protected void btnGo_Click(object sender, EventArgs e)
{
if (Page.IsValid)
{
try
{
Sitecore.Security.Domains.Domain domain = Sitecore.Context.Domain;
string domainUser = domain.Name + @"\" + txtUsername.Text;
if (Sitecore.Security.Authentication.AuthenticationManager.Login(domainUser, txtPassword.Text, chkPersist.Checked))
{
// Register Goal & set a few values in the visit tags.
Tracker.CurrentVisit.CurrentPage.Register("Login", "[Login] Username: \"" + domainUser + "\"");
AnalyticsHelper.SetVisitTagsOnLogin(domainUser);
if (!string.IsNullOrEmpty(Request.QueryString["item"]))
{
//TODO: FIx this with a decode
Response.Redirect(Request.QueryString["item"].Replace("%2f", @"/"));
}
Sitecore.Web.WebUtil.Redirect("/");
}
else
{
lblMessage.Text = GetDictionaryText("Invalid username or password");
}
}
catch (ApplicationException)
{
lblMessage.Text = GetDictionaryText("Unable to login");
}
}
}
protected virtual bool Login(string username, string password, ref string message)
{
//if the session is old reset it
if (ExtranetSession.ExpiryDate().CompareTo(DateTime.Now) < 1)
{
ExtranetSession.Reset();
}
//increase the counter
ExtranetSession.IncreaseCounter();
//only try to login a limited amount of times
if (ExtranetSession.Count() < ExtranetSecurity.LoginCount())
{
if (ExtranetSecurity.HasExtranetUserPrefix())
{
try
{
Sitecore.Security.Domains.Domain domain = Sitecore.Context.Domain;
string extranetDomainUser = domain.Name + @"\" + ExtranetSecurity.ExtranetUserPrefix() + username;
string sitecoreDomainUser = @"sitecore\" + username;
if (Sitecore.Security.Authentication.AuthenticationManager.Login(extranetDomainUser, password, false) ||
Sitecore.Security.Authentication.AuthenticationManager.Login(sitecoreDomainUser, password, false))
{
//if you pass the login attempt but you're not logged in, that means there's no security attached to your user.
if (ExtranetSecurity.IsLoggedIn())
{
ExtranetSession.Reset();
return(true);
}
else
{
//users with no roles never activated their accounts
message = FormTextUtility.Provider.GetTextByKey("/Login/UserRegisteredNotActivated");
}
}
else
{
//throw new System.Security.Authentication.AuthenticationException("Invalid username or password.");
message = FormTextUtility.Provider.GetTextByKey("/Login/InvalidUsernameOrPassword");
}
}
catch (System.Security.Authentication.AuthenticationException)
{
//generic error
message = FormTextUtility.Provider.GetTextByKey("/Login/AuthenticationError");
}
}
else
{
//actually an error because the extranet user prefix wasn't setup properly
message = ": " + FormTextUtility.Provider.GetTextByKey("/Login/AuthenticationError");
}
}
else
{
//too many attempts to login.
message = FormTextUtility.Provider.GetTextByKey("/Login/TooManyAttempts");
}
return(false);
}
/// <summary>
/// Efficiently fetches a named user from Sitecore.
/// </summary>
/// <param name="username">The name of the user to find from Sitecore.</param>
/// <returns>The matching Sitecore user. Or null if user was not found.</returns>
protected virtual SitecoreUser GetSitecoreUserInternal(string username)
{
var domain = Domain.GetDomain(_sitecoreContext.BackendDomainName);
int count;
var siteCoreUsers = domain.GetUsersByName(0, 1, username, out count).ToList();
return(siteCoreUsers.FirstOrDefault());
}
/// <summary>
/// Returns a list of sitecoreusers for a configured domain.
/// </summary>
/// <remarks>
/// This is a very expensive call!
/// If there are around 8K users, it takes about 4 seconds on a developer computer.
/// </remarks>
/// <returns>List of Sitecore users</returns>
protected virtual IEnumerable <SitecoreUser> GetSitecoreUsersInternal()
{
if (SitecoreUsers == null)
{
// Sites are available in web.config where you can look up the domain name for the backend, and retrieve the security domain that way.
var domain = Domain.GetDomain(_sitecoreContext.BackendDomainName);
var siteCoreUsers = domain.GetUsers().Where(x => x.LocalName != null);
SitecoreUsers = siteCoreUsers.ToList();
}
return(SitecoreUsers);
}
public ActionResult Login(LoginModel model, string returnUrl)
{
if (ModelState.IsValid)
{
Sitecore.Security.Domains.Domain domain = Sitecore.Context.Domain;
string domainUser = domain.Name + @"\" + model.UserName;
if (Sitecore.Security.Authentication.AuthenticationManager.Login(domainUser, model.Password, model.RememberMe))
{
// Register Goal & set a few values in the visit tags.
AnalyticsHelper.RegisterGoalOnCurrentPage("Login", "[Login] Username: \"" + domainUser + "\"");
AnalyticsHelper.SetVisitTagsOnLogin(domainUser, false);
return(RedirectToLocal(returnUrl));
}
}
// If we got this far, something failed, redisplay form
ModelState.AddModelError("", "The user name or password provided is incorrect.");
return(View(model));
}
protected void SignIn(object sender, EventArgs e)
{
if (String.IsNullOrEmpty(txtUsername.Text))
{
lblMessage.Text = "Invalid username.";
Message.Visible = true;
}
else if (String.IsNullOrEmpty(txtPassword.Text))
{
lblMessage.Text = "Invalid password.";
Message.Visible = true;
}
else
{
try
{
Sitecore.Security.Domains.Domain domain = Sitecore.Context.Domain;
string domainUser = domain.Name + @"\" + txtUsername.Text;
if (Sitecore.Security.Authentication.AuthenticationManager.Login(domainUser, txtPassword.Text, Persist.Checked))
{
if (Session["referrer"] != null && Session["referrer"].ToString() != "")
{
Sitecore.Web.WebUtil.Redirect(Session["referrer"].ToString());
}
else
{
Sitecore.Web.WebUtil.Redirect("/");
}
}
else
{
throw new System.Security.Authentication.AuthenticationException("Invalid username or password.");
}
}
catch (System.Security.Authentication.AuthenticationException)
{
lblMessage.Text = "Invalid username or password";
Message.Visible = true;
}
}
}
public static List <object[]> GetDomainPropertiesFull(Sitecore.Security.Domains.Domain d)
{
var results = new List <object[]>()
{
new object[] { "Domain Property", "Value" },
new object[] { "Name", d.Name },
new object[] { "Is Default", d.IsDefault },
new object[] { "Account Prefix", d.AccountPrefix },
new object[] { "Anonymous User Name", d.AnonymousUserName },
new object[] { "Default Profile Item ID", d.DefaultProfileItemID },
new object[] { "Ensure Anonymous User", d.EnsureAnonymousUser },
new object[] { "EveryoneR ole Name", d.EveryoneRoleName },
new object[] { "Locally Managed", d.LocallyManaged },
new object[] { "Anonymous User Email Pattern", d.AnonymousUserEmailPattern },
new object[] { "Account Name Validation", d.AccountNameValidation },
new object[] { "Member Pattern", d.MemberPattern }
};
return(results);
}
// GET: Account
public ActionResult Login()
{
Sitecore.Security.Domains.Domain domain = Sitecore.Context.Domain;
var randomLogin = this.GetRandomLoginDetails();
string domainUser = domain.Name + @"\" + randomLogin.EmailAddress;
bool isNewUser = !Sitecore.Security.Accounts.User.Exists(domainUser);
if (isNewUser)
{
System.Web.Security.Membership.CreateUser(domainUser, USER_PASSWORD, randomLogin.EmailAddress);
}
bool loginSuccessful = Sitecore.Security.Authentication.AuthenticationManager.Login(domainUser, USER_PASSWORD, false);
if (!loginSuccessful)
{
Log.Error("Login/Register failed.", this);
return(null);
}
if (isNewUser)
{
// Register Goal & set a few values in the visit tags.
Sitecore.Context.User.Profile.FullName = randomLogin.FirstName + " " + randomLogin.LastName;
Sitecore.Context.User.Profile.ProfileItemId = "{93B42F5F-17A9-441B-AB6D-444F714EF384}"; //LS User
Sitecore.Context.User.Profile.Save();
AnalyticsHelper.RegisterGoalOnCurrentPage("Register", "[Register] Username: \"" + domainUser + "\"");
AnalyticsHelper.SetVisitTagsOnLogin(domainUser, true);
}
else
{
// Register Goal & set a few values in the visit tags.
AnalyticsHelper.RegisterGoalOnCurrentPage("Login", "[Login] Username: \"" + domainUser + "\"");
AnalyticsHelper.SetVisitTagsOnLogin(domainUser, false);
}
return(Redirect("/"));
}
protected override void DoRender(HtmlTextWriter output)
{
string err = null;
output.Write("<select" + this.GetControlAttributes() + ">");
output.Write("<option value=\"\"></option>");
IEnumerable <SC.Security.Accounts.User> users = null;
bool includeAnonymous = false;
if (!String.IsNullOrEmpty(this.Source))
{
NameValueCollection source = SC.Web.WebUtil.ParseUrlParameters(this.Source);
if (!String.IsNullOrEmpty(source["domain"]))
{
SC.Security.Domains.Domain domain =
SC.SecurityModel.DomainManager.GetDomain(source["domain"]);
if (domain != null)
{
users = domain.GetUsers();
}
else
{
err = SC.Globalization.Translate.Text("Security domain " + source["domain"] + " does not exist.");
}
}
if (!String.IsNullOrEmpty(source["anonymous"]))
{
includeAnonymous = source["anonymous"] == "true";
}
}
if (String.IsNullOrEmpty(err))
{
if (users == null)
{
users = SC.Security.Accounts.UserManager.GetUsers();
}
bool valueFound = String.IsNullOrEmpty(this.Value);
foreach (SC.Security.Accounts.User user in users)
{
if (includeAnonymous ||
user.Domain.GetAnonymousUser() == null || user.Domain.GetAnonymousUser().Name != user.Name)
{
valueFound = valueFound || user.Name == this.Value;
output.Write(
String.Format(
@"<option value=""{0}"" {1}>{2}</option>",
user.Name,
this.Value == user.Name ? " selected=\"selected\"" : String.Empty,
user.Name));
}
}
if (!valueFound)
{
err = SC.Globalization.Translate.Text("Value not in the selection list.");
}
}
if (err != null)
{
output.Write("<optgroup label=\"" + err + "\">");
output.Write("<option value=\"" + this.Value + "\" selected=\"selected\">" + this.Value + "</option>");
output.Write("</optgroup>");
}
output.Write("</select>");
if (err != null)
{
output.Write("<div style=\"color:#999999;padding:2px 0px 0px 0px\">{0}</div>", err);
}
}
public ActionResult Index(LoginViewModel model)
{
//check if this form was actually submitted
if (Request["requestType"] != "loginSubmission")
{
//Default to Non Post Version
return(Index());
}
if (String.IsNullOrEmpty(model.UserName) || String.IsNullOrEmpty(model.Password))
{
var errorMessage = this.GetItem().Fields["MissingUserOrPassword"].Value;
ViewBag.ErrorMessage = errorMessage;
}
else
{
try
{
Sitecore.Security.Domains.Domain domain = Sitecore.Context.Domain;
var userPrefix = this.GetItem().Fields["UserPrefix"].Value;
string domainUser = domain.Name + @"\" + userPrefix + model.UserName;
if (Sitecore.Security.Authentication.AuthenticationManager.Login(domainUser,
model.Password, model.Persistant))
{
var configItem = this.GetItem();
var redirectField = (Sitecore.Data.Fields.LinkField)configItem.Fields["RedirectAfterLogin"];
var redirectUrl = redirectField.GetFriendlyUrl();
//Track for xDB
Sitecore.Analytics.Tracker.Current.Session.Identify(domainUser);
if (string.IsNullOrEmpty(redirectUrl))
{
//redirect to root page if not specified
redirectUrl = "/";
}
Sitecore.Web.WebUtil.Redirect(redirectUrl);
}
else
{
throw new System.Security.Authentication.AuthenticationException(
"Invalid username or password.");
}
}
catch (System.Security.Authentication.AuthenticationException)
{
Sitecore.Diagnostics.Log.Audit("Failed Login attempt for username:[" + model.UserName + "]", this);
var errorMessage = this.GetItem().Fields["InvalidUserOrPassword"].Value;
if (string.IsNullOrEmpty(errorMessage))
{
errorMessage = "Invalid username or password.";
}
ViewBag.ErrorMessage = errorMessage;
}
catch (Exception ex)
{
Sitecore.Diagnostics.Log.Error("Exception encountered when attempting login", ex, this);
var errorMessage = this.GetItem().Fields["GeneralError"].Value;
if (string.IsNullOrEmpty(errorMessage))
{
errorMessage = "Error Occured when attempting login. Please try again.";
}
ViewBag.ErrorMessage = errorMessage;
}
}
return(View(ROOT_VIEW_PATH + "Index.cshtml", model));
}
