private void SetupReturnUrlCookie()
{
if (Page.IsPostBack)
{ return; }
string returnUrl = string.Empty;
if (Page.Request.UrlReferrer != null)
{
string urlReferrer = Page.Request.UrlReferrer.ToString();
if ((urlReferrer.StartsWith(SiteRoot)) || (urlReferrer.StartsWith(SiteRoot.Replace("https://", "http://"))))
{
returnUrl = urlReferrer;
}
}
string returnUrlParam = Page.Request.Params.Get("returnurl");
if (!String.IsNullOrEmpty(returnUrlParam))
{
returnUrlParam = SecurityHelper.RemoveMarkup(Page.Server.UrlDecode(returnUrlParam));
string redirectUrl = Page.ResolveUrl(returnUrlParam);
if ((redirectUrl.StartsWith(SiteRoot)) || (redirectUrl.StartsWith(SiteRoot.Replace("https://", "http://"))))
{
returnUrl = redirectUrl;
}
}
if (returnUrl.Length > 0)
{ CookieHelper.SetCookie(returnUrlCookieName, returnUrl); }
}
private void Page_Load(object sender, EventArgs e)
{
if (SiteUtils.SslIsAvailable())
SiteUtils.ForceSsl();
SecurityHelper.DisableBrowserCache();
if (Request.IsAuthenticated)
{
string returnUrlParam = Page.Request.Params.Get("returnurl");
if (!String.IsNullOrEmpty(returnUrlParam) && !returnUrlParam.ToLower().Contains("/accessdenied.aspx"))
{
returnUrlParam = SecurityHelper.RemoveMarkup(Page.Server.UrlDecode(returnUrlParam));
string redirectUrl = Page.ResolveUrl(returnUrlParam);
if (
((redirectUrl.StartsWith("/")) && (!(redirectUrl.StartsWith("//"))))
|| (redirectUrl.StartsWith(SiteRoot))
|| (redirectUrl.StartsWith(SiteRoot.Replace("https://", "http://"))))
{
WebUtils.SetupRedirect(this, returnUrlParam);
return;
}
}
// user is logged in
WebUtils.SetupRedirect(this, SiteRoot + "/Default.aspx");
return;
}
PopulateLabels();
login1.SetFocus = true;
if (siteSettings.LoginInfoTop.Length > 0)
{
pnlTopContent.Visible = true;
litTopContent.Text = siteSettings.LoginInfoTop;
}
if (siteSettings.LoginInfoBottom.Length > 0)
{
pnlBottomContent.Visible = true;
litBottomContent.Text = siteSettings.LoginInfoBottom;
}
SetupReturnUrlCookie();
if (siteSettings.DisableDbAuth)
{ pnlStandardLogin.Visible = false; }
}
private void LoadSettings()
{
if (WebConfigSettings.AllowUserProfilePage)
{
this.RegisterUser.FinishDestinationPageUrl
= SiteRoot + "/Secure/UserProfile.aspx";
this.RegisterUser.ContinueDestinationPageUrl
= SiteRoot + "/Secure/UserProfile.aspx";
this.RegisterUser.EditProfileUrl = SiteRoot + "/Secure/UserProfile.aspx";
}
else
{
this.RegisterUser.FinishDestinationPageUrl = SiteRoot;
this.RegisterUser.ContinueDestinationPageUrl = SiteRoot;
this.RegisterUser.EditProfileUrl = SiteRoot;
}
rpxApiKey = siteSettings.RpxNowApiKey;
rpxApplicationName = siteSettings.RpxNowApplicationName;
if (WebConfigSettings.UseOpenIdRpxSettingsFromWebConfig)
{
if (WebConfigSettings.OpenIdRpxApiKey.Length > 0)
{
rpxApiKey = WebConfigSettings.OpenIdRpxApiKey;
}
if (WebConfigSettings.OpenIdRpxApplicationName.Length > 0)
{
rpxApplicationName = WebConfigSettings.OpenIdRpxApplicationName;
}
}
//string returnUrlParam = Page.Request.Params.Get("returnurl");
//if (!String.IsNullOrEmpty(returnUrlParam))
//{
// string redirectUrl = Page.ResolveUrl(Page.Server.UrlDecode(returnUrlParam));
// this.RegisterUser.FinishDestinationPageUrl = redirectUrl;
// this.RegisterUser.ContinueDestinationPageUrl = redirectUrl;
//}
if (ViewState["returnurl"] != null)
{
this.RegisterUser.ContinueDestinationPageUrl = ViewState["returnurl"].ToString();
}
if (Request.Params.Get("returnurl") != null)
{
string returnUrlParam = Page.Request.Params.Get("returnurl");
if (!String.IsNullOrEmpty(returnUrlParam))
{
returnUrlParam = SecurityHelper.RemoveMarkup(returnUrlParam);
string redirectUrl = Page.ResolveUrl(SecurityHelper.RemoveMarkup(Page.Server.UrlDecode(returnUrlParam)));
if ((redirectUrl.StartsWith(SiteRoot)) || (redirectUrl.StartsWith(SiteRoot.Replace("https://", "http://"))))
{
this.RegisterUser.ContinueDestinationPageUrl = redirectUrl;
}
}
}
timeOffset = SiteUtils.GetUserTimeOffset();
if (WebConfigSettings.ShowCustomProfilePropertiesAboveManadotoryRegistrationFields)
{
pnlProfile = (Panel)CreateUserWizardStep1.ContentTemplateContainer.FindControl("pnlRequiredProfilePropertiesUpper");
}
else
{
pnlProfile = (Panel)CreateUserWizardStep1.ContentTemplateContainer.FindControl("pnlRequiredProfileProperties");
}
showRpx = ((!WebConfigSettings.DisableRpxAuthentication) && (rpxApiKey.Length > 0));
showOpenId = (
(WebConfigSettings.EnableOpenIdAuthentication && siteSettings.AllowOpenIdAuth)
);
string wlAppId = siteSettings.WindowsLiveAppId;
if (ConfigurationManager.AppSettings["GlobalWindowsLiveAppId"] != null)
{
wlAppId = ConfigurationManager.AppSettings["GlobalWindowsLiveAppId"];
if (wlAppId.Length == 0)
{
wlAppId = siteSettings.WindowsLiveAppId;
}
}
showWindowsLive
= WebConfigSettings.EnableWindowsLiveAuthentication &&
siteSettings.AllowWindowsLiveAuth &&
(wlAppId.Length > 0);
if (IsPostBack)
{
showOpenId = false;
showWindowsLive = false;
showRpx = false;
}
pnlThirdPartyAuth.Visible = (showOpenId || showWindowsLive || showRpx);
divLiteralOr.Visible = (showOpenId && showWindowsLive);
pnlOpenID.Visible = showOpenId;
pnlWindowsLiveID.Visible = showWindowsLive;
pnlRpx.Visible = showRpx;
//if ((!WebConfigSettings.DisableRpxAuthentication)&&(rpxApiKey.Length > 0))
//{
// //pnlOpenID.Visible = true;
// rpxLink.Visible = true;
// lnkOpenIDRegistration.Visible = false;
//}
if (siteSettings.DisableDbAuth)
{
pnlStandardRegister.Visible = false;
}
}
private void SignInUser(SiteUser user, bool isNewUser)
{
if (
(siteSettings.UseSecureRegistration) &&
(user.RegisterConfirmGuid != Guid.Empty)
)
{
Notification.SendRegistrationConfirmationLink(
SiteUtils.GetSmtpSettings(),
ResourceHelper.GetMessageTemplate("RegisterConfirmEmailMessage.config"),
siteSettings.DefaultEmailFromAddress,
siteSettings.DefaultFromEmailAlias,
user.Email,
siteSettings.SiteName,
SiteRoot + "/ConfirmRegistration.aspx?ticket=" +
user.RegisterConfirmGuid.ToString());
log.Info("User " + user.Name + " tried to login but email address is not confirmed.");
lblError.Text = Resource.RegistrationRequiresEmailConfirmationMessage;
litInfoNeededMessage.Visible = false;
pnlRequiredProfileProperties.Visible = false;
btnCreateUser.Visible = false;
return;
}
if (user.IsLockedOut)
{
log.Info("User " + user.Name + " tried to login but account is locked.");
lblError.Text = Resource.LoginAccountLockedMessage;
return;
}
if ((siteSettings.RequireApprovalBeforeLogin) && (!user.ApprovedForLogin))
{
log.Info("User " + user.Name + " tried to login but account is not approved yet.");
lblError.Text = Resource.LoginNotApprovedMessage;
return;
}
if (siteSettings.UseEmailForLogin)
{
FormsAuthentication.SetAuthCookie(user.Email, true);
}
else
{
FormsAuthentication.SetAuthCookie(user.LoginName, true);
}
if (WebConfigSettings.UseFolderBasedMultiTenants)
{
string cookieName = "siteguid" + siteSettings.SiteGuid;
CookieHelper.SetCookie(cookieName, user.UserGuid.ToString(), true);
}
if (user.UserId > -1 && siteSettings.AllowUserSkins && user.Skin.Length > 0)
{
SiteUtils.SetSkinCookie(user);
}
user.UpdateLastLoginTime();
// track user ip address
UserLocation userLocation = new UserLocation(user.UserGuid, SiteUtils.GetIP4Address());
userLocation.SiteGuid = siteSettings.SiteGuid;
userLocation.Hostname = Request.UserHostName;
userLocation.Save();
UserSignInEventArgs u = new UserSignInEventArgs(user);
OnUserSignIn(u);
if (CookieHelper.CookieExists(returnUrlCookieName))
{
returnUrl = CookieHelper.GetCookieValue(returnUrlCookieName);
CookieHelper.ExpireCookie(returnUrlCookieName);
}
string requestedReturnUrl = SiteUtils.GetReturnUrlParam(Page, SiteRoot);
returnUrl = requestedReturnUrl;
if (isNewUser)
{
if (WebConfigSettings.PageToRedirectToAfterRegistration.Length > 0)
{
returnUrl = SiteRoot + WebConfigSettings.PageToRedirectToAfterRegistration;
}
}
if (String.IsNullOrEmpty(returnUrl) ||
returnUrl.Contains("AccessDenied") ||
returnUrl.Contains("Login") ||
returnUrl.Contains("SignIn") ||
returnUrl.Contains("ConfirmRegistration.aspx") ||
returnUrl.Contains("OpenIdRpxHandler.aspx") ||
returnUrl.Contains("RecoverPassword.aspx") ||
returnUrl.Contains("Register")
)
{
returnUrl = SiteRoot;
}
if (returnUrl.Length > 0)
{
if (SiteUtils.IsSecureRequest())
{
if (returnUrl.StartsWith("http:"))
{
returnUrl = returnUrl.Replace("http:", "https:");
}
}
WebUtils.SetupRedirect(this, returnUrl);
return;
}
if (SiteUtils.IsSecureRequest())
{
if (SiteRoot.StartsWith("http:"))
{
WebUtils.SetupRedirect(this, SiteRoot.Replace("http:", "https:"));
return;
}
}
WebUtils.SetupRedirect(this, SiteRoot);
return;
}
private void Page_Load(object sender, EventArgs e)
{
if (SiteUtils.SslIsAvailable())
{
SiteUtils.ForceSsl();
}
SecurityHelper.DisableBrowserCache();
if (Request.IsAuthenticated)
{
string returnUrlParam = Page.Request.Params.Get("returnurl");
if (!String.IsNullOrEmpty(returnUrlParam) && !returnUrlParam.ToLower().Contains("/accessdenied.aspx"))
{
returnUrlParam = SecurityHelper.RemoveMarkup(Page.Server.UrlDecode(returnUrlParam));
string redirectUrl = Page.ResolveUrl(returnUrlParam);
if (
((redirectUrl.StartsWith("/")) && (!(redirectUrl.StartsWith("//")))) ||
(redirectUrl.StartsWith(SiteRoot)) ||
(redirectUrl.StartsWith(SiteRoot.Replace("https://", "http://"))))
{
WebUtils.SetupRedirect(this, returnUrlParam);
return;
}
}
// user is logged in
WebUtils.SetupRedirect(this, SiteRoot + "/Default.aspx");
return;
}
//lblUserID = (SiteLabel)this.LoginCtrl.FindControl("lblUserID");
//lblEmail = (SiteLabel)this.LoginCtrl.FindControl("lblEmail");
//txtUserName = (TextBox)this.LoginCtrl.FindControl("UserName");
//txtPassword = (TextBox)this.LoginCtrl.FindControl("Password");
//chkRememberMe = (CheckBox)this.LoginCtrl.FindControl("RememberMe");
//btnLogin = (mojoButton)this.LoginCtrl.FindControl("Login");
//lnkRecovery = (HyperLink)this.LoginCtrl.FindControl("lnkPasswordRecovery");
//lnkExtraLink = (HyperLink)this.LoginCtrl.FindControl("lnkRegisterExtraLink");
//divCaptcha = (Panel)LoginCtrl.FindControl("divCaptcha");
//captcha = (CaptchaControl)LoginCtrl.FindControl("captcha");
//if (!siteSettings.RequireCaptchaOnLogin)
//{
// if (divCaptcha != null) { divCaptcha.Visible = false; }
// if (captcha != null) { captcha.Captcha.Enabled = false; }
//}
//else
//{
// captcha.ProviderName = siteSettings.CaptchaProvider;
// captcha.RecaptchaPrivateKey = siteSettings.RecaptchaPrivateKey;
// captcha.RecaptchaPublicKey = siteSettings.RecaptchaPublicKey;
//}
PopulateLabels();
string wlAppId = siteSettings.WindowsLiveAppId;
if (ConfigurationManager.AppSettings["GlobalWindowsLiveAppId"] != null)
{
wlAppId = ConfigurationManager.AppSettings["GlobalWindowsLiveAppId"];
if (wlAppId.Length == 0)
{
wlAppId = siteSettings.WindowsLiveAppId;
}
}
pnlWindowsLive.Visible
= WebConfigSettings.EnableWindowsLiveAuthentication &&
siteSettings.AllowWindowsLiveAuth &&
(wlAppId.Length > 0);
divLiteralOr.Visible = (pnlOpenID.Visible && pnlWindowsLive.Visible);
login1.SetFocus = true;
//if ((siteSettings.UseEmailForLogin)&&(!siteSettings.UseLdapAuth))
//{
// if (!WebConfigSettings.AllowLoginWithUsernameWhenSiteSettingIsUseEmailForLogin)
// {
// RegularExpressionValidator regexEmail = new RegularExpressionValidator();
// regexEmail.ControlToValidate = txtUserName.ID;
// //regexEmail.ValidationExpression = @"^([0-9a-zA-Z]([-.\w]*[0-9a-zA-Z])*@(([0-9a-zA-Z])+([-\w]*[0-9a-zA-Z])*\.)+[a-zA-Z]{2,9})$";
// regexEmail.ValidationExpression = SecurityHelper.RegexEmailValidationPattern;
// regexEmail.ErrorMessage = Resource.LoginFailedInvalidEmailFormatMessage;
// this.LoginCtrl.Controls.Add(regexEmail);
// }
//}
if (siteSettings.LoginInfoTop.Length > 0)
{
pnlTopContent.Visible = true;
litTopContent.Text = siteSettings.LoginInfoTop;
}
if (siteSettings.LoginInfoBottom.Length > 0)
{
pnlBottomContent.Visible = true;
litBottomContent.Text = siteSettings.LoginInfoBottom;
}
SetupReturnUrlCookie();
if (siteSettings.DisableDbAuth)
{
pnlStandardLogin.Visible = false;
}
}