412 lines
15 KiB
C#
412 lines
15 KiB
C#
using Microsoft.AspNet.Http;
|
|
using Microsoft.AspNet.Identity;
|
|
using Microsoft.AspNet.Mvc;
|
|
using Microsoft.AspNet.Mvc.Rendering;
|
|
using System.Linq;
|
|
using System.Security.Claims;
|
|
using System.Security.Principal;
|
|
using System.Threading.Tasks;
|
|
|
|
namespace IdentitySample.Models
|
|
{
|
|
[Authorize]
|
|
public class AccountController : Controller
|
|
{
|
|
public AccountController(UserManager<ApplicationUser> userManager, SignInManager<ApplicationUser> signInManager)
|
|
{
|
|
UserManager = UserManager;
|
|
SignInManager = signInManager;
|
|
}
|
|
|
|
public UserManager<ApplicationUser> UserManager { get; private set; }
|
|
|
|
public SignInManager<ApplicationUser> SignInManager { get; private set; }
|
|
|
|
|
|
//
|
|
// GET: /Account/Login
|
|
[HttpGet]
|
|
[AllowAnonymous]
|
|
public IActionResult Login(string returnUrl = null)
|
|
{
|
|
ViewBag.ReturnUrl = returnUrl;
|
|
ViewBag.LoginProviders = Context.GetExternalAuthenticationTypes().ToList();
|
|
return View();
|
|
}
|
|
|
|
//
|
|
// POST: /Account/Login
|
|
[HttpPost]
|
|
[AllowAnonymous]
|
|
[ValidateAntiForgeryToken]
|
|
public async Task<IActionResult> Login(LoginViewModel model, string returnUrl = null)
|
|
{
|
|
if (ModelState.IsValid)
|
|
{
|
|
var signInStatus = await SignInManager.PasswordSignInAsync(model.UserName, model.Password, model.RememberMe, shouldLockout: false);
|
|
switch (signInStatus)
|
|
{
|
|
case SignInStatus.Success:
|
|
return RedirectToLocal(returnUrl);
|
|
case SignInStatus.LockedOut:
|
|
ModelState.AddModelError("", "User is locked out, try again later.");
|
|
return View(model);
|
|
case SignInStatus.RequiresVerification:
|
|
return RedirectToAction("SendCode", new { ReturnUrl = returnUrl, RememberMe = model.RememberMe });
|
|
case SignInStatus.Failure:
|
|
default:
|
|
ModelState.AddModelError("", "Invalid username or password.");
|
|
return View(model);
|
|
}
|
|
}
|
|
|
|
// If we got this far, something failed, redisplay form
|
|
return View(model);
|
|
}
|
|
|
|
//
|
|
// GET: /Account/Register
|
|
[HttpGet]
|
|
[AllowAnonymous]
|
|
public IActionResult Register()
|
|
{
|
|
return View();
|
|
}
|
|
|
|
//
|
|
// POST: /Account/Register
|
|
[HttpPost]
|
|
[AllowAnonymous]
|
|
[ValidateAntiForgeryToken]
|
|
public async Task<IActionResult> Register(RegisterViewModel model)
|
|
{
|
|
if (ModelState.IsValid)
|
|
{
|
|
var user = new ApplicationUser { UserName = model.Email, Email = model.Email };
|
|
var result = await UserManager.CreateAsync(user, model.Password);
|
|
if (result.Succeeded)
|
|
{
|
|
var code = await UserManager.GenerateEmailConfirmationTokenAsync(user);
|
|
var callbackUrl = Url.Action("ConfirmEmail", "Account", new { userId = user.Id, code = code }, protocol: Context.Request.Scheme);
|
|
await UserManager.SendEmailAsync(user, "Confirm your account", "Please confirm your account by clicking this link: <a href=\"" + callbackUrl + "\">link</a>");
|
|
ViewBag.Link = callbackUrl;
|
|
return View("DisplayEmail");
|
|
}
|
|
AddErrors(result);
|
|
}
|
|
|
|
// If we got this far, something failed, redisplay form
|
|
return View(model);
|
|
}
|
|
|
|
//
|
|
// POST: /Account/LogOff
|
|
[HttpPost]
|
|
[ValidateAntiForgeryToken]
|
|
public IActionResult LogOff()
|
|
{
|
|
SignInManager.SignOut();
|
|
return RedirectToAction("Index", "Home");
|
|
}
|
|
|
|
//
|
|
// POST: /Account/ExternalLogin
|
|
[HttpPost]
|
|
[AllowAnonymous]
|
|
[ValidateAntiForgeryToken]
|
|
public IActionResult ExternalLogin(string provider, string returnUrl = null)
|
|
{
|
|
// Request a redirect to the external login provider
|
|
var redirectUrl = Url.Action("ExternalLoginCallback", "Account", new { ReturnUrl = returnUrl });
|
|
var properties = Context.ConfigureExternalAuthenticationProperties(provider, redirectUrl);
|
|
return new ChallengeResult(provider, properties);
|
|
}
|
|
|
|
//
|
|
// GET: /Account/ExternalLoginCallback
|
|
[HttpGet]
|
|
[AllowAnonymous]
|
|
public async Task<IActionResult> ExternalLoginCallback(string returnUrl = null)
|
|
{
|
|
var info = await Context.GetExternalLoginInfo();
|
|
if (info == null)
|
|
{
|
|
return RedirectToAction("Login");
|
|
}
|
|
|
|
// Sign in the user with this external login provider if the user already has a login
|
|
var result = await SignInManager.ExternalLoginSignInAsync(info.LoginProvider, info.ProviderKey,
|
|
isPersistent: false);
|
|
switch (result)
|
|
{
|
|
case SignInStatus.Success:
|
|
return RedirectToLocal(returnUrl);
|
|
case SignInStatus.LockedOut:
|
|
return View("Lockout");
|
|
case SignInStatus.RequiresVerification:
|
|
return RedirectToAction("SendCode", new { ReturnUrl = returnUrl });
|
|
case SignInStatus.Failure:
|
|
default:
|
|
// If the user does not have an account, then prompt the user to create an account
|
|
ViewBag.ReturnUrl = returnUrl;
|
|
ViewBag.LoginProvider = info.LoginProvider;
|
|
// REVIEW: handle case where email not in claims?
|
|
var email = info.ExternalIdentity.FindFirstValue(ClaimTypes.Email);
|
|
return View("ExternalLoginConfirmation", new ExternalLoginConfirmationViewModel { Email = email });
|
|
}
|
|
}
|
|
|
|
//
|
|
// POST: /Account/ExternalLoginConfirmation
|
|
[HttpPost]
|
|
[AllowAnonymous]
|
|
[ValidateAntiForgeryToken]
|
|
public async Task<IActionResult> ExternalLoginConfirmation(ExternalLoginConfirmationViewModel model, string returnUrl = null)
|
|
{
|
|
if (User.Identity.IsAuthenticated)
|
|
{
|
|
return RedirectToAction("Index", "Manage");
|
|
}
|
|
|
|
if (ModelState.IsValid)
|
|
{
|
|
// Get the information about the user from the external login provider
|
|
var info = await Context.GetExternalLoginInfo();
|
|
if (info == null)
|
|
{
|
|
return View("ExternalLoginFailure");
|
|
}
|
|
var user = new ApplicationUser { UserName = model.Email, Email = model.Email };
|
|
var result = await UserManager.CreateAsync(user);
|
|
if (result.Succeeded)
|
|
{
|
|
result = await UserManager.AddLoginAsync(user, info);
|
|
if (result.Succeeded)
|
|
{
|
|
await SignInManager.SignInAsync(user, isPersistent: false);
|
|
return RedirectToLocal(returnUrl);
|
|
}
|
|
}
|
|
AddErrors(result);
|
|
}
|
|
|
|
ViewBag.ReturnUrl = returnUrl;
|
|
return View(model);
|
|
}
|
|
|
|
// REVIEW: We should make this a POST
|
|
//
|
|
// GET: /Account/ConfirmEmail
|
|
[HttpGet]
|
|
[AllowAnonymous]
|
|
public async Task<IActionResult> ConfirmEmail(string userId, string code)
|
|
{
|
|
if (userId == null || code == null)
|
|
{
|
|
return View("Error");
|
|
}
|
|
var user = await UserManager.FindByIdAsync(userId);
|
|
if (user == null)
|
|
{
|
|
return View("Error");
|
|
}
|
|
var result = await UserManager.ConfirmEmailAsync(user, code);
|
|
return View(result.Succeeded ? "ConfirmEmail" : "Error");
|
|
}
|
|
|
|
//
|
|
// GET: /Account/ForgotPassword
|
|
[HttpGet]
|
|
[AllowAnonymous]
|
|
public IActionResult ForgotPassword()
|
|
{
|
|
return View();
|
|
}
|
|
|
|
//
|
|
// POST: /Account/ForgotPassword
|
|
[HttpPost]
|
|
[AllowAnonymous]
|
|
[ValidateAntiForgeryToken]
|
|
public async Task<IActionResult> ForgotPassword(ForgotPasswordViewModel model)
|
|
{
|
|
if (ModelState.IsValid)
|
|
{
|
|
var user = await UserManager.FindByNameAsync(model.Email);
|
|
if (user == null || !(await UserManager.IsEmailConfirmedAsync(user)))
|
|
{
|
|
// Don't reveal that the user does not exist or is not confirmed
|
|
return View("ForgotPasswordConfirmation");
|
|
}
|
|
|
|
var code = await UserManager.GeneratePasswordResetTokenAsync(user);
|
|
var callbackUrl = Url.Action("ResetPassword", "Account", new { userId = user.Id, code = code }, protocol: Context.Request.Scheme);
|
|
await UserManager.SendEmailAsync(user, "Reset Password", "Please reset your password by clicking here: <a href=\"" + callbackUrl + "\">link</a>");
|
|
ViewBag.Link = callbackUrl;
|
|
return View("ForgotPasswordConfirmation");
|
|
}
|
|
|
|
// If we got this far, something failed, redisplay form
|
|
return View(model);
|
|
}
|
|
|
|
//
|
|
// GET: /Account/ForgotPasswordConfirmation
|
|
[HttpGet]
|
|
[AllowAnonymous]
|
|
public IActionResult ForgotPasswordConfirmation()
|
|
{
|
|
return View();
|
|
}
|
|
|
|
//
|
|
// GET: /Account/ResetPassword
|
|
[HttpGet]
|
|
[AllowAnonymous]
|
|
public IActionResult ResetPassword(string code = null)
|
|
{
|
|
return code == null ? View("Error") : View();
|
|
}
|
|
|
|
//
|
|
// POST: /Account/ResetPassword
|
|
[HttpPost]
|
|
[AllowAnonymous]
|
|
[ValidateAntiForgeryToken]
|
|
public async Task<IActionResult> ResetPassword(ResetPasswordViewModel model)
|
|
{
|
|
if (!ModelState.IsValid)
|
|
{
|
|
return View(model);
|
|
}
|
|
var user = await UserManager.FindByNameAsync(model.Email);
|
|
if (user == null)
|
|
{
|
|
// Don't reveal that the user does not exist
|
|
return RedirectToAction("ResetPasswordConfirmation", "Account");
|
|
}
|
|
var result = await UserManager.ResetPasswordAsync(user, model.Code, model.Password);
|
|
if (result.Succeeded)
|
|
{
|
|
return RedirectToAction("ResetPasswordConfirmation", "Account");
|
|
}
|
|
AddErrors(result);
|
|
return View();
|
|
}
|
|
|
|
//
|
|
// GET: /Account/ResetPasswordConfirmation
|
|
[HttpGet]
|
|
[AllowAnonymous]
|
|
public IActionResult ResetPasswordConfirmation()
|
|
{
|
|
return View();
|
|
}
|
|
|
|
//
|
|
// GET: /Account/SendCode
|
|
[HttpGet]
|
|
[AllowAnonymous]
|
|
public async Task<ActionResult> SendCode(string returnUrl = null, bool rememberMe = false)
|
|
{
|
|
var user = await SignInManager.GetTwoFactorAuthenticationUserAsync();
|
|
if (user == null)
|
|
{
|
|
return View("Error");
|
|
}
|
|
var userFactors = await UserManager.GetValidTwoFactorProvidersAsync(user);
|
|
var factorOptions = userFactors.Select(purpose => new SelectListItem { Text = purpose, Value = purpose }).ToList();
|
|
return View(new SendCodeViewModel { Providers = factorOptions, ReturnUrl = returnUrl, RememberMe = rememberMe });
|
|
}
|
|
|
|
//
|
|
// POST: /Account/SendCode
|
|
[HttpPost]
|
|
[AllowAnonymous]
|
|
[ValidateAntiForgeryToken]
|
|
public async Task<IActionResult> SendCode(SendCodeViewModel model)
|
|
{
|
|
if (!ModelState.IsValid)
|
|
{
|
|
return View();
|
|
}
|
|
|
|
// Generate the token and send it
|
|
if (!await SignInManager.SendTwoFactorCodeAsync(model.SelectedProvider))
|
|
{
|
|
return View("Error");
|
|
}
|
|
return RedirectToAction("VerifyCode", new { Provider = model.SelectedProvider, ReturnUrl = model.ReturnUrl, RememberMe = model.RememberMe });
|
|
}
|
|
|
|
//
|
|
// GET: /Account/VerifyCode
|
|
[HttpGet]
|
|
[AllowAnonymous]
|
|
public async Task<IActionResult> VerifyCode(string provider, bool rememberMe, string returnUrl = null)
|
|
{
|
|
var user = await SignInManager.GetTwoFactorAuthenticationUserAsync();
|
|
if (user == null)
|
|
{
|
|
return View("Error");
|
|
}
|
|
// Remove before production
|
|
ViewBag.Status = "For DEMO purposes the current " + provider + " code is: " + await UserManager.GenerateTwoFactorTokenAsync(user, provider);
|
|
return View(new VerifyCodeViewModel { Provider = provider, ReturnUrl = returnUrl, RememberMe = rememberMe });
|
|
}
|
|
|
|
//
|
|
// POST: /Account/VerifyCode
|
|
[HttpPost]
|
|
[AllowAnonymous]
|
|
[ValidateAntiForgeryToken]
|
|
public async Task<IActionResult> VerifyCode(VerifyCodeViewModel model)
|
|
{
|
|
if (!ModelState.IsValid)
|
|
{
|
|
return View(model);
|
|
}
|
|
|
|
var result = await SignInManager.TwoFactorSignInAsync(model.Provider, model.Code, model.RememberMe, model.RememberBrowser);
|
|
switch (result)
|
|
{
|
|
case SignInStatus.Success:
|
|
return RedirectToLocal(model.ReturnUrl);
|
|
case SignInStatus.LockedOut:
|
|
return View("Lockout");
|
|
default:
|
|
ModelState.AddModelError("", "Invalid code.");
|
|
return View(model);
|
|
}
|
|
}
|
|
|
|
#region Helpers
|
|
|
|
private void AddErrors(IdentityResult result)
|
|
{
|
|
foreach (var error in result.Errors)
|
|
{
|
|
ModelState.AddModelError("", error);
|
|
}
|
|
}
|
|
|
|
private async Task<ApplicationUser> GetCurrentUserAsync()
|
|
{
|
|
return await UserManager.FindByIdAsync(Context.User.Identity.GetUserId());
|
|
}
|
|
|
|
private IActionResult RedirectToLocal(string returnUrl)
|
|
{
|
|
if (Url.IsLocalUrl(returnUrl))
|
|
{
|
|
return Redirect(returnUrl);
|
|
}
|
|
else
|
|
{
|
|
return RedirectToAction("Index", "Home");
|
|
}
|
|
}
|
|
|
|
#endregion
|
|
}
|
|
} |