PageRenderTime 60ms CodeModel.GetById 50ms app.highlight 7ms RepoModel.GetById 1ms app.codeStats 0ms

/trunk/Kona.Web/Controllers/AuthenticationController.cs

#
C# | 130 lines | 97 code | 27 blank | 6 comment | 12 complexity | c74c339b76fa45579d0d55699ea74f3f MD5 | raw file
Possible License(s): BSD-3-Clause
  1using System;
  2using System.Collections.Generic;
  3using System.Linq;
  4using System.Web;
  5using System.Web.Mvc;
  6using System.Web.Mvc.Ajax;
  7using Kona.Infrastructure;
  8using System.Web.Security;
  9using Kona.Model;
 10using System.Net;
 11using System.Xml.Linq;
 12
 13namespace Kona.Web.App.Controllers
 14{
 15    public class AuthenticationController : KonaController
 16    {
 17
 18        IAuthenticationService _authService;
 19        ICMSRepository _cmsRepository;
 20        ICustomerRepository _customerRepository;
 21        IObjectStore _objectStore;
 22
 23        public AuthenticationController(ICustomerRepository customerRepository,
 24            ICMSRepository cmsRepository,
 25            IObjectStore objectStore,
 26            IAuthenticationService authService) : base(customerRepository,objectStore,cmsRepository) {
 27            _authService = authService;
 28            _cmsRepository = cmsRepository;
 29            _objectStore = objectStore;
 30            _customerRepository = customerRepository;
 31
 32        }
 33
 34        public ActionResult Login() {
 35
 36
 37            string login = Request.Form["username"];
 38            string password = Request.Form["password"];
 39            string remember = Request.Form["rememberMe"];
 40            bool setCookie = false;
 41            if (!string.IsNullOrEmpty(remember))
 42                setCookie = remember == "true";
 43
 44            if (!String.IsNullOrEmpty(login) && !String.IsNullOrEmpty(password)) {
 45                bool isValid = _authService.IsValidLogin(login, password);
 46
 47                //log them in 
 48                if (isValid) {
 49                    if (setCookie)
 50                        FormsAuthentication.SetAuthCookie(login, true);
 51                    return AuthAndRedirect(login, login);
 52                }
 53            }
 54            return View();
 55
 56
 57        }
 58
 59        public ActionResult ReceiveToken(string token) {
 60
 61            //you'll want to replace this with your own :)
 62            string parameters = String.Format("apiKey={0}&token={1}&format=xml", this.SiteData.RPXAPIKey, token);
 63            string response;
 64            using (var w = new WebClient()) {
 65                response = w.UploadString("https://rpxnow.com/api/v2/auth_info", parameters);
 66            }
 67            var xmlResponse = XDocument.Parse(response);
 68            var userProfile = (from x in xmlResponse.Descendants("profile")
 69                               select new
 70                               {
 71                                   id = x.Element("identifier").Value,
 72                                   userName = (string)x.Element("preferredUsername") ?? "No Preferred Username",
 73                                   displayname = (string)x.Element("displayName") ?? "No Display Name",
 74                                   email = (string)x.Element("email") ?? "No Email"
 75                               }).SingleOrDefault();
 76            //We store the unique ID for that user in the FormsAuth additional data. 
 77            // That's the Users GUID, for all intents.
 78            //hopefully we have something...
 79            if (userProfile != null) {
 80                string friendly=userProfile.userName;
 81                if (!string.IsNullOrEmpty(userProfile.displayname))
 82                    friendly = userProfile.displayname;
 83
 84                //We store the unique ID for that user in the FormsAuth additional data. 
 85                return AuthAndRedirect(userProfile.id, friendly);
 86            } else {
 87                return RedirectToAction("Index", "Home");
 88            }
 89        }
 90        ActionResult AuthAndRedirect(string userName, string friendlyName) {
 91
 92            string returnUrl = Request["ReturnUrl"];
 93            SetCookies(userName, friendlyName);
 94
 95            if (!String.IsNullOrEmpty(returnUrl)) {
 96                return Redirect(returnUrl);
 97            } else {
 98                return RedirectToAction("Index", "Home");
 99            }
100        }
101
102        void SetCookies(string userName, string friendlyName) {
103            Response.Cookies["shopper"].Value = userName;
104            Response.Cookies["shopper"].Expires = DateTime.Now.AddDays(30);
105            Response.Cookies["shopper"].HttpOnly = true;
106
107            Response.Cookies["shopperName"].Value = friendlyName;
108            Response.Cookies["shopperName"].Expires = DateTime.Now.AddDays(30);
109            Response.Cookies["shopperName"].HttpOnly = true;
110
111            FormsAuthentication.SetAuthCookie(userName, true);
112        }
113
114
115
116
117        public ActionResult Logout() {
118            Response.Cookies["shopper"].Value = null;
119            Response.Cookies["shopper"].Expires = DateTime.Now.AddDays(-1);
120
121            Response.Cookies["shopperName"].Value = null;
122            Response.Cookies["shopperName"].Expires = DateTime.Now.AddDays(-1);
123
124            FormsAuthentication.SignOut();
125            return RedirectToAction("Index", "Home");
126
127        }
128
129    }
130}