public ActionResult SetEmail(CheckoutAccountPostModel model)
{
var customer = HttpContext.GetCustomer();
// Don't set the email if they are logged in.
if (customer.IsRegistered)
{
return(RedirectToAction(ActionNames.Index, ControllerNames.Checkout));
}
var result = ValidateEmail(model.Email);
if (result.State == ResultState.Error)
{
ModelState.AddModelError("Email", AppLogic.GetString("account.emailaddress.invalid"));
}
SaveEmail(model.Email, customer);
return(RedirectToAction(ActionNames.Index, ControllerNames.Checkout));
}
public ActionResult CreateAccount(CheckoutAccountPostModel model)
{
var customer = HttpContext.GetCustomer();
// Don't create an account if they are logged in.
if (customer.IsRegistered)
{
return(RedirectToAction(ActionNames.Index, ControllerNames.Checkout));
}
var showCaptchaOnCreateAccount = AppLogic.AppConfigBool("SecurityCodeRequiredOnCreateAccount");
if (showCaptchaOnCreateAccount)
{
var securityCode = CaptchaStorageService.RetrieveSecurityCode(HttpContext, string.Concat(ControllerNames.Account, ActionNames.Create));
if (!AccountControllerHelper.IsCaptchaValid(securityCode, model.Captcha))
{
CaptchaStorageService.ClearSecurityCode(HttpContext);
ModelState.AddModelError(
key: "Captcha",
errorMessage: "The letters you entered did not match, please try again.");
return(RedirectToAction(ActionNames.Index, ControllerNames.Checkout));
}
}
// Validate the email
var emailResult = ValidateEmail(model.Email);
if (emailResult.State == ResultState.Error)
{
ModelState.AddModelError("Email", emailResult.Message);
return(RedirectToAction(ActionNames.Index, ControllerNames.Checkout));
}
if (!Customer.NewEmailPassesDuplicationRules(model.Email, customer.CustomerID))
{
ModelState.AddModelError(
key: "Email",
errorMessage: "That EMail Address is Already Used By Another Customer");
return(RedirectToAction(ActionNames.Index, ControllerNames.Checkout));
}
// Validate the password
if (string.IsNullOrEmpty(model.Password))
{
ModelState.AddModelError("Password", "Please enter a password");
return(RedirectToAction(ActionNames.Index, ControllerNames.Checkout));
}
switch (AccountControllerHelper.ValidateAccountPassword(customer, model.Password, model.Password)) //Intentionally passing in matching passwords
{
case AccountControllerHelper.PasswordValidationResult.NotStrong:
ModelState.AddModelError("Password", "The new password you created is not a strong password. Please make sure that your password is at least 8 characters long and includes at least one upper case character, one lower case character, one number, and one \"symbol\" character (e.g. ?,&,#,$,%,etc).");
return(RedirectToAction(ActionNames.Index, ControllerNames.Checkout));
case AccountControllerHelper.PasswordValidationResult.DoesNotMeetMinimum:
ModelState.AddModelError("Password", "The new password you created does not meet the minimum requirements. Please make sure that your password is at least 7 characters long and includes at least one letter and at least one number.");
return(RedirectToAction(ActionNames.Index, ControllerNames.Checkout));
case AccountControllerHelper.PasswordValidationResult.Ok:
break;
default:
ModelState.AddModelError("Password", "There was a problem signing in. Please try again or contact customer service.");
return(RedirectToAction(ActionNames.Index, ControllerNames.Checkout));
}
// Create the account
var password = new Password(model.Password);
customer.UpdateCustomer(
isRegistered: true,
email: model.Email.ToLowerInvariant().Trim(),
saltedAndHashedPassword: password.SaltedPassword,
saltKey: password.Salt,
storeCreditCardInDb: false
);
// Login
var result = AccountControllerHelper.Login(
signedInCustomer: customer,
profile: HttpContext.Profile,
username: model.Email,
password: model.Password,
skinId: customer.SkinID);
switch (result.State)
{
case AccountControllerHelper.ResultState.Error:
NoticeProvider.PushNotice(result.Message, NoticeType.Failure);
return(RedirectToAction(ActionNames.Index, ControllerNames.Checkout));
case AccountControllerHelper.ResultState.PasswordChangeRequired:
NoticeProvider.PushNotice(result.Message, NoticeType.Info);
return(RedirectToAction(
actionName: ActionNames.ChangePassword,
controllerName: ControllerNames.Account,
routeValues: new
{
email = model.Email,
returnUrl = Url.Action(ActionNames.Index, ControllerNames.Checkout),
}));
case AccountControllerHelper.ResultState.Success:
break;
default:
ModelState.AddModelError("Password", "There was a problem signing in. Please try again or contact customer service.");
return(RedirectToAction(ActionNames.Index, ControllerNames.Checkout));
}
var targetCustomer = new Customer(model.Email);
var identity = ClaimsIdentityProvider.CreateClaimsIdentity(targetCustomer);
Request
.GetOwinContext()
.Authentication
.SignIn(
properties: new Microsoft.Owin.Security.AuthenticationProperties
{
IsPersistent = false
},
identities: identity);
if (!string.IsNullOrEmpty(result.Message))
{
NoticeProvider.PushNotice(result.Message, NoticeType.Info);
}
// nal
//if(AppLogic.AppConfigBool("SendWelcomeEmail"))
SendWelcomeEmailProvider.SendWelcomeEmail(targetCustomer);
// Clear the captcha so additional requests use a different security code.
CaptchaStorageService.ClearSecurityCode(HttpContext);
return(RedirectToAction(ActionNames.Index, ControllerNames.Checkout));
}
public ActionResult SignIn(CheckoutAccountPostModel model)
{
var signedInCustomer = HttpContext.GetCustomer();
// Don't let them sign in if they are logged in.
if (signedInCustomer.IsRegistered)
{
return(RedirectToAction(ActionNames.Index, ControllerNames.Checkout));
}
if (string.IsNullOrWhiteSpace(model.Password))
{
ModelState.AddModelError("Password", "Password is required to login");
return(RedirectToAction(ActionNames.Index, ControllerNames.Checkout));
}
var showCaptchaOnLogin = AppLogic.AppConfigBool("SecurityCodeRequiredOnCheckout");
if (showCaptchaOnLogin)
{
var securityCode = CaptchaStorageService.RetrieveSecurityCode(HttpContext, string.Concat(ControllerNames.Account, ActionNames.SignIn));
if (!AccountControllerHelper.IsCaptchaValid(securityCode, model.Captcha))
{
CaptchaStorageService.ClearSecurityCode(HttpContext);
ModelState.AddModelError(
key: "Captcha",
errorMessage: "The letters you entered did not match, please try again.");
return(RedirectToAction(ActionNames.Index, ControllerNames.Checkout));
}
}
// Validate the email
var emailResult = ValidateEmail(model.Email);
if (emailResult.State == ResultState.Error)
{
ModelState.AddModelError("Email", emailResult.Message);
return(RedirectToAction(ActionNames.Index, ControllerNames.Checkout));
}
// Login
var result = AccountControllerHelper.Login(
signedInCustomer: signedInCustomer,
profile: HttpContext.Profile,
username: model.Email,
password: model.Password,
skinId: signedInCustomer.SkinID);
if (result.State == AccountControllerHelper.ResultState.Error)
{
ModelState.AddModelError("Password", result.Message);
return(RedirectToAction(ActionNames.Index, ControllerNames.Checkout));
}
else if (result.State == AccountControllerHelper.ResultState.PasswordChangeRequired)
{
NoticeProvider.PushNotice(result.Message, NoticeType.Info);
return(RedirectToAction(
actionName: ActionNames.ChangePassword,
controllerName: ControllerNames.Account,
routeValues: new
{
email = model.Email,
returnUrl = Url.Action(ActionNames.Index, ControllerNames.Checkout),
}));
}
var targetCustomer = new Customer(model.Email);
var identity = ClaimsIdentityProvider.CreateClaimsIdentity(targetCustomer);
Request
.GetOwinContext()
.Authentication
.SignIn(
properties: new Microsoft.Owin.Security.AuthenticationProperties
{
IsPersistent = false
},
identities: identity);
if (!string.IsNullOrEmpty(result.Message))
{
NoticeProvider.PushNotice(result.Message, NoticeType.Info);
}
// Clear the captcha so additional requests use a different security code.
CaptchaStorageService.ClearSecurityCode(HttpContext);
return(RedirectToAction(ActionNames.Index, ControllerNames.Checkout));
}
public ActionResult CreateAccount(CheckoutAccountPostModel model)
{
var customer = HttpContext.GetCustomer();
// Don't create an account if they are logged in.
if (customer.IsRegistered)
{
return(RedirectToAction(ActionNames.Index, ControllerNames.Checkout));
}
if (CaptchaSettings.CaptchaIsConfigured() &&
CaptchaSettings.RequireCaptchaOnCheckout)
{
var captchaResult = CaptchaVerificationProvider.ValidateCaptchaResponse(Request.Form[CaptchaVerificationProvider.RecaptchaFormKey], customer.LastIPAddress);
if (!captchaResult.Success)
{
NoticeProvider.PushNotice(captchaResult.Error.Message, NoticeType.Failure);
return(RedirectToAction(ActionNames.Index, ControllerNames.Checkout));
}
}
// Validate the email
var emailResult = ValidateEmail(model.Email);
if (emailResult.State == ResultState.Error)
{
ModelState.AddModelError("Email", emailResult.Message);
return(RedirectToAction(ActionNames.Index, ControllerNames.Checkout));
}
if (!Customer.NewEmailPassesDuplicationRules(model.Email, customer.CustomerID))
{
ModelState.AddModelError(
key: "Email",
errorMessage: AppLogic.GetString("createaccount_process.aspx.1"));
return(RedirectToAction(ActionNames.Index, ControllerNames.Checkout));
}
// Validate the password
if (string.IsNullOrEmpty(model.Password))
{
ModelState.AddModelError("Password", AppLogic.GetString("checkout.enterpassword"));
return(RedirectToAction(ActionNames.Index, ControllerNames.Checkout));
}
switch (AccountControllerHelper.ValidateAccountPassword(customer, model.Password, model.Password)) //Intentionally passing in matching passwords
{
case AccountControllerHelper.PasswordValidationResult.NotStrong:
ModelState.AddModelError("Password", AppLogic.GetString("account.aspx.69"));
return(RedirectToAction(ActionNames.Index, ControllerNames.Checkout));
case AccountControllerHelper.PasswordValidationResult.DoesNotMeetMinimum:
ModelState.AddModelError("Password", AppLogic.GetString("signin.newpassword.normalRegexFailure"));
return(RedirectToAction(ActionNames.Index, ControllerNames.Checkout));
case AccountControllerHelper.PasswordValidationResult.Ok:
break;
default:
ModelState.AddModelError("Password", AppLogic.GetString("signin.newpassword.unknownError"));
return(RedirectToAction(ActionNames.Index, ControllerNames.Checkout));
}
// Create the account
var password = new Password(model.Password);
customer.UpdateCustomer(
isRegistered: true,
email: model.Email.ToLowerInvariant().Trim(),
saltedAndHashedPassword: password.SaltedPassword,
saltKey: password.Salt,
storeCreditCardInDb: false
);
// Login
var result = AccountControllerHelper.Login(
signedInCustomer: customer,
profile: HttpContext.Profile,
username: model.Email,
password: model.Password,
skinId: customer.SkinID);
switch (result.State)
{
case AccountControllerHelper.ResultState.Error:
NoticeProvider.PushNotice(result.Message, NoticeType.Failure);
return(RedirectToAction(ActionNames.Index, ControllerNames.Checkout));
case AccountControllerHelper.ResultState.PasswordChangeRequired:
NoticeProvider.PushNotice(result.Message, NoticeType.Info);
return(RedirectToAction(
actionName: ActionNames.ChangePassword,
controllerName: ControllerNames.Account,
routeValues: new
{
email = model.Email,
returnUrl = Url.Action(ActionNames.Index, ControllerNames.Checkout),
}));
case AccountControllerHelper.ResultState.Success:
break;
default:
ModelState.AddModelError("Password", AppLogic.GetString("signin.newpassword.unknownError"));
return(RedirectToAction(ActionNames.Index, ControllerNames.Checkout));
}
var targetCustomer = new Customer(model.Email);
var identity = ClaimsIdentityProvider.Create(targetCustomer);
Request
.GetOwinContext()
.Authentication
.SignIn(
properties: new Microsoft.Owin.Security.AuthenticationProperties
{
IsPersistent = false
},
identities: identity);
if (!string.IsNullOrEmpty(result.Message))
{
NoticeProvider.PushNotice(result.Message, NoticeType.Info);
}
if (AppConfigProvider.GetAppConfigValue <bool>("SendWelcomeEmail"))
{
SendWelcomeEmailProvider.SendWelcomeEmail(targetCustomer);
}
return(RedirectToAction(ActionNames.Index, ControllerNames.Checkout));
}
public ActionResult SignIn(CheckoutAccountPostModel model)
{
var signedInCustomer = HttpContext.GetCustomer();
// Don't let them sign in if they are logged in.
if (signedInCustomer.IsRegistered)
{
return(RedirectToAction(ActionNames.Index, ControllerNames.Checkout));
}
if (string.IsNullOrWhiteSpace(model.Password))
{
ModelState.AddModelError("Password", AppLogic.GetString("checkout.passwordrequired"));
return(RedirectToAction(ActionNames.Index, ControllerNames.Checkout));
}
if (CaptchaSettings.CaptchaIsConfigured() &&
CaptchaSettings.RequireCaptchaOnCheckout)
{
var captchaResult = CaptchaVerificationProvider.ValidateCaptchaResponse(Request.Form[CaptchaVerificationProvider.RecaptchaFormKey], signedInCustomer.LastIPAddress);
if (!captchaResult.Success)
{
NoticeProvider.PushNotice(captchaResult.Error.Message, NoticeType.Failure);
return(RedirectToAction(ActionNames.Index, ControllerNames.Checkout));
}
}
// Validate the email
var emailResult = ValidateEmail(model.Email);
if (emailResult.State == ResultState.Error)
{
ModelState.AddModelError("Email", emailResult.Message);
return(RedirectToAction(ActionNames.Index, ControllerNames.Checkout));
}
// Login
var result = AccountControllerHelper.Login(
signedInCustomer: signedInCustomer,
profile: HttpContext.Profile,
username: model.Email,
password: model.Password,
skinId: signedInCustomer.SkinID);
if (result.State == AccountControllerHelper.ResultState.Error)
{
ModelState.AddModelError("Password", result.Message);
return(RedirectToAction(ActionNames.Index, ControllerNames.Checkout));
}
else if (result.State == AccountControllerHelper.ResultState.PasswordChangeRequired)
{
NoticeProvider.PushNotice(result.Message, NoticeType.Info);
return(RedirectToAction(
actionName: ActionNames.ChangePassword,
controllerName: ControllerNames.Account,
routeValues: new
{
email = model.Email,
returnUrl = Url.Action(ActionNames.Index, ControllerNames.Checkout),
}));
}
var targetCustomer = new Customer(model.Email);
var identity = ClaimsIdentityProvider.Create(targetCustomer);
Request
.GetOwinContext()
.Authentication
.SignIn(
properties: new Microsoft.Owin.Security.AuthenticationProperties
{
IsPersistent = false
},
identities: identity);
if (!string.IsNullOrEmpty(result.Message))
{
NoticeProvider.PushNotice(result.Message, NoticeType.Info);
}
// Consolidate any shopping cart items
CartActionProvider.ConsolidateCartItems(targetCustomer, CartTypeEnum.ShoppingCart);
CartActionProvider.ConsolidateCartItems(targetCustomer, CartTypeEnum.WishCart);
return(RedirectToAction(ActionNames.Index, ControllerNames.Checkout));
}
