PageRenderTime 53ms CodeModel.GetById 27ms RepoModel.GetById 0ms app.codeStats 1ms

/Employee Accounting/EmployeeAccWebProj/EmployeeAccWebProj/Controllers/ManageController.cs

https://gitlab.com/Reznichenko/MVC
C# | 386 lines | 316 code | 32 blank | 38 comment | 50 complexity | c857f4728c2399691fadb97b04861d39 MD5 | raw file
  1. using System.Linq;
  2. using System.Threading.Tasks;
  3. using System.Web;
  4. using System.Web.Mvc;
  5. using Microsoft.AspNet.Identity;
  6. using Microsoft.AspNet.Identity.Owin;
  7. using Microsoft.Owin.Security;
  8. using EmployeeAccWebProj.Models;
  9. namespace EmployeeAccWebProj.Controllers
  10. {
  11. [Authorize]
  12. public class ManageController : Controller
  13. {
  14. private ApplicationSignInManager _signInManager;
  15. private ApplicationUserManager _userManager;
  16. public ManageController()
  17. {
  18. }
  19. public ManageController(ApplicationUserManager userManager, ApplicationSignInManager signInManager)
  20. {
  21. UserManager = userManager;
  22. SignInManager = signInManager;
  23. }
  24. public ApplicationSignInManager SignInManager
  25. {
  26. get
  27. {
  28. return _signInManager ?? HttpContext.GetOwinContext().Get<ApplicationSignInManager>();
  29. }
  30. private set
  31. {
  32. _signInManager = value;
  33. }
  34. }
  35. public ApplicationUserManager UserManager
  36. {
  37. get
  38. {
  39. return _userManager ?? HttpContext.GetOwinContext().GetUserManager<ApplicationUserManager>();
  40. }
  41. private set
  42. {
  43. _userManager = value;
  44. }
  45. }
  46. //
  47. // GET: /Manage/Index
  48. public async Task<ActionResult> Index(ManageMessageId? message)
  49. {
  50. ViewBag.StatusMessage =
  51. message == ManageMessageId.ChangePasswordSuccess ? "Your password has been changed."
  52. : message == ManageMessageId.SetPasswordSuccess ? "Your password has been set."
  53. : message == ManageMessageId.SetTwoFactorSuccess ? "Your two-factor authentication provider has been set."
  54. : message == ManageMessageId.Error ? "An error has occurred."
  55. : message == ManageMessageId.AddPhoneSuccess ? "Your phone number was added."
  56. : message == ManageMessageId.RemovePhoneSuccess ? "Your phone number was removed."
  57. : "";
  58. var userId = User.Identity.GetUserId();
  59. var model = new IndexViewModel
  60. {
  61. HasPassword = HasPassword(),
  62. PhoneNumber = await UserManager.GetPhoneNumberAsync(userId),
  63. TwoFactor = await UserManager.GetTwoFactorEnabledAsync(userId),
  64. Logins = await UserManager.GetLoginsAsync(userId),
  65. BrowserRemembered = await AuthenticationManager.TwoFactorBrowserRememberedAsync(userId)
  66. };
  67. return View(model);
  68. }
  69. //
  70. // POST: /Manage/RemoveLogin
  71. [HttpPost]
  72. [ValidateAntiForgeryToken]
  73. public async Task<ActionResult> RemoveLogin(string loginProvider, string providerKey)
  74. {
  75. ManageMessageId? message;
  76. var result = await UserManager.RemoveLoginAsync(User.Identity.GetUserId(), new UserLoginInfo(loginProvider, providerKey));
  77. if (result.Succeeded)
  78. {
  79. var user = await UserManager.FindByIdAsync(User.Identity.GetUserId());
  80. if (user != null)
  81. {
  82. await SignInManager.SignInAsync(user, isPersistent: false, rememberBrowser: false);
  83. }
  84. message = ManageMessageId.RemoveLoginSuccess;
  85. }
  86. else
  87. {
  88. message = ManageMessageId.Error;
  89. }
  90. return RedirectToAction("ManageLogins", new { Message = message });
  91. }
  92. //
  93. // GET: /Manage/AddPhoneNumber
  94. public ActionResult AddPhoneNumber()
  95. {
  96. return View();
  97. }
  98. //
  99. // POST: /Manage/AddPhoneNumber
  100. [HttpPost]
  101. [ValidateAntiForgeryToken]
  102. public async Task<ActionResult> AddPhoneNumber(AddPhoneNumberViewModel model)
  103. {
  104. if (!ModelState.IsValid)
  105. {
  106. return View(model);
  107. }
  108. // Generate the token and send it
  109. var code = await UserManager.GenerateChangePhoneNumberTokenAsync(User.Identity.GetUserId(), model.Number);
  110. if (UserManager.SmsService != null)
  111. {
  112. var message = new IdentityMessage
  113. {
  114. Destination = model.Number,
  115. Body = "Your security code is: " + code
  116. };
  117. await UserManager.SmsService.SendAsync(message);
  118. }
  119. return RedirectToAction("VerifyPhoneNumber", new { PhoneNumber = model.Number });
  120. }
  121. //
  122. // POST: /Manage/EnableTwoFactorAuthentication
  123. [HttpPost]
  124. [ValidateAntiForgeryToken]
  125. public async Task<ActionResult> EnableTwoFactorAuthentication()
  126. {
  127. await UserManager.SetTwoFactorEnabledAsync(User.Identity.GetUserId(), true);
  128. var user = await UserManager.FindByIdAsync(User.Identity.GetUserId());
  129. if (user != null)
  130. {
  131. await SignInManager.SignInAsync(user, isPersistent: false, rememberBrowser: false);
  132. }
  133. return RedirectToAction("Index", "Manage");
  134. }
  135. //
  136. // POST: /Manage/DisableTwoFactorAuthentication
  137. [HttpPost]
  138. [ValidateAntiForgeryToken]
  139. public async Task<ActionResult> DisableTwoFactorAuthentication()
  140. {
  141. await UserManager.SetTwoFactorEnabledAsync(User.Identity.GetUserId(), false);
  142. var user = await UserManager.FindByIdAsync(User.Identity.GetUserId());
  143. if (user != null)
  144. {
  145. await SignInManager.SignInAsync(user, isPersistent: false, rememberBrowser: false);
  146. }
  147. return RedirectToAction("Index", "Manage");
  148. }
  149. //
  150. // GET: /Manage/VerifyPhoneNumber
  151. public async Task<ActionResult> VerifyPhoneNumber(string phoneNumber)
  152. {
  153. var code = await UserManager.GenerateChangePhoneNumberTokenAsync(User.Identity.GetUserId(), phoneNumber);
  154. // Send an SMS through the SMS provider to verify the phone number
  155. return phoneNumber == null ? View("Error") : View(new VerifyPhoneNumberViewModel { PhoneNumber = phoneNumber });
  156. }
  157. //
  158. // POST: /Manage/VerifyPhoneNumber
  159. [HttpPost]
  160. [ValidateAntiForgeryToken]
  161. public async Task<ActionResult> VerifyPhoneNumber(VerifyPhoneNumberViewModel model)
  162. {
  163. if (!ModelState.IsValid)
  164. {
  165. return View(model);
  166. }
  167. var result = await UserManager.ChangePhoneNumberAsync(User.Identity.GetUserId(), model.PhoneNumber, model.Code);
  168. if (result.Succeeded)
  169. {
  170. var user = await UserManager.FindByIdAsync(User.Identity.GetUserId());
  171. if (user != null)
  172. {
  173. await SignInManager.SignInAsync(user, isPersistent: false, rememberBrowser: false);
  174. }
  175. return RedirectToAction("Index", new { Message = ManageMessageId.AddPhoneSuccess });
  176. }
  177. // If we got this far, something failed, redisplay form
  178. ModelState.AddModelError("", "Failed to verify phone");
  179. return View(model);
  180. }
  181. //
  182. // GET: /Manage/RemovePhoneNumber
  183. public async Task<ActionResult> RemovePhoneNumber()
  184. {
  185. var result = await UserManager.SetPhoneNumberAsync(User.Identity.GetUserId(), null);
  186. if (!result.Succeeded)
  187. {
  188. return RedirectToAction("Index", new { Message = ManageMessageId.Error });
  189. }
  190. var user = await UserManager.FindByIdAsync(User.Identity.GetUserId());
  191. if (user != null)
  192. {
  193. await SignInManager.SignInAsync(user, isPersistent: false, rememberBrowser: false);
  194. }
  195. return RedirectToAction("Index", new { Message = ManageMessageId.RemovePhoneSuccess });
  196. }
  197. //
  198. // GET: /Manage/ChangePassword
  199. public ActionResult ChangePassword()
  200. {
  201. return View();
  202. }
  203. //
  204. // POST: /Manage/ChangePassword
  205. [HttpPost]
  206. [ValidateAntiForgeryToken]
  207. public async Task<ActionResult> ChangePassword(ChangePasswordViewModel model)
  208. {
  209. if (!ModelState.IsValid)
  210. {
  211. return View(model);
  212. }
  213. var result = await UserManager.ChangePasswordAsync(User.Identity.GetUserId(), model.OldPassword, model.NewPassword);
  214. if (result.Succeeded)
  215. {
  216. var user = await UserManager.FindByIdAsync(User.Identity.GetUserId());
  217. if (user != null)
  218. {
  219. await SignInManager.SignInAsync(user, isPersistent: false, rememberBrowser: false);
  220. }
  221. return RedirectToAction("Index", new { Message = ManageMessageId.ChangePasswordSuccess });
  222. }
  223. AddErrors(result);
  224. return View(model);
  225. }
  226. //
  227. // GET: /Manage/SetPassword
  228. public ActionResult SetPassword()
  229. {
  230. return View();
  231. }
  232. //
  233. // POST: /Manage/SetPassword
  234. [HttpPost]
  235. [ValidateAntiForgeryToken]
  236. public async Task<ActionResult> SetPassword(SetPasswordViewModel model)
  237. {
  238. if (ModelState.IsValid)
  239. {
  240. var result = await UserManager.AddPasswordAsync(User.Identity.GetUserId(), model.NewPassword);
  241. if (result.Succeeded)
  242. {
  243. var user = await UserManager.FindByIdAsync(User.Identity.GetUserId());
  244. if (user != null)
  245. {
  246. await SignInManager.SignInAsync(user, isPersistent: false, rememberBrowser: false);
  247. }
  248. return RedirectToAction("Index", new { Message = ManageMessageId.SetPasswordSuccess });
  249. }
  250. AddErrors(result);
  251. }
  252. // If we got this far, something failed, redisplay form
  253. return View(model);
  254. }
  255. //
  256. // GET: /Manage/ManageLogins
  257. public async Task<ActionResult> ManageLogins(ManageMessageId? message)
  258. {
  259. ViewBag.StatusMessage =
  260. message == ManageMessageId.RemoveLoginSuccess ? "The external login was removed."
  261. : message == ManageMessageId.Error ? "An error has occurred."
  262. : "";
  263. var user = await UserManager.FindByIdAsync(User.Identity.GetUserId());
  264. if (user == null)
  265. {
  266. return View("Error");
  267. }
  268. var userLogins = await UserManager.GetLoginsAsync(User.Identity.GetUserId());
  269. var otherLogins = AuthenticationManager.GetExternalAuthenticationTypes().Where(auth => userLogins.All(ul => auth.AuthenticationType != ul.LoginProvider)).ToList();
  270. ViewBag.ShowRemoveButton = user.PasswordHash != null || userLogins.Count > 1;
  271. return View(new ManageLoginsViewModel
  272. {
  273. CurrentLogins = userLogins,
  274. OtherLogins = otherLogins
  275. });
  276. }
  277. //
  278. // POST: /Manage/LinkLogin
  279. [HttpPost]
  280. [ValidateAntiForgeryToken]
  281. public ActionResult LinkLogin(string provider)
  282. {
  283. // Request a redirect to the external login provider to link a login for the current user
  284. return new AccountController.ChallengeResult(provider, Url.Action("LinkLoginCallback", "Manage"), User.Identity.GetUserId());
  285. }
  286. //
  287. // GET: /Manage/LinkLoginCallback
  288. public async Task<ActionResult> LinkLoginCallback()
  289. {
  290. var loginInfo = await AuthenticationManager.GetExternalLoginInfoAsync(XsrfKey, User.Identity.GetUserId());
  291. if (loginInfo == null)
  292. {
  293. return RedirectToAction("ManageLogins", new { Message = ManageMessageId.Error });
  294. }
  295. var result = await UserManager.AddLoginAsync(User.Identity.GetUserId(), loginInfo.Login);
  296. return result.Succeeded ? RedirectToAction("ManageLogins") : RedirectToAction("ManageLogins", new { Message = ManageMessageId.Error });
  297. }
  298. protected override void Dispose(bool disposing)
  299. {
  300. if (disposing && _userManager != null)
  301. {
  302. _userManager.Dispose();
  303. _userManager = null;
  304. }
  305. base.Dispose(disposing);
  306. }
  307. #region Helpers
  308. // Used for XSRF protection when adding external logins
  309. private const string XsrfKey = "XsrfId";
  310. private IAuthenticationManager AuthenticationManager
  311. {
  312. get
  313. {
  314. return HttpContext.GetOwinContext().Authentication;
  315. }
  316. }
  317. private void AddErrors(IdentityResult result)
  318. {
  319. foreach (var error in result.Errors)
  320. {
  321. ModelState.AddModelError("", error);
  322. }
  323. }
  324. private bool HasPassword()
  325. {
  326. var user = UserManager.FindById(User.Identity.GetUserId());
  327. if (user != null)
  328. {
  329. return user.PasswordHash != null;
  330. }
  331. return false;
  332. }
  333. private bool HasPhoneNumber()
  334. {
  335. var user = UserManager.FindById(User.Identity.GetUserId());
  336. if (user != null)
  337. {
  338. return user.PhoneNumber != null;
  339. }
  340. return false;
  341. }
  342. public enum ManageMessageId
  343. {
  344. AddPhoneSuccess,
  345. ChangePasswordSuccess,
  346. SetTwoFactorSuccess,
  347. SetPasswordSuccess,
  348. RemoveLoginSuccess,
  349. RemovePhoneSuccess,
  350. Error
  351. }
  352. #endregion
  353. }
  354. }