|
|
@ -14,12 +14,9 @@ using Microsoft.AspNet.Http;
|
|
|
|
using Yavsc.Models;
|
|
|
|
using Yavsc.Models;
|
|
|
|
using Yavsc.Services;
|
|
|
|
using Yavsc.Services;
|
|
|
|
using Yavsc.ViewModels.Account;
|
|
|
|
using Yavsc.ViewModels.Account;
|
|
|
|
using Yavsc.Helpers;
|
|
|
|
|
|
|
|
using Microsoft.Extensions.Localization;
|
|
|
|
using Microsoft.Extensions.Localization;
|
|
|
|
using Microsoft.Data.Entity;
|
|
|
|
using Microsoft.Data.Entity;
|
|
|
|
using Newtonsoft.Json;
|
|
|
|
using Newtonsoft.Json;
|
|
|
|
using System.Collections.Generic;
|
|
|
|
|
|
|
|
using Yavsc.Models.Messaging;
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
namespace Yavsc.Controllers
|
|
|
|
namespace Yavsc.Controllers
|
|
|
|
{
|
|
|
|
{
|
|
|
@ -49,7 +46,7 @@ namespace Yavsc.Controllers
|
|
|
|
IOptions<SiteSettings> siteSettings,
|
|
|
|
IOptions<SiteSettings> siteSettings,
|
|
|
|
IOptions<SmtpSettings> smtpSettings,
|
|
|
|
IOptions<SmtpSettings> smtpSettings,
|
|
|
|
ILoggerFactory loggerFactory, IOptions<TwilioSettings> twilioSettings,
|
|
|
|
ILoggerFactory loggerFactory, IOptions<TwilioSettings> twilioSettings,
|
|
|
|
IStringLocalizer<Yavsc.Resources.YavscLocalisation> localizer,
|
|
|
|
IStringLocalizer<Yavsc.Resources.YavscLocalisation> localizer,
|
|
|
|
ApplicationDbContext dbContext)
|
|
|
|
ApplicationDbContext dbContext)
|
|
|
|
{
|
|
|
|
{
|
|
|
|
_userManager = userManager;
|
|
|
|
_userManager = userManager;
|
|
|
@ -65,8 +62,8 @@ namespace Yavsc.Controllers
|
|
|
|
_dbContext = dbContext;
|
|
|
|
_dbContext = dbContext;
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
[Authorize(Roles=Constants.AdminGroupName)]
|
|
|
|
[Authorize(Roles = Constants.AdminGroupName)]
|
|
|
|
public async Task<IActionResult> UserList ()
|
|
|
|
public async Task<IActionResult> UserList()
|
|
|
|
{
|
|
|
|
{
|
|
|
|
return View(await _dbContext.Users.ToArrayAsync());
|
|
|
|
return View(await _dbContext.Users.ToArrayAsync());
|
|
|
|
}
|
|
|
|
}
|
|
|
@ -95,10 +92,10 @@ namespace Yavsc.Controllers
|
|
|
|
{
|
|
|
|
{
|
|
|
|
ViewBag.UserIsSignedIn = User.IsSignedIn();
|
|
|
|
ViewBag.UserIsSignedIn = User.IsSignedIn();
|
|
|
|
if (string.IsNullOrWhiteSpace(requestUrl))
|
|
|
|
if (string.IsNullOrWhiteSpace(requestUrl))
|
|
|
|
if (string.IsNullOrWhiteSpace(Request.Headers["Referer"]))
|
|
|
|
if (string.IsNullOrWhiteSpace(Request.Headers["Referer"]))
|
|
|
|
requestUrl = "/";
|
|
|
|
requestUrl = "/";
|
|
|
|
else requestUrl = Request.Headers["Referer"];
|
|
|
|
else requestUrl = Request.Headers["Referer"];
|
|
|
|
return View("AccessDenied",requestUrl);
|
|
|
|
return View("AccessDenied", requestUrl);
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
[AllowAnonymous]
|
|
|
|
[AllowAnonymous]
|
|
|
@ -224,19 +221,22 @@ namespace Yavsc.Controllers
|
|
|
|
// Send an email with this link
|
|
|
|
// Send an email with this link
|
|
|
|
var code = await _userManager.GenerateEmailConfirmationTokenAsync(user);
|
|
|
|
var code = await _userManager.GenerateEmailConfirmationTokenAsync(user);
|
|
|
|
var callbackUrl = Url.Action("ConfirmEmail", "Account", new { userId = user.Id, code = code }, protocol: HttpContext.Request.Scheme);
|
|
|
|
var callbackUrl = Url.Action("ConfirmEmail", "Account", new { userId = user.Id, code = code }, protocol: HttpContext.Request.Scheme);
|
|
|
|
var emailSent = await _emailSender.SendEmailAsync(_siteSettings, _smtpSettings, model.Email, "Confirm your account",
|
|
|
|
var emailSent = await _emailSender.SendEmailAsync(_siteSettings, _smtpSettings, model.Email, _localizer["ConfirmYourAccountTitle"],
|
|
|
|
"Please confirm your account by clicking this link: <a href=\"" + callbackUrl + "\">link</a>");
|
|
|
|
string.Format(_localizer["ConfirmYourAccountBody"], _siteSettings.Title, callbackUrl, _siteSettings.Slogan, _siteSettings.Audience));
|
|
|
|
await _signInManager.SignInAsync(user, isPersistent: false);
|
|
|
|
await _signInManager.SignInAsync(user, isPersistent: false);
|
|
|
|
if (!emailSent) {
|
|
|
|
if (!emailSent)
|
|
|
|
|
|
|
|
{
|
|
|
|
_logger.LogWarning("User created with error sending email confirmation request");
|
|
|
|
_logger.LogWarning("User created with error sending email confirmation request");
|
|
|
|
this.NotifyWarning (
|
|
|
|
this.NotifyWarning(
|
|
|
|
"E-mail confirmation",
|
|
|
|
"E-mail confirmation",
|
|
|
|
_localizer["ErrorSendingEmailForConfirm"]
|
|
|
|
_localizer["ErrorSendingEmailForConfirm"]
|
|
|
|
) ;
|
|
|
|
);
|
|
|
|
} else this.NotifyInfo (
|
|
|
|
}
|
|
|
|
"E-mail confirmation",
|
|
|
|
else
|
|
|
|
_localizer["EmailSentForConfirm"]
|
|
|
|
this.NotifyInfo(
|
|
|
|
) ;
|
|
|
|
"E-mail confirmation",
|
|
|
|
|
|
|
|
_localizer["EmailSentForConfirm"]
|
|
|
|
|
|
|
|
);
|
|
|
|
|
|
|
|
|
|
|
|
return View("AccountCreated");
|
|
|
|
return View("AccountCreated");
|
|
|
|
}
|
|
|
|
}
|
|
|
@ -247,15 +247,22 @@ namespace Yavsc.Controllers
|
|
|
|
return View(model);
|
|
|
|
return View(model);
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
[Authorize,HttpPost,ValidateAntiForgeryToken]
|
|
|
|
[Authorize, HttpPost, ValidateAntiForgeryToken]
|
|
|
|
public async Task <IActionResult> SendEMailForConfirm () {
|
|
|
|
public async Task<IActionResult> SendEMailForConfirm()
|
|
|
|
var user = await _userManager.FindByIdAsync( User.GetUserId() );
|
|
|
|
{
|
|
|
|
var code = await _userManager.GenerateEmailConfirmationTokenAsync(user);
|
|
|
|
var user = await _userManager.FindByIdAsync(User.GetUserId());
|
|
|
|
var callbackUrl = Url.Action("ConfirmEmail", "Account", new { userId = user.Id, code = code }, protocol: HttpContext.Request.Scheme);
|
|
|
|
ViewBag.EmailSent = SendEMailForConfirm(user);
|
|
|
|
await _emailSender.SendEmailAsync(_siteSettings, _smtpSettings, user.Email, "Confirm your account",
|
|
|
|
|
|
|
|
"Please confirm your account by clicking this link: <a href=\"" + callbackUrl + "\">link</a>");
|
|
|
|
|
|
|
|
return View("ConfirmEmailSent");
|
|
|
|
return View("ConfirmEmailSent");
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
private async Task<bool> SendEMailForConfirm(ApplicationUser user)
|
|
|
|
|
|
|
|
{
|
|
|
|
|
|
|
|
var code = await _userManager.GenerateEmailConfirmationTokenAsync(user);
|
|
|
|
|
|
|
|
var callbackUrl = Url.Action("ConfirmEmail", "Account", new { userId = user.Id, code = code }, protocol: HttpContext.Request.Scheme);
|
|
|
|
|
|
|
|
var res = await _emailSender.SendEmailAsync(_siteSettings, _smtpSettings, user.Email, "Confirm your account",
|
|
|
|
|
|
|
|
"Please confirm your account by clicking this link: <a href=\"" + callbackUrl + "\">link</a>");
|
|
|
|
|
|
|
|
return res;
|
|
|
|
|
|
|
|
}
|
|
|
|
//
|
|
|
|
//
|
|
|
|
// POST: /Account/LogOff
|
|
|
|
// POST: /Account/LogOff
|
|
|
|
[HttpPost(Constants.LogoutPath)]
|
|
|
|
[HttpPost(Constants.LogoutPath)]
|
|
|
@ -282,14 +289,14 @@ namespace Yavsc.Controllers
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
// Sign in the user with this external login provider if the user already has a login.
|
|
|
|
// Sign in the user with this external login provider if the user already has a login.
|
|
|
|
info.ProviderDisplayName = info.ExternalPrincipal.Claims.First(c=>c.Type == "http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name")?.Value;
|
|
|
|
info.ProviderDisplayName = info.ExternalPrincipal.Claims.First(c => c.Type == "http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name")?.Value;
|
|
|
|
|
|
|
|
|
|
|
|
var result = await _signInManager.ExternalLoginSignInAsync(info.LoginProvider, info.ProviderKey, isPersistent: false);
|
|
|
|
var result = await _signInManager.ExternalLoginSignInAsync(info.LoginProvider, info.ProviderKey, isPersistent: false);
|
|
|
|
if (result.Succeeded)
|
|
|
|
if (result.Succeeded)
|
|
|
|
{
|
|
|
|
{
|
|
|
|
_logger.LogInformation(5, $"User logged in with {info.LoginProvider} provider, as {info.ProviderDisplayName} ({info.ProviderKey})." );
|
|
|
|
_logger.LogInformation(5, $"User logged in with {info.LoginProvider} provider, as {info.ProviderDisplayName} ({info.ProviderKey}).");
|
|
|
|
|
|
|
|
|
|
|
|
var ninfo = _dbContext.UserLogins.First(l=>l.ProviderKey == info.ProviderKey && l.LoginProvider == info.LoginProvider);
|
|
|
|
var ninfo = _dbContext.UserLogins.First(l => l.ProviderKey == info.ProviderKey && l.LoginProvider == info.LoginProvider);
|
|
|
|
ninfo.ProviderDisplayName = info.ProviderDisplayName;
|
|
|
|
ninfo.ProviderDisplayName = info.ProviderDisplayName;
|
|
|
|
_dbContext.Entry(ninfo).State = EntityState.Modified;
|
|
|
|
_dbContext.Entry(ninfo).State = EntityState.Modified;
|
|
|
|
_dbContext.SaveChanges(User.GetUserId());
|
|
|
|
_dbContext.SaveChanges(User.GetUserId());
|
|
|
@ -357,7 +364,7 @@ namespace Yavsc.Controllers
|
|
|
|
var result = await _userManager.CreateAsync(user);
|
|
|
|
var result = await _userManager.CreateAsync(user);
|
|
|
|
if (result.Succeeded)
|
|
|
|
if (result.Succeeded)
|
|
|
|
{
|
|
|
|
{
|
|
|
|
info.ProviderDisplayName = info.ExternalPrincipal.Claims.First(c=>c.Type == "http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name")?.Value;
|
|
|
|
info.ProviderDisplayName = info.ExternalPrincipal.Claims.First(c => c.Type == "http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name")?.Value;
|
|
|
|
|
|
|
|
|
|
|
|
result = await _userManager.AddLoginAsync(user, info);
|
|
|
|
result = await _userManager.AddLoginAsync(user, info);
|
|
|
|
if (result.Succeeded)
|
|
|
|
if (result.Succeeded)
|
|
|
@ -365,8 +372,8 @@ namespace Yavsc.Controllers
|
|
|
|
await _signInManager.SignInAsync(user, isPersistent: false);
|
|
|
|
await _signInManager.SignInAsync(user, isPersistent: false);
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
await _emailSender.SendEmailAsync(_siteSettings, _smtpSettings, Startup.SiteSetup.Owner.EMail,
|
|
|
|
await _emailSender.SendEmailAsync(_siteSettings, _smtpSettings, Startup.SiteSetup.Owner.EMail,
|
|
|
|
$"[{_siteSettings.Title}] Inscription via {info.LoginProvider}: {user.UserName} ", $"{user.Id}/{user.UserName}/{user.Email}");
|
|
|
|
$"[{_siteSettings.Title}] Inscription via {info.LoginProvider}: {user.UserName} ", $"{user.Id}/{user.UserName}/{user.Email}");
|
|
|
|
|
|
|
|
|
|
|
|
_logger.LogInformation(6, "User created an account using {Name} provider.", info.LoginProvider);
|
|
|
|
_logger.LogInformation(6, "User created an account using {Name} provider.", info.LoginProvider);
|
|
|
|
|
|
|
|
|
|
|
@ -419,7 +426,8 @@ namespace Yavsc.Controllers
|
|
|
|
var user = await _userManager.FindByEmailAsync(model.LoginOrEmail);
|
|
|
|
var user = await _userManager.FindByEmailAsync(model.LoginOrEmail);
|
|
|
|
|
|
|
|
|
|
|
|
// Don't reveal that the user does not exist or is not confirmed
|
|
|
|
// Don't reveal that the user does not exist or is not confirmed
|
|
|
|
if (user == null) {
|
|
|
|
if (user == null)
|
|
|
|
|
|
|
|
{
|
|
|
|
user = await _userManager.FindByNameAsync(model.LoginOrEmail);
|
|
|
|
user = await _userManager.FindByNameAsync(model.LoginOrEmail);
|
|
|
|
if (user == null)
|
|
|
|
if (user == null)
|
|
|
|
{
|
|
|
|
{
|
|
|
@ -430,7 +438,8 @@ namespace Yavsc.Controllers
|
|
|
|
// user != null
|
|
|
|
// user != null
|
|
|
|
// We want him to have a confirmed e-mail, and prevent this script
|
|
|
|
// We want him to have a confirmed e-mail, and prevent this script
|
|
|
|
// to be used to send e-mail to any arbitrary person
|
|
|
|
// to be used to send e-mail to any arbitrary person
|
|
|
|
if (!await _userManager.IsEmailConfirmedAsync(user)) {
|
|
|
|
if (!await _userManager.IsEmailConfirmedAsync(user))
|
|
|
|
|
|
|
|
{
|
|
|
|
_logger.LogWarning($"ForgotPassword: Email {model.LoginOrEmail} not confirmed");
|
|
|
|
_logger.LogWarning($"ForgotPassword: Email {model.LoginOrEmail} not confirmed");
|
|
|
|
return View("ForgotPasswordConfirmation");
|
|
|
|
return View("ForgotPasswordConfirmation");
|
|
|
|
}
|
|
|
|
}
|
|
|
@ -439,8 +448,8 @@ namespace Yavsc.Controllers
|
|
|
|
// Send an email with this link
|
|
|
|
// Send an email with this link
|
|
|
|
var code = await _userManager.GeneratePasswordResetTokenAsync(user);
|
|
|
|
var code = await _userManager.GeneratePasswordResetTokenAsync(user);
|
|
|
|
var callbackUrl = Url.Action("ResetPassword", "Account", new { userId = user.Id, code = code }, protocol: HttpContext.Request.Scheme);
|
|
|
|
var callbackUrl = Url.Action("ResetPassword", "Account", new { userId = user.Id, code = code }, protocol: HttpContext.Request.Scheme);
|
|
|
|
await _emailSender.SendEmailAsync(_siteSettings,_smtpSettings,model.LoginOrEmail, _localizer["Reset Password"],
|
|
|
|
await _emailSender.SendEmailAsync(_siteSettings, _smtpSettings, model.LoginOrEmail, _localizer["Reset Password"],
|
|
|
|
_localizer["Please reset your password by following this link:"] +" <"+ callbackUrl +">" );
|
|
|
|
_localizer["Please reset your password by following this link:"] + " <" + callbackUrl + ">");
|
|
|
|
return View("ForgotPasswordConfirmation");
|
|
|
|
return View("ForgotPasswordConfirmation");
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
@ -640,7 +649,7 @@ namespace Yavsc.Controllers
|
|
|
|
{
|
|
|
|
{
|
|
|
|
foreach (var error in result.Errors)
|
|
|
|
foreach (var error in result.Errors)
|
|
|
|
{
|
|
|
|
{
|
|
|
|
ModelState.AddModelError(string.Empty, _localizer[ error.Code ]);
|
|
|
|
ModelState.AddModelError(string.Empty, _localizer[error.Code]);
|
|
|
|
}
|
|
|
|
}
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|