public virtual async Task <UserLoginResult> TryRegister(
RegisterViewModel model,
ModelStateDictionary modelState,
HttpContext httpContext,
IHandleCustomRegistration customRegistration
)
{
var template = new LoginResultTemplate();
IUserContext userContext = null;
var userName = !string.IsNullOrWhiteSpace(model.Username) ? model.Username : await UserManager.SuggestLoginNameFromEmail(UserManager.Site.Id, model.Email);
var userNameAvailable = await UserManager.LoginIsAvailable(Guid.Empty, userName);
if (!userNameAvailable)
{
userName = await UserManager.SuggestLoginNameFromEmail(UserManager.Site.Id, model.Email);
}
var user = new SiteUser
{
SiteId = UserManager.Site.Id,
UserName = userName,
Email = model.Email,
FirstName = model.FirstName,
LastName = model.LastName,
DisplayName = model.DisplayName,
LastLoginUtc = DateTime.UtcNow,
BrowserKey = Guid.NewGuid().ToString(),
AccountApproved = UserManager.Site.RequireApprovalBeforeLogin ? false : true
};
await customRegistration.ProcessUserBeforeCreate(user, httpContext);
if (model.DateOfBirth.HasValue)
{
user.DateOfBirth = model.DateOfBirth.Value;
}
if (!string.IsNullOrWhiteSpace(UserManager.Site.RegistrationAgreement))
{
if (model.AgreeToTerms)
{
user.AgreementAcceptedUtc = DateTime.UtcNow;
}
}
var result = await UserManager.CreateAsync(user, model.Password);
if (result.Succeeded)
{
template.User = user;
template.IsNewUserRegistration = true;
await LoginRulesProcessor.ProcessAccountLoginRules(template);
}
else
{
foreach (var error in result.Errors)
{
if (!string.IsNullOrWhiteSpace(error.Description) && error.Description.IndexOf("Email") > -1 && error.Description.IndexOf("is already taken") > -1)
{
//asp identity is returning an error message like "Email someaddress@somedomain is alreaady taken"
// this is account disclosure and we don't want that so return a more generic error message
//modelState.AddModelError(string.Empty, "Provided email address not accepted, please try again with a different email address.");
// even the above message would give a clue so don't add anything, the user still sees message "Invalid registration attempt."
}
else
{
modelState.AddModelError(string.Empty, error.Description);
}
}
}
if (template.RejectReasons.Count == 0 &&
user != null &&
template.SignInResult == SignInResult.Failed && // failed is initial state, could have been changed to lockedout
result.Errors.Count <IdentityError>() == 0
)
{
await SignInManager.SignInAsync(user, isPersistent : false);
template.SignInResult = SignInResult.Success;
}
if (template.User != null)
{
userContext = new UserContext(template.User);
}
return(new UserLoginResult(
template.SignInResult,
template.RejectReasons,
userContext,
template.IsNewUserRegistration,
template.MustAcceptTerms,
template.NeedsAccountApproval,
template.NeedsEmailConfirmation,
template.EmailConfirmationToken,
template.NeedsPhoneConfirmation
));
}
public async Task <UserLoginResult> TryRegister(
RegisterViewModel model,
ModelStateDictionary modelState,
HttpContext httpContext,
IHandleCustomRegistration customRegistration
)
{
var template = new LoginResultTemplate();
IUserContext userContext = null;
var userName = model.Username.Length > 0 ? model.Username : await userManager.SuggestLoginNameFromEmail(userManager.Site.Id, model.Email);
var userNameAvailable = await userManager.LoginIsAvailable(Guid.Empty, userName);
if (!userNameAvailable)
{
userName = await userManager.SuggestLoginNameFromEmail(userManager.Site.Id, model.Email);
}
var user = new SiteUser
{
SiteId = userManager.Site.Id,
UserName = userName,
Email = model.Email,
FirstName = model.FirstName,
LastName = model.LastName,
DisplayName = model.DisplayName,
AccountApproved = userManager.Site.RequireApprovalBeforeLogin ? false : true
};
await customRegistration.ProcessUserBeforeCreate(user, httpContext);
if (model.DateOfBirth.HasValue)
{
user.DateOfBirth = model.DateOfBirth.Value;
}
if (userManager.Site.RegistrationAgreement.Length > 0)
{
if (model.AgreeToTerms)
{
user.AgreementAcceptedUtc = DateTime.UtcNow;
}
}
var result = await userManager.CreateAsync(user, model.Password);
if (result.Succeeded)
{
template.User = user;
await loginRulesProcessor.ProcessAccountLoginRules(template);
}
else
{
foreach (var error in result.Errors)
{
modelState.AddModelError(string.Empty, error.Description);
}
}
if (template.RejectReasons.Count == 0 &&
user != null &&
template.SignInResult == SignInResult.Failed && // failed is initial state, could have been changed to lockedout
result.Errors.Count <IdentityError>() == 0
)
{
await signInManager.SignInAsync(user, isPersistent : false);
template.SignInResult = SignInResult.Success;
}
if (template.User != null)
{
userContext = new UserContext(template.User);
}
return(new UserLoginResult(
template.SignInResult,
template.RejectReasons,
userContext,
template.MustAcceptTerms,
template.NeedsAccountApproval,
template.NeedsEmailConfirmation,
template.EmailConfirmationToken,
template.NeedsPhoneConfirmation
));
}