public ActionResult Login(LoginModel model, string returnUrl)
{
if (ModelState.IsValid)
{
if (Membership.ValidateUser(model.UserName, model.Password))
{
FormsAuthentication.SetAuthCookie(model.UserName, model.RememberMe);
if (Url.IsLocalUrl(returnUrl))
{
return Redirect(returnUrl);
}
else
{
return RedirectToAction("Index", "Home");
}
}
else
{
ModelState.AddModelError("", "The user name or password provided is incorrect.");
}
}
// If we got this far, something failed, redisplay form
return View(model);
}
public ActionResult Login(LoginModel model, string returnUrl)
{
// here we are getting posted from HealthVault so extract the wctoken sent
string authToken = Request.Params["wctoken"];
if (authToken != null)
{
// create a web app cred object
var appId = HealthApplicationConfiguration.Current.ApplicationId;
WebApplicationCredential cred =
new WebApplicationCredential(
appId,
authToken,
HealthApplicationConfiguration.Current.ApplicationCertificate);
// setup the user
WebApplicationConnection connection = new WebApplicationConnection(appId, cred);
PersonInfo personInfo = HealthVaultPlatform.GetPersonInfo(connection);
// check to make sure there is access to records
if (personInfo.AuthorizedRecords.Count() == 0)
throw new Exception("There are no authorized users for us to work with!");
// check to see if the user exists
var personId = personInfo.PersonId.ToString();
// we found the user so authenticate them
var username = personId;
var password = personId + appId;
if (Membership.ValidateUser(username, password))
{
// user has authenticated
var user = Membership.GetUser(personInfo.PersonId.ToString());
// save auth cookie
CreateAuthCookie(personInfo, user, authToken);
}
else
{
// the user has not registered with us so create one
// Attempt to register the user
MembershipCreateStatus createStatus;
var newUser = Membership.CreateUser(username, password, "", passwordQuestion: null, passwordAnswer: null, isApproved: true, providerUserKey: null, status: out createStatus);
if (createStatus == MembershipCreateStatus.Success)
{
//save auth cookie
CreateAuthCookie(personInfo, newUser, authToken);
}
else
{
ModelState.AddModelError("", ErrorCodeToString(createStatus));
return View(model);
}
}
// save the user to the local table
SaveUser(personInfo, authToken);
// save the user avatar image to blob
HVUserImageHelper.Default.SaveImageToBlobStorage(personInfo.SelectedRecord == null ? personInfo.AuthorizedRecords.FirstOrDefault().Value : personInfo.SelectedRecord);
// redirect to the actionqs
NameValueCollection query = HttpUtility.ParseQueryString(Request.Url.Query);
var r = HttpUtility.UrlDecode(query["actionqs"]);
return Redirect(new Uri(string.Format("http://{0}{1}{2}",
Request.Url.Host,
(Request.Url.IsDefaultPort ? "" : ":" + Request.Url.Port), r)).ToString());
}
else
{
// no wctoken so just redirect to home
ModelState.AddModelError("", "Unable to authenticate with Microsoft HealthVault.");
}
// If we got this far, something failed, redisplay form
return View(model);
}