public Yield PostUserAuth(DreamContext context, DreamMessage request, Result <DreamMessage> response) { uint serviceId = context.GetParam <uint>("authprovider", 0); bool altPassword; //This will internally fail with a 501 response if credentials are invalid. //Anonymous accounts (no credentials/authtoken) are not allowed -> 401 UserBE u = SetContextAndAuthenticate(request, serviceId, context.Verb == Verb.POST, false, true, out altPassword); PermissionsBL.CheckUserAllowed(u, Permissions.LOGIN); string token = AuthBL.CreateAuthTokenForUser(u); try { PageBL.CreateUserHomePage(DekiContext.Current.User); } catch { } XUri redirectUri = XUri.TryParse(context.GetParam("redirect", null)); DreamMessage ret = BuildSetAuthTokenResponse(token, redirectUri); DekiContext.Current.Instance.EventSink.UserLogin(DekiContext.Current.Now, DekiContext.Current.User); //TODO Max: Set a response header or status to indicate that an alt password was used. response.Return(ret); yield break; }
public static UserBE CreateNewUser(UserBE newUser) { if (newUser == null) { return(null); } //throw exception if licensing does not allow creation of another user DekiContext.Current.LicenseManager.IsUserCreationAllowed(true); if (newUser.RoleId == 0) { RoleBE defaultRole = PermissionsBL.RetrieveDefaultRoleForNewAccounts(); if (defaultRole != null) { newUser.RoleId = defaultRole.ID; } } ValidateUser(newUser); newUser.CreateTimestamp = DateTime.UtcNow; uint userId = DbUtils.CurrentSession.Users_Insert(newUser); if (userId == 0) { return(null); } newUser.ID = userId; PageBE userHomepage = null; try { // User homepages are created upon user creation (an attempt to create user homepages may also be done upon login) userHomepage = PageBL.CreateUserHomePage(newUser); } catch (Exception e) { _log.WarnExceptionFormat(e, "Error creating user page for {0}", newUser); } if (userHomepage != null) { var rcUser = UserBL.GetUserById(userHomepage.UserID) ?? DekiContext.Current.User ?? newUser; RecentChangeBL.AddUserCreatedRecentChange(DekiContext.Current.Now, userHomepage, rcUser, DekiResources.USER_ADDED(newUser.Name)); } DekiContext.Current.Instance.EventSink.UserCreate(DekiContext.Current.Now, newUser); return(newUser); }