public async Task <ActionResult> Login(string name, string pswd, string v, bool closeOnLogin = false, bool __f = false)
{
// add popup support for possible 2fa
await YetaWFCoreRendering.Render.AddPopupsAddOnsAsync();
LoginConfigData config = await LoginConfigDataProvider.GetConfigAsync();
bool isPersistent = config.PersistentLogin;
LoginModel model = new LoginModel {
AllowNewUser = config.AllowUserRegistration,
RegistrationType = config.RegistrationType,
UserName = name,
Email = name,
Password = pswd,
VerificationCode = v,
Captcha = new RecaptchaV2Data(),
RememberMe = isPersistent,
CloseOnLogin = closeOnLogin,
ShowVerification = !string.IsNullOrWhiteSpace(v),
ShowCaptcha = config.Captcha && string.IsNullOrWhiteSpace(v) && !Manager.IsLocalHost,
};
if (Manager.HaveReturnToUrl)
{
model.ReturnUrl = Manager.ReturnToUrl;
}
using (LoginConfigDataProvider logConfigDP = new LoginConfigDataProvider()) {
List <LoginConfigDataProvider.LoginProviderDescription> loginProviders = await logConfigDP.GetActiveExternalLoginProvidersAsync();
if (loginProviders.Count > 0 && Manager.IsInPopup)
{
throw new InternalError("When using external login providers, the Login module cannot be used in a popup window");
}
foreach (LoginConfigDataProvider.LoginProviderDescription provider in loginProviders)
{
model.ExternalProviders.Add(new FormButton()
{
ButtonType = ButtonTypeEnum.Submit,
Name = "provider",
Text = provider.InternalName,
Title = this.__ResStr("logAccountTitle", "Log in using your {0} account", provider.DisplayName),
CssClass = "t_" + provider.InternalName.ToLower(),
});
YetaWF.Core.Packages.Package package = AreaRegistration.CurrentPackage;
string url = VersionManager.GetAddOnPackageUrl(package.AreaName);
model.Images.Add(Manager.GetCDNUrl(string.Format("{0}Icons/LoginProviders/{1}.png", url, provider.InternalName)));
}
}
if (__f)
{
Manager.CurrentResponse.StatusCode = 401;
}
await model.UpdateAsync();
return(View(model));
}
public async Task <IActionResult> ExternalLoginCallback(string returnUrl = null, string remoteError = null)
{
if (remoteError != null)
{
throw new Error(this.__ResStr("extErr", "The external login provider reported this error: {0}", remoteError));
}
SignInManager <UserDefinition> _signinManager = (SignInManager <UserDefinition>)YetaWFManager.ServiceProvider.GetService(typeof(SignInManager <UserDefinition>));
ExternalLoginInfo loginInfo = await _signinManager.GetExternalLoginInfoAsync();
if (loginInfo == null)
{
Logging.AddErrorLog("AuthenticationManager.GetExternalLoginInfoAsync() returned null");
return(Redirect(Helper.GetSafeReturnUrl(Manager.CurrentSite.LoginUrl)));
}
using (LoginConfigDataProvider logConfigDP = new LoginConfigDataProvider()) {
List <LoginConfigDataProvider.LoginProviderDescription> loginProviders = await logConfigDP.GetActiveExternalLoginProvidersAsync();
if ((from l in loginProviders where l.InternalName == loginInfo.LoginProvider select l).FirstOrDefault() == null)
{
Logging.AddErrorLog("Callback from external login provider {0} which is not active", loginInfo.LoginProvider);
return(Redirect(Helper.GetSafeReturnUrl(Manager.CurrentSite.LoginUrl)));
}
}
// get our registration defaults
LoginConfigData config = await LoginConfigDataProvider.GetConfigAsync();
// Sign in the user with this external login provider if the user already has a login
UserDefinition user = await Managers.GetUserManager().FindByLoginAsync(loginInfo.LoginProvider, loginInfo.ProviderKey);
if (user == null)
{
// If the user does not have an account, then prompt the user to create an account
// we will go to a page where the user can set up a local account
Manager.OriginList = new List <Origin>();
if (!string.IsNullOrWhiteSpace(returnUrl))
{
Manager.OriginList.Add(new Origin()
{
Url = returnUrl
}); // where to go after setup
}
Manager.OriginList.Add(new Origin()
{
Url = Helper.GetSafeReturnUrl(Manager.CurrentSite.ExternalAccountSetupUrl)
}); // setup
return(Redirect(Manager.ReturnToUrl));
}
if (string.IsNullOrWhiteSpace(returnUrl) && Manager.HaveReturnToUrl)
{
returnUrl = Manager.ReturnToUrl;
}
if (string.IsNullOrWhiteSpace(returnUrl))
{
returnUrl = await Resource.ResourceAccess.GetUserPostLoginUrlAsync((from u in user.RolesList select u.RoleId).ToList());
}
if (string.IsNullOrWhiteSpace(returnUrl))
{
returnUrl = Manager.CurrentSite.PostLoginUrl;
}
returnUrl = Helper.GetSafeReturnUrl(returnUrl);
// determine what to do based on account status
if (user.UserStatus == UserStatusEnum.Approved)
{
await LoginModuleController.UserLoginAsync(user);
Logging.AddLog("User {0} - logged on", user.UserName);
returnUrl = QueryHelper.AddRando(returnUrl); // to defeat client-side caching
return(Redirect(returnUrl));
}
else if (user.UserStatus == UserStatusEnum.Rejected)
{
await LoginModuleController.UserLogoffAsync();
Logging.AddErrorLog("User {0} - rejected user", user.UserName);
if (string.IsNullOrWhiteSpace(config.RejectedUrl))
{
return(Redirect(MessageUrl("Your account has been rejected by the site administrator.")));
}
return(Redirect(Helper.GetSafeReturnUrl(config.RejectedUrl)));
}
else if (user.UserStatus == UserStatusEnum.Suspended)
{
await LoginModuleController.UserLogoffAsync();
Logging.AddErrorLog("User {0} - suspended user", user.UserName);
if (string.IsNullOrWhiteSpace(config.SuspendedUrl))
{
return(Redirect(MessageUrl("Your account has been suspended by the site administrator.")));
}
return(Redirect(Helper.GetSafeReturnUrl(config.SuspendedUrl)));
}
else if (user.UserStatus == UserStatusEnum.NeedValidation)
{
await LoginModuleController.UserLogoffAsync();
Logging.AddErrorLog("User {0} - not yet validated", user.UserName);
if (string.IsNullOrWhiteSpace(config.VerificationPendingUrl))
{
return(Redirect(MessageUrl(this.__ResStr("notValidated", "Your account has not yet been verified. You will receive an email with verification information. Once received, please use the information in the email to complete the registration."))));
}
return(Redirect(Helper.GetSafeReturnUrl(config.VerificationPendingUrl)));
}
else if (user.UserStatus == UserStatusEnum.NeedApproval)
{
await LoginModuleController.UserLogoffAsync();
Logging.AddErrorLog("User {0} - not yet approved", user.UserName);
if (string.IsNullOrWhiteSpace(config.ApprovalPendingUrl))
{
return(Redirect(MessageUrl(this.__ResStr("notApproved", "Your account has not yet been approved by the site administrator. You will receive an email confirmation as soon as your account is active."))));
}
return(Redirect(Helper.GetSafeReturnUrl(config.ApprovalPendingUrl)));
}
else
{
await LoginModuleController.UserLogoffAsync();
throw new InternalError("badUserStatus", "Unexpected account status {0}", user.UserStatus);
}
}
public async Task <ActionResult> Register(bool closeOnLogin = false)
{
LoginConfigData config = await LoginConfigDataProvider.GetConfigAsync();
if (!config.AllowUserRegistration)
{
throw new Error(this.__ResStr("cantRegister", "This site does not allow new user registration"));
}
using (LoginConfigDataProvider logConfigDP = new LoginConfigDataProvider()) {
RegisterModel model = new RegisterModel {
RegistrationType = config.RegistrationType,
ShowCaptcha = config.Captcha && !Manager.IsLocalHost,
Captcha = new RecaptchaV2Data(),
CloseOnLogin = closeOnLogin,
QueryString = Manager.RequestQueryString.ToQueryString(),
PasswordRules = Module.ShowPasswordRules ? logConfigDP.PasswordRules : null,
};
List <LoginConfigDataProvider.LoginProviderDescription> loginProviders = await logConfigDP.GetActiveExternalLoginProvidersAsync();
if (loginProviders.Count > 0 && Manager.IsInPopup)
{
throw new InternalError("When using external login providers, the Register module cannot be used in a popup window");
}
foreach (LoginConfigDataProvider.LoginProviderDescription provider in loginProviders)
{
model.ExternalProviders.Add(new FormButton()
{
ButtonType = ButtonTypeEnum.Submit,
Name = "provider",
Text = provider.InternalName,
Title = this.__ResStr("logAccountTitle", "Log in using your {0} account", provider.DisplayName),
CssClass = "t_" + provider.InternalName.ToLower(),
});
YetaWF.Core.Packages.Package package = AreaRegistration.CurrentPackage;
string url = VersionManager.GetAddOnPackageUrl(package.AreaName);
model.Images.Add(Manager.GetCDNUrl(string.Format("{0}Icons/LoginProviders/{1}.png", url, provider.InternalName)));
}
if (Manager.HaveReturnToUrl)
{
model.ReturnUrl = Manager.ReturnToUrl;
}
await model.UpdateAsync();
return(View(model));
}
}