} catch (UserEmailAlreadyExistsException) {
ModelState.AddModelError("Email", ViewRes.User.CreateStrings.EmailTaken);
return(View(model));
} catch (InvalidEmailFormatException) {
ModelState.AddModelError("Email", ViewRes.User.MySettingsStrings.InvalidEmail);
return(View(model));
} catch (TooFastRegistrationException) {
ModelState.AddModelError("Restricted", restrictedErr);
return(View(model));
}
}
public async Task <ActionResult> Create(RegisterModel model)
{
string restrictedErr = "Sorry, access from your host is restricted. It is possible this restriction is no longer valid. If you think this is the case, please contact support.";
if (!ModelState.IsValidField("Extra"))
{
log.Warn("An attempt was made to fill the bot decoy field from {0} with the value '{1}'.", Hostname, ModelState["Extra"]);
ipRuleManager.AddTempBannedIP(Hostname, "Attempt to fill the bot decoy field");
return(View(model));
}
if (config.SiteSettings.SignupsDisabled)
{
ModelState.AddModelError(string.Empty, "Signups are disabled");
}
var recaptchaResult = await ReCaptcha2.ValidateAsync(Request, AppConfig.ReCAPTCHAKey);
if (!recaptchaResult.Success)
{
ErrorLogger.LogMessage(Request, string.Format("Invalid CAPTCHA (error {0})", recaptchaResult.Error), LogLevel.Warn);
otherService.AuditLog("failed CAPTCHA", Hostname, AuditLogCategory.UserCreateFailCaptcha);
ModelState.AddModelError("CAPTCHA", ViewRes.User.CreateStrings.CaptchaInvalid);
}
if (!ModelState.IsValid)
{
return(View(model));
}
if (!ipRuleManager.IsAllowed(Hostname))
{
log.Warn("Restricting blocked IP {0}.", Hostname);
ModelState.AddModelError("Restricted", restrictedErr);
return(View(model));
}
var time = TimeSpan.FromTicks(DateTime.Now.Ticks - model.EntryTime);
// Attempt to register the user
try {
var url = VocaUriBuilder.CreateAbsolute(Url.Action("VerifyEmail", "User")).ToString();
var user = await Data.Create(model.UserName, model.Password, model.Email ?? string.Empty, Hostname,
Request.UserAgent,
WebHelper.GetInterfaceCultureName(Request),
time, ipRuleManager, url);
FormsAuthentication.SetAuthCookie(user.Name, false);
return(RedirectToAction("Index", "Home"));
} catch (UserNameAlreadyExistsException) {
ModelState.AddModelError("UserName", ViewRes.User.CreateStrings.UsernameTaken);
return(View(model));
} catch (UserEmailAlreadyExistsException) {
ModelState.AddModelError("Email", ViewRes.User.CreateStrings.EmailTaken);
return(View(model));
} catch (InvalidEmailFormatException) {
ModelState.AddModelError("Email", ViewRes.User.MySettingsStrings.InvalidEmail);
return(View(model));
} catch (TooFastRegistrationException) {
ModelState.AddModelError("Restricted", restrictedErr);
return(View(model));
} catch (RestrictedIPException) {
ModelState.AddModelError("Restricted", restrictedErr);
return(View(model));
}
}
public async Task Create_RegistrationTimeTrigger()
{
await CallCreate(timeSpan : TimeSpan.FromSeconds(4));
Assert.IsTrue(ipRuleManager.IsAllowed(defaultHostname), "Was not banned");
}