public SimpleMembershipInitializer() { Database.SetInitializer<SmartDbContext>(null); try { using (var context = new SmartDbContext()) { if (!context.Database.Exists()) { // Create the SimpleMembership database without Entity Framework migration schema ((IObjectContextAdapter)context).ObjectContext.CreateDatabase(); } } WebSecurity.InitializeDatabaseConnection("DefaultConnection", "UserProfile", "UserId", "UserName", autoCreateTables: true); var roles = (SimpleRoleProvider)System.Web.Security.Roles.Provider; //var membership = (SimpleMembershipProvider)System.Web.Security.Membership.Provider; if (!roles.RoleExists("Admin")) roles.CreateRole("Admin"); if (!roles.RoleExists("Staff")) roles.CreateRole("Staff"); if (!roles.RoleExists("Referrer")) roles.CreateRole("Referrer"); ////following code will check user with name admin and if not found can create a default admin user with password as 'passowrd' //var usr = membership.GetUser("admin", false); //if (usr == null) //{ // WebSecurity.CreateUserAndAccount("admin", "changeme"); // //WebSecurity.CreateAccount("admin", "password"); //} //if (!roles.GetRolesForUser("admin").Contains("Admin")) // roles.AddUsersToRoles(new[] { "admin" }, new[] { "Admin" }); } catch (Exception ex) { throw new InvalidOperationException("The ASP.NET Simple Membership database could not be initialized. For more information, please see http://go.microsoft.com/fwlink/?LinkId=256588", ex); } }
public ActionResult ExternalLoginConfirmation(RegisterExternalLoginModel model, string returnUrl) { string provider = null; string providerUserId = null; if (User.Identity.IsAuthenticated || !OAuthWebSecurity.TryDeserializeProviderUserId(model.ExternalLoginData, out provider, out providerUserId)) { return RedirectToAction("Manage"); } if (ModelState.IsValid) { // Insert a new user into the database using (SmartDbContext db = new SmartDbContext()) { UserProfile user = db.UserProfiles.FirstOrDefault(u => u.UserName.ToLower() == model.UserName.ToLower()); // Check if user already exists if (user == null) { // Insert name into the profile table db.UserProfiles.Add(new UserProfile { UserName = model.UserName }); db.SaveChanges(); OAuthWebSecurity.CreateOrUpdateAccount(provider, providerUserId, model.UserName); OAuthWebSecurity.Login(provider, providerUserId, createPersistentCookie: false); return RedirectToLocal(returnUrl); } else { ModelState.AddModelError("UserName", "User name already exists. Please enter a different user name."); } } } ViewBag.ProviderDisplayName = OAuthWebSecurity.GetOAuthClientData(provider).DisplayName; ViewBag.ReturnUrl = returnUrl; return View(model); }
public ActionResult LostPassword(LostPasswordModel model) { if (ModelState.IsValid) { MembershipUser user; using (var context = new SmartDbContext()) { var foundUserName = (from u in context.UserProfiles where u.Email == model.Email select u.UserName).FirstOrDefault(); if (foundUserName != null) { user = Membership.GetUser(foundUserName.ToString()); } else { user = null; } } if (user != null) { // Generae password token that will be used in the email link to authenticate user var token = WebSecurity.GeneratePasswordResetToken(user.UserName); // Generate the html link sent via email string resetLink = "<a href'" + Url.Action("ResetPassword", "Account", new { rt = token }, "http") + "'>Reset Password Link</a>"; // Email stuff string subject = "Reset your password for www.SmartDb.com"; string body = "You link: " + resetLink; string from = "*****@*****.**"; MailMessage message = new MailMessage(from, model.Email); message.Subject = subject; message.Body = body; SmtpClient client = new SmtpClient(); // Attempt to send the email try { client.Send(message); } catch (Exception e) { ModelState.AddModelError("", "Issue sending email: " + e.Message); } } else // Email not found { /* Note: You may not want to provide the following information * since it gives an intruder information as to whether a * certain email address is registered with this website or not. * If you're really concerned about privacy, you may want to * forward to the same "Success" page regardless whether an * user was found or not. This is only for illustration purposes. */ ModelState.AddModelError("", "No user found by that email."); } } /* You may want to send the user to a "Success" page upon the successful * sending of the reset email link. Right now, if we are 100% successful * nothing happens on the page. :P */ return View(model); }