private void HandleWindowsLiveConfirmation(SiteUser siteUser)
{
if ((liveUser == null) || (windowsLive == null)) { return; }
if (siteSettings.UseEmailForLogin)
{
FormsAuthentication.SetAuthCookie(
siteUser.Email, liveUser.UsePersistentCookie);
}
else
{
FormsAuthentication.SetAuthCookie(
siteUser.LoginName, liveUser.UsePersistentCookie);
}
if (WebConfigSettings.UseFoldersInsteadOfHostnamesForMultipleSites)
{
string cookieName = "siteguid" + siteSettings.SiteGuid;
CookieHelper.SetCookie(cookieName, siteUser.UserGuid.ToString(), liveUser.UsePersistentCookie);
}
if (siteUser.UserId > -1 && siteSettings.AllowUserSkins && siteUser.Skin.Length > 0)
{
SiteUtils.SetSkinCookie(siteUser);
}
siteUser.UpdateLastLoginTime();
//WebUtils.SetupRedirect(this, SiteRoot + "/Secure/UserProfile.aspx");
}
private void DoNewUserLogic(OpenIdEventArgs e)
{
if (e == null) { return; }
ClaimsResponse claim = e.Response.GetExtension<ClaimsResponse>();
if (claim == null) { return; }
if (IsValidForUserCreation(e, claim))
{
if (SiteUser.EmailExistsInDB(siteSettings.SiteId, claim.Email))
{
// show message that user should login and associate
// their open id account on their profile page.
lblError.Text = Resource.OpenIDRegisterUserEmailExistsMessage;
return;
}
else
{
// create user automagically since we have all
// the needed data
SiteUser newUser = new SiteUser(siteSettings);
newUser.Email = claim.Email;
newUser.Name = claim.FullName;
string loginName = newUser.Name.Replace(" ", ".").ToLower();
if (loginName.Length > 50) loginName = loginName.Substring(0, 50);
if (SiteUser.LoginExistsInDB(
siteSettings.SiteId, loginName))
{
loginName = e.ClaimedIdentifier.ToString().Replace("http://", string.Empty).Replace("https://", string.Empty).Replace("/", string.Empty);
if (loginName.Length > 50) loginName = loginName.Substring(0, 50);
int i = 1;
while (SiteUser.LoginExistsInDB(
siteSettings.SiteId, loginName))
{
loginName += i.ToString();
if (loginName.Length > 50) loginName = loginName.Remove(40, 1);
i++;
}
}
newUser.LoginName = loginName;
newUser.Password = SiteUser.CreateRandomPassword(7, WebConfigSettings.PasswordGeneratorChars);
newUser.PasswordQuestion = Resource.ManageUsersDefaultSecurityQuestion;
newUser.PasswordAnswer = Resource.ManageUsersDefaultSecurityAnswer;
newUser.OpenIdUri = e.ClaimedIdentifier.ToString();
newUser.Save();
if (siteSettings.UseSecureRegistration)
{
newUser.SetRegistrationConfirmationGuid(Guid.NewGuid());
}
// track user ip address
UserLocation userLocation = new UserLocation(newUser.UserGuid, SiteUtils.GetIP4Address());
userLocation.SiteGuid = siteSettings.SiteGuid;
userLocation.Hostname = Page.Request.UserHostName;
userLocation.Save();
if (
(siteSettings.UseSecureRegistration)
&& (newUser.RegisterConfirmGuid != Guid.Empty)
)
{
Notification.SendRegistrationConfirmationLink(
SiteUtils.GetSmtpSettings(),
ResourceHelper.GetMessageTemplate("RegisterConfirmEmailMessage.config"),
siteSettings.DefaultEmailFromAddress,
siteSettings.DefaultFromEmailAlias,
newUser.Email,
siteSettings.SiteName,
WebUtils.GetSiteRoot() + "/ConfirmRegistration.aspx?ticket=" +
newUser.RegisterConfirmGuid.ToString());
lblError.Text = Resource.LoginUnconfirmedEmailMessage;
log.Info("Automatically created User " + newUser.Name + " on login from open id. Tried to login but email address is not confirmed.");
return;
}
if (siteSettings.UseEmailForLogin)
{
FormsAuthentication.SetAuthCookie(
newUser.Email, true);
}
else
{
FormsAuthentication.SetAuthCookie(
newUser.LoginName, true);
}
if (WebConfigSettings.UseFoldersInsteadOfHostnamesForMultipleSites)
{
string cookieName = "siteguid" + siteSettings.SiteGuid;
CookieHelper.SetCookie(cookieName, newUser.UserGuid.ToString(), true);
}
newUser.UpdateLastLoginTime();
string redirectUrl = GetRedirectPath();
CookieHelper.ExpireCookie(returnUrlCookieName);
WebUtils.SetupRedirect(this, redirectUrl);
return;
}
}
else
{
// user not found
// required fields not available from open id
// redirect to register page?
// Or show message with Link to
// register page
string registerLinkHref = siteRoot
+ "/Secure/RegisterWithOpenID.aspx";
litNotRegisteredYetMessage.Text
= string.Format(
Resource.OpenIDMustRegisterBeforeLoginMesage,
registerLinkHref);
}
}
private void DoExistingUserLogic(Guid userGuid)
{
// user found so login if allowed
SiteUser user = new SiteUser(siteSettings, userGuid);
if (
(siteSettings.UseSecureRegistration)
&& (user.RegisterConfirmGuid != Guid.Empty)
)
{
Notification.SendRegistrationConfirmationLink(
SiteUtils.GetSmtpSettings(),
ResourceHelper.GetMessageTemplate("RegisterConfirmEmailMessage.config"),
siteSettings.DefaultEmailFromAddress,
siteSettings.DefaultFromEmailAlias,
user.Email,
siteSettings.SiteName,
WebUtils.GetSiteRoot() + "/ConfirmRegistration.aspx?ticket=" +
user.RegisterConfirmGuid.ToString());
lblError.Text = Resource.LoginUnconfirmedEmailMessage;
log.Info("User " + user.Name + " tried to login but email address is not confirmed.");
return;
}
if (user.IsLockedOut)
{
lblError.Text = Resource.LoginAccountLockedMessage;
log.Info("User " + user.Name + " tried to login but account is locked.");
return;
}
if (siteSettings.UseEmailForLogin)
{
FormsAuthentication.SetAuthCookie(
user.Email, true);
}
else
{
FormsAuthentication.SetAuthCookie(
user.LoginName, true);
}
if (WebConfigSettings.UseFoldersInsteadOfHostnamesForMultipleSites)
{
string cookieName = "siteguid" + siteSettings.SiteGuid;
CookieHelper.SetCookie(cookieName, user.UserGuid.ToString(), true);
}
user.UpdateLastLoginTime();
// track user ip address
UserLocation userLocation = new UserLocation(user.UserGuid, SiteUtils.GetIP4Address());
userLocation.SiteGuid = siteSettings.SiteGuid;
userLocation.Hostname = Page.Request.UserHostName;
userLocation.Save();
string redirectUrl = GetRedirectPath();
CookieHelper.ExpireCookie(returnUrlCookieName);
UserSignInEventArgs u = new UserSignInEventArgs(user);
OnUserSignIn(u);
WebUtils.SetupRedirect(this, redirectUrl);
return;
}
private void SignInUser(SiteUser user, bool isNewUser)
{
if (
(siteSettings.UseSecureRegistration)
&& (user.RegisterConfirmGuid != Guid.Empty)
)
{
Notification.SendRegistrationConfirmationLink(
SiteUtils.GetSmtpSettings(),
ResourceHelper.GetMessageTemplate("RegisterConfirmEmailMessage.config"),
siteSettings.DefaultEmailFromAddress,
siteSettings.DefaultFromEmailAlias,
user.Email,
siteSettings.SiteName,
SiteRoot+ "/ConfirmRegistration.aspx?ticket=" +
user.RegisterConfirmGuid.ToString());
log.Info("User " + user.Name + " tried to login but email address is not confirmed.");
lblError.Text = Resource.RegistrationRequiresEmailConfirmationMessage;
litInfoNeededMessage.Visible = false;
pnlRequiredProfileProperties.Visible = false;
btnCreateUser.Visible = false;
return;
}
if (user.IsLockedOut)
{
log.Info("User " + user.Name + " tried to login but account is locked.");
lblError.Text = Resource.LoginAccountLockedMessage;
return;
}
if ((siteSettings.RequireApprovalBeforeLogin)&&(!user.ApprovedForLogin))
{
log.Info("User " + user.Name + " tried to login but account is not approved yet.");
lblError.Text = Resource.LoginNotApprovedMessage;
return;
}
if (siteSettings.UseEmailForLogin)
{
FormsAuthentication.SetAuthCookie(
user.Email, true);
}
else
{
FormsAuthentication.SetAuthCookie(
user.LoginName, true);
}
if (WebConfigSettings.UseFoldersInsteadOfHostnamesForMultipleSites)
{
string cookieName = "siteguid" + siteSettings.SiteGuid;
CookieHelper.SetCookie(cookieName, user.UserGuid.ToString(), true);
}
if (user.UserId > -1 && siteSettings.AllowUserSkins && user.Skin.Length > 0)
{
SiteUtils.SetSkinCookie(user);
}
user.UpdateLastLoginTime();
// track user ip address
UserLocation userLocation = new UserLocation(user.UserGuid, SiteUtils.GetIP4Address());
userLocation.SiteGuid = siteSettings.SiteGuid;
userLocation.Hostname = Request.UserHostName;
userLocation.Save();
UserSignInEventArgs u = new UserSignInEventArgs(user);
OnUserSignIn(u);
if (CookieHelper.CookieExists(returnUrlCookieName))
{
returnUrl = CookieHelper.GetCookieValue(returnUrlCookieName);
CookieHelper.ExpireCookie(returnUrlCookieName);
}
string requestedReturnUrl = SiteUtils.GetReturnUrlParam(Page, SiteRoot);
returnUrl = requestedReturnUrl;
if (isNewUser)
{
if (WebConfigSettings.PageToRedirectToAfterRegistration.Length > 0)
{
returnUrl = SiteRoot + WebConfigSettings.PageToRedirectToAfterRegistration;
}
}
if (String.IsNullOrEmpty(returnUrl) ||
returnUrl.Contains("AccessDenied") ||
returnUrl.Contains("Login") ||
returnUrl.Contains("SignIn") ||
returnUrl.Contains("ConfirmRegistration.aspx") ||
returnUrl.Contains("OpenIdRpxHandler.aspx") ||
returnUrl.Contains("RecoverPassword.aspx") ||
returnUrl.Contains("Register")
)
{
returnUrl = SiteRoot;
}
if (returnUrl.Length > 0)
{
if (SiteUtils.IsSecureRequest())
{
if (returnUrl.StartsWith("http:"))
{
returnUrl = returnUrl.Replace("http:", "https:");
}
}
WebUtils.SetupRedirect(this, returnUrl);
return;
}
if (SiteUtils.IsSecureRequest())
{
if (SiteRoot.StartsWith("http:"))
{
WebUtils.SetupRedirect(this, SiteRoot.Replace("http:", "https:"));
return;
}
}
WebUtils.SetupRedirect(this, SiteRoot);
return;
}
private void DoUserLogin(SiteUser siteUser)
{
if (
(siteSettings.UseSecureRegistration)
&& (siteUser.RegisterConfirmGuid != Guid.Empty)
)
{
Notification.SendRegistrationConfirmationLink(
SiteUtils.GetSmtpSettings(),
ResourceHelper.GetMessageTemplate("RegisterConfirmEmailMessage.config"),
siteSettings.DefaultEmailFromAddress,
siteSettings.DefaultFromEmailAlias,
siteUser.Email,
siteSettings.SiteName,
WebUtils.GetSiteRoot() + "/ConfirmRegistration.aspx?ticket=" +
siteUser.RegisterConfirmGuid.ToString());
lblError.Text = Resource.RegistrationRequiresEmailConfirmationMessage;
pnlWindowsLiveRegister.Visible = false;
}
else
{
if (siteUser.IsLockedOut)
{
lblError.Text = Resource.LoginAccountLockedMessage;
pnlWindowsLiveRegister.Visible = false;
}
else
{
if (siteSettings.UseEmailForLogin)
{
FormsAuthentication.SetAuthCookie(
siteUser.Email, persistCookie);
}
else
{
FormsAuthentication.SetAuthCookie(
siteUser.LoginName, persistCookie);
}
if (WebConfigSettings.UseFoldersInsteadOfHostnamesForMultipleSites)
{
string cookieName = "siteguid" + siteSettings.SiteGuid;
CookieHelper.SetCookie(cookieName, siteUser.UserGuid.ToString(), persistCookie);
}
if (siteUser.UserId > -1 && siteSettings.AllowUserSkins && siteUser.Skin.Length > 0)
{
SiteUtils.SetSkinCookie(siteUser);
}
siteUser.UpdateLastLoginTime();
WebUtils.SetupRedirect(this, SiteRoot + "/Secure/UserProfile.aspx");
}
}
}
private void DoExistingUserLogic(Guid userGuid)
{
// user found so login if allowed
SiteUser user = new SiteUser(siteSettings, userGuid);
bool canLogin = true;
if (
(siteSettings.UseSecureRegistration)
&& (user.RegisterConfirmGuid != Guid.Empty)
)
{
Notification.SendRegistrationConfirmationLink(
SiteUtils.GetSmtpSettings(),
ResourceHelper.GetMessageTemplate("RegisterConfirmEmailMessage.config"),
siteSettings.DefaultEmailFromAddress,
siteSettings.DefaultFromEmailAlias,
user.Email,
siteSettings.SiteName,
WebUtils.GetSiteRoot() + "/ConfirmRegistration.aspx?ticket=" +
user.RegisterConfirmGuid.ToString());
log.Info("User " + user.Name + " tried to login but email address is not confirmed.");
canLogin = false;
}
if (user.IsLockedOut)
{
log.Info("User " + user.Name + " tried to login but account is locked.");
canLogin = false;
}
if ((siteSettings.RequireApprovalBeforeLogin) && (!user.ApprovedForLogin))
{
log.Info("User " + user.Name + " tried to login but account is not approved yet.");
canLogin = false;
}
if (canLogin)
{
if (siteSettings.UseEmailForLogin)
{
FormsAuthentication.SetAuthCookie(
user.Email, persistCookie);
}
else
{
FormsAuthentication.SetAuthCookie(
user.LoginName, persistCookie);
}
if (user.LiveMessengerDelegationToken.Length > 0)
{
WindowsLiveMessenger m = new WindowsLiveMessenger(windowsLive);
ConsentToken token = m.DecodeToken(user.LiveMessengerDelegationToken);
token = m.RefreshConsent(token);
if (token != null)
{
CookieHelper.SetCookie(consentTokenCookie, token.Token);
CookieHelper.SetCookie(delegationTokenCookie, token.DelegationToken);
}
}
if (WebConfigSettings.UseFoldersInsteadOfHostnamesForMultipleSites)
{
string cookieName = "siteguid" + siteSettings.SiteGuid;
CookieHelper.SetCookie(cookieName, user.UserGuid.ToString(), persistCookie);
}
if (user.UserId > -1 && siteSettings.AllowUserSkins && user.Skin.Length > 0)
{
SiteUtils.SetSkinCookie(user);
}
user.UpdateLastLoginTime();
// track user ip address
UserLocation userLocation = new UserLocation(user.UserGuid, SiteUtils.GetIP4Address());
userLocation.SiteGuid = siteSettings.SiteGuid;
userLocation.Hostname = Page.Request.UserHostName;
userLocation.Save();
string redirectUrl = GetRedirectPath();
CookieHelper.ExpireCookie(returnUrlCookieName);
UserSignInEventArgs u = new UserSignInEventArgs(user);
OnUserSignIn(u);
//WebUtils.SetupRedirect(this, redirectUrl);
Response.Redirect(redirectUrl);
return;
}
else
{
// redirect to login
// need to make login page show
// reason for failure
//WebUtils.SetupRedirect(this, LoginPage);
Response.Redirect(LoginPage);
}
}
