public async Task SignInAsync(ApplicationUser user, bool isPersistent, bool rememberBrowser)
{
// Clear any partial cookies from external or two factor partial sign ins
AuthenticationManager.SignOut(DefaultAuthenticationTypes.ExternalCookie,
DefaultAuthenticationTypes.TwoFactorCookie);
var userIdentity = await user.GenerateUserIdentityAsync(UserManager,DefaultAuthenticationTypes.TwoFactorCookie);
if (rememberBrowser)
{
var rememberBrowserIdentity =
AuthenticationManager.CreateTwoFactorRememberBrowserIdentity(user.Id);
AuthenticationManager.SignIn(
new AuthenticationProperties { IsPersistent = isPersistent },
userIdentity,
rememberBrowserIdentity);
}
else
{
AuthenticationManager.SignIn(
new AuthenticationProperties { IsPersistent = isPersistent },
userIdentity);
}
}
/// <summary>
/// Return some basic user info to be used for particular user session
/// </summary>
/// <param name="user"></param>
/// <param name="rolesList"></param>
/// <returns></returns>
public static AuthenticationProperties CreateProperties(ApplicationUser user, string rolesList)// string userName, string displayName)
{
IDictionary<string, string> data = new Dictionary<string, string>
{
{ "userName", user.Email },
{ "displayName", user.DisplayName},
{ "roles", rolesList},
};
return new AuthenticationProperties(data);
}
public async Task<IHttpActionResult> RegisterExternal(RegisterExternalBindingModel model)
{
if (!ModelState.IsValid)
{
return BadRequest(ModelState);
}
var verifiedAccessToken = await VerifyExternalAccessToken(model.Provider, model.ExternalAccessToken);
if (verifiedAccessToken == null)
{
return BadRequest("Invalid Provider or External Access Token");
}
//IdentityUser user = await _repo.FindAsync(new UserLoginInfo(model.Provider, verifiedAccessToken.user_id));
ApplicationUser user = await UserManager.FindAsync(new UserLoginInfo(model.Provider, verifiedAccessToken.user_id));
bool hasRegistered = user != null;
if (hasRegistered)
{
return BadRequest("External user is already registered");
}
//user = new IdentityUser() { UserName = model.UserName };
user = new ApplicationUser() { UserName = model.UserName };
//IdentityResult result = await _repo.CreateAsync(user);
IdentityResult result = await UserManager.CreateAsync(user);
if (!result.Succeeded)
{
return GetErrorResult(result);
}
var info = new ExternalLoginInfo()
{
DefaultUserName = model.UserName,
Login = new UserLoginInfo(model.Provider, verifiedAccessToken.user_id)
};
//result = await _repo.AddLoginAsync(user.Id, info.Login);
result = await UserManager.AddLoginAsync(user.Id, info.Login);
if (!result.Succeeded)
{
return GetErrorResult(result);
}
//generate access token response
var accessTokenResponse = await GenerateLocalAccessTokenResponse(model.UserName);
return Ok(accessTokenResponse);
}
private async Task<SignInStatus> SignInOrTwoFactor(ApplicationUser user, bool isPersistent)
{
if (await UserManager.GetTwoFactorEnabledAsync(user.Id) &&
!await AuthenticationManager.TwoFactorBrowserRememberedAsync(user.Id))
{
var identity = new ClaimsIdentity(DefaultAuthenticationTypes.TwoFactorCookie);
identity.AddClaim(new Claim(ClaimTypes.NameIdentifier, user.Id));
AuthenticationManager.SignIn(identity);
return SignInStatus.RequiresVerification;// RequiresTwoFactorAuthentication;
}
await SignInAsync(user, isPersistent, false);
return SignInStatus.Success;
}
public async Task<IHttpActionResult> Register(RegisterBindingModel model)
{
if (!ModelState.IsValid)
{
return BadRequest(ModelState);
}
var regContext = new RegistrationController();
if (regContext.IsDuplicateEmail(model.Email))
{
return BadRequest("Email ID already exists");
}
var user = new ApplicationUser()
{
UserName = model.Email,
Email = model.Email,
PhoneNumber = model.Person.Contact.Phone,
DisplayName = model.DisplayName
};
IdentityResult result;
try
{
result = await UserManager.CreateAsync(user, model.Password).ConfigureAwait(false);
// Note that because of the ConfigureAwait(false), we are not on the original context here.
// Instead, we're running on the thread pool.
if (!result.Succeeded)
{
return GetErrorResult(result);
}
else
{
//Enable two factor authentication
result = await UserManager.SetTwoFactorEnabledAsync(user.Id, true).ConfigureAwait(false);
if (!result.Succeeded)
{
return GetErrorResult(result);
}
/* Insert a new record into the People table
*/
var personResult = new RegistrationController().CreatePerson(model.Person);
// Sending verification code
var provider = "EmailCode";
var token = await UserManager.GenerateTwoFactorTokenAsync(user.Id, provider).ConfigureAwait(false);
// See IdentityConfig.cs to plug in Email/SMS services to actually send the code
result = await UserManager.NotifyTwoFactorTokenAsync(user.Id, provider, token);
if (!result.Succeeded)
{
return GetErrorResult(result);
}
return Ok(result);
}
}
catch (Exception ex)
{
throw ex;
}
}