private RedirectResponse generateRedirect(string redirectUrl)
{
if (redirectUrl != null && this.userSession.isLoggedIn())
{
var location = this.urlGenerator.getAbsoluteURL(HttpUtility.UrlDecode(redirectUrl));
// Deny the redirect if the URL contains a @
// This prevents unvalidated redirects like ?redirect_url=:[email protected]
if (location.IndexOf("@", StringComparison.Ordinal) == -1)
{
return(new RedirectResponse(location));
}
}
return(new RedirectResponse(OC_Util.getDefaultPageUrl()));
}
/**
* @PublicPage
* @NoCSRFRequired
* @UseSession
*
* @param string user
* @param string redirect_url
*
* @return TemplateResponse|RedirectResponse
*/
public Response showLoginForm(string user = null, string redirect_url = null)
{
if (this.userSession.isLoggedIn())
{
return(new RedirectResponse(OC_Util.getDefaultPageUrl()));
}
var loginMessages = this.session.get("loginMessages");
if (loginMessages is IList)
{
var errors = ((IList)loginMessages)[0];
var messages = ((IList)loginMessages)[1];
this.initialStateService.provideInitialState("core", "loginMessages", messages);
this.initialStateService.provideInitialState("core", "loginErrors", errors);
}
this.session.remove("loginMessages");
if (!string.IsNullOrEmpty(user))
{
this.initialStateService.provideInitialState("core", "loginUsername", user);
}
else
{
this.initialStateService.provideInitialState("core", "loginUsername", "");
}
this.initialStateService.provideInitialState(
"core",
"loginAutocomplete",
this.config.getSystemValue("login_form_autocomplete", true)
);
if (redirect_url.IsNotEmpty())
{
this.initialStateService.provideInitialState("core", "loginRedirectUrl", redirect_url);
}
this.initialStateService.provideInitialState(
"core",
"loginThrottleDelay",
this.throttler.getDelay(this.request.getRemoteAddress())
);
this.setPasswordResetInitialState(user);
// OpenGraph Support: http://ogp.me/
Util.addHeader("meta", new Dictionary <string, object>()
{
{ "property", "og:title" },
{ "content", Util.sanitizeHTML(this.defaults.getName()) }
});
Util.addHeader("meta", new Dictionary <string, object>()
{
{ "property", "og:description" },
{ "content", Util.sanitizeHTML(this.defaults.getSlogan()) }
});
Util.addHeader("meta", new Dictionary <string, object>()
{
{ "property", "og:site_name" },
{ "content", Util.sanitizeHTML(this.defaults.getName()) }
});
Util.addHeader("meta", new Dictionary <string, object>()
{
{ "property", "og:url" },
{ "content", this.urlGenerator.getAbsoluteURL("/") }
});
Util.addHeader("meta", new Dictionary <string, object>()
{
{ "property", "og:type" },
{ "content", "website" }
});
Util.addHeader("meta", new Dictionary <string, object>()
{
{ "property", "og:image" },
{ "content", this.urlGenerator.getAbsoluteURL(this.urlGenerator.imagePath("core", "favicon-touch.png")) }
});
var parameters = new Dictionary <string, object>
{
{ "alt_login", OC_App.getAlternativeLogIns() }
};
return(new TemplateResponse(
this.appName, "login", parameters, "guest"
));
}