public ActionResult Complete(CompleteRegistrationModel completeRegistrationModel) { if (completeRegistrationModel == null) completeRegistrationModel = new CompleteRegistrationModel(); if (Request.HttpMethod == "GET") { return View(completeRegistrationModel); } if (Request.HttpMethod != "POST") { return new HttpStatusCodeResult((int)HttpStatusCode.MethodNotAllowed); } if (ModelState.IsValid) { var registrations = from r in _repository.GetAll<Registration>() where r.Username == completeRegistrationModel.Username && r.EmailAddress == completeRegistrationModel.EmailAddress orderby r.Expires descending select r; var registration = registrations.FirstOrDefault(); if (RegistrationIsValid(registration, completeRegistrationModel)) { var user = new User { Id = Guid.NewGuid(), Username = registration.Username, EmailAddress = registration.EmailAddress, Password = registration.Password }; _repository.SaveOrUpdate(user); _authenticator.SetCookie(user.Username); return RedirectToAction("Index", "Home"); } } return View(completeRegistrationModel); }
private static bool RegistrationIsValid(Registration latestRegistration, CompleteRegistrationModel completeRegistrationModel) { if (latestRegistration == null) return false; if (latestRegistration.Expires < DateTime.UtcNow) return false; if (!Cryptography.Verify(latestRegistration.Password, completeRegistrationModel.Password)) return false; if (!Cryptography.Verify(latestRegistration.VerificationCode, completeRegistrationModel.VerificationCode)) return false; return true; }