//Todo: Verify errors are acceptable to display to user //Todo: Validate or improve error messages public async Task<ActionResult> Login(LoginViewModel model) { if (!ModelState.IsValid) { return View(model); } var appUserService = new ApplicationUserDataService(); var userResult = await appUserService.GetByUserNameAsync(model.UserName); if (!userResult.IsSuccessful) { ModelState.AddModelError("", "An error occurred with the login username/password"); return View(model); } var user = userResult.Data; Session[SessionIdKey] = Session.SessionID; var sessionId = Session[SessionIdKey].ToString(); var loginInfoService = new LoginInfoDataService(); var checkIfLoggedInElsewhereResult = loginInfoService.IsUserLoggedInElsewhere(user.Id, sessionId); if (!checkIfLoggedInElsewhereResult.IsSuccessful) { ModelState.AddModelError("LoggedInElsewhere","An error occurred while verifying that the user is not logged in elsewhere."); return View(ModelState); } var userIsLoggedInElsewhere = checkIfLoggedInElsewhereResult.Data; if (userIsLoggedInElsewhere) { var logoutUserElsewhereResult = loginInfoService.LogOutUserElsewhere(user.Id); if (!logoutUserElsewhereResult.IsSuccessful) { ModelState.AddModelError("", "An error occurred logged out of your previous session"); return View(model); } } var result = await SignInManager.PasswordSignInAsync(model.UserName, model.Password, model.RememberMe, shouldLockout: false); switch (result) { case SignInStatus.Success: return RedirectToAction("Index", "AngularAccess"); case SignInStatus.Failure: default:ModelState.AddModelError("", "Invalid login attempt."); return View(model); } }
public async Task<IHttpActionResult> GetLoggedInUser() { var processingResult = new ServiceProcessingResult<LoggedInUserViewBindingModel>{ IsSuccessful = true }; var loggedInUserId = LoggedInUserId; var appUserService = new ApplicationUserDataService(); var loggedInUser = await appUserService.GetAsync(loggedInUserId); if (!loggedInUser.IsSuccessful) { processingResult.IsSuccessful = false; processingResult.Error = ErrorValues.GET_LOGGED_IN_USER_INFO_ERROR; return Ok(processingResult); } var user = loggedInUser.Data; processingResult.Data = user.ToLoggedInUserViewBindingModel(); return Ok(processingResult); }
public async Task<IHttpActionResult> ResetUsersPassword(string userId) { var processingResult = new ServiceProcessingResult(); var appUserService = new ApplicationUserDataService(); var userManager = HttpContext.Current.GetOwinContext().GetUserManager<ApplicationUserManager>(); var baseUrl = Request.RequestUri.Authority; var code = await userManager.GeneratePasswordResetTokenAsync(userId); var helper = new System.Web.Mvc.UrlHelper(HttpContext.Current.Request.RequestContext); var callbackPath = helper.Action("ResetPassword", "Authentication", new { userId = userId, code = code }); var callbackUrl = baseUrl + callbackPath; try { await userManager.SendEmailAsync(userId, "Reset Password", "Please reset your password by clicking <a href=\"" + callbackUrl + "\">here</a>"); processingResult.IsSuccessful = true; } catch (Exception ex) { processingResult.IsSuccessful = false; processingResult.Error = new ProcessingError("Email failed to send.", ex.Message, false); } return Ok(processingResult); }
public async Task<IHttpActionResult> SetCompanyId(string userid, string newclientId) { var processingResult = new ServiceProcessingResult(); if (LoggedInUser.Role.IsSuperAdmin()) //make sure user is SA { //Set the new companyid in the database. var dataService = new ApplicationUserDataService(); processingResult = await dataService.UpdateClientId(newclientId, userid); if (processingResult.IsFatalFailure()) { Logger.Fatal("A fatal error occurred while setting CompanyId"); processingResult.IsSuccessful = false; } else { var getLoggedInUserResult = await dataService.GetAsync(LoggedInUserId); if (!getLoggedInUserResult.IsSuccessful) { processingResult.IsSuccessful = false; processingResult.Error = ErrorValues.GENERIC_COULD_NOT_FIND_USER_ERROR; return Ok(processingResult); } var user = getLoggedInUserResult.Data; LoggedInUser.ClientID = newclientId; var authenticationManager = HttpContext.Current.GetOwinContext().Authentication; //Sign Off and back in to refresh cookie. try { await AuthAndUserManager.RefreshAuthenticationCookie(user); processingResult.IsSuccessful = true; } catch (Exception e) { Logger.Fatal("A fatal error occurred while setting CompanyId"); processingResult.IsSuccessful = false; } } } return Ok(processingResult); }
public async Task AddPasswordAndLogin(SetPasswordForUserIdModel model) { await _userManager.AddPasswordAsync(model.UserId, model.Password); if (!_userManager.IsInRole(model.UserId, "Administrator")) { await AddUserToRoleAsync(model.UserId, "Administrator"); } var userService = new ApplicationUserDataService(); var user = userService.Get(model.UserId).Data; await _signInManager.SignInAsync(user, false, false); }
public async Task<ActionResult> ForgotPassword(ForgotPasswordViewModel model) { if (ModelState.IsValid) { var user = await UserManager.FindByEmailAsync(model.Email); if (user == null) { ModelState.AddModelError("", "The user either does not exist or is not confirmed."); return View(); } if (user.Role == null) { var appUserService = new ApplicationUserDataService(); var getUserResult = await appUserService.GetAsync(user.Id); if (!getUserResult.IsSuccessful) { ModelState.AddModelError("", "An error occurred while trying to verify you have permissions to perform this action. Please try again."); return View(); } user.Role = getUserResult.Data.Role; } if (!user.Role.IsAdmin()) { ModelState.AddModelError("", "Your account cannot perform this action. If you need your password reset, please contact your Manager or and Administrator."); return View(); } // For more information on how to enable account confirmation and password reset please visit http://go.microsoft.com/fwlink/?LinkID=320771 // Send an email with this link string code = await UserManager.GeneratePasswordResetTokenAsync(user.Id); var callbackUrl = Url.Action("ResetPassword", "Authentication", new { userId = user.Id, code = code }, protocol: Request.Url.Scheme); await UserManager.SendEmailAsync(user.Id, "Reset Password", "Please reset your password by clicking <a href=\"" + callbackUrl + "\">here</a>"); return RedirectToAction("ForgotPasswordConfirmation", "Authentication"); } // If we got this far, something failed, redisplay form return View(model); }
public IHttpActionResult GetUser(string userId) { var userService = new ApplicationUserDataService(); var userResult = userService.Get(userId); return Ok(userResult); }