public virtual async Task <ActionResult> Confirm(string username, string token) { // We don't want Login to have us as a return URL // By having this value present in the dictionary BUT null, we don't put "returnUrl" on the Login link at all ViewData[Constants.ReturnUrlViewDataKey] = null; if (!String.Equals(username, User.Identity.Name, StringComparison.OrdinalIgnoreCase)) { return(View(new ConfirmationViewModel { WrongUsername = true, SuccessfulConfirmation = false, })); } var user = GetCurrentUser(); var alreadyConfirmed = user.UnconfirmedEmailAddress == null; string existingEmail = user.EmailAddress; var model = new ConfirmationViewModel { ConfirmingNewAccount = String.IsNullOrEmpty(existingEmail), SuccessfulConfirmation = !alreadyConfirmed, AlreadyConfirmed = alreadyConfirmed }; if (!alreadyConfirmed) { try { if (!(await UserService.ConfirmEmailAddress(user, token))) { model.SuccessfulConfirmation = false; } } catch (EntityException) { model.SuccessfulConfirmation = false; model.DuplicateEmailAddress = true; } // SuccessfulConfirmation is required so that the confirm Action isn't a way to spam people. // Change notice not required for new accounts. if (model.SuccessfulConfirmation && !model.ConfirmingNewAccount) { MessageService.SendEmailChangeNoticeToPreviousEmailAddress(user, existingEmail); string returnUrl = HttpContext.GetConfirmationReturnUrl(); if (!String.IsNullOrEmpty(returnUrl)) { TempData["Message"] = "You have successfully confirmed your email address!"; return(SafeRedirect(returnUrl)); } } } return(View(model)); }
public virtual async Task <ActionResult> Confirm(string accountName, string token) { // We don't want Login to go to this page as a return URL // By having this value present in the dictionary BUT null, we don't put "returnUrl" on the Login link at all ViewData[GalleryConstants.ReturnUrlViewDataKey] = null; var account = GetAccount(accountName); if (account == null || ActionsRequiringPermissions.ManageAccount.CheckPermissions(GetCurrentUser(), account) != PermissionsCheckResult.Allowed) { return(View(new ConfirmationViewModel(accountName) { WrongUsername = true, SuccessfulConfirmation = false })); } string existingEmail = account.EmailAddress; var model = new ConfirmationViewModel(account); if (!model.AlreadyConfirmed) { try { model.SuccessfulConfirmation = await UserService.ConfirmEmailAddress(account, token); } catch (EntityException) { model.SuccessfulConfirmation = false; model.DuplicateEmailAddress = true; } // SuccessfulConfirmation is required so that the confirm Action isn't a way to spam people. // Change notice not required for new accounts. if (model.SuccessfulConfirmation && !model.ConfirmingNewAccount) { var message = new EmailChangeNoticeToPreviousEmailAddressMessage(MessageServiceConfiguration, account, existingEmail); await MessageService.SendMessageAsync(message); string returnUrl = HttpContext.GetConfirmationReturnUrl(); if (!String.IsNullOrEmpty(returnUrl)) { TempData["Message"] = Messages.EmailConfirmed; return(SafeRedirect(returnUrl)); } } } return(View(model)); }