paul/yavsc
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

New features & bug fixes

Browse Source 
# New

* A name for email dests
* Some json response at signin

# Fixes

* A bad redirect to null at login
This commit is contained in:
Paul Schneider
2018-01-09 14:11:27 +01:00
parent 1686504aea
commit 863cac25eb
7 changed files with 71 additions and 29 deletions
Download Patch File Download Diff File Expand all files Collapse all files

31
Yavsc/Controllers/AccountController.cs
View File

@ -11,6 +11,7 @@ using Microsoft.AspNet.Mvc.Rendering;
using Microsoft.Extensions.Logging;
using Microsoft.Extensions.OptionsModel;
using Microsoft.AspNet.Http;
using Yavsc.Helpers;
using Yavsc.Models;
using Yavsc.Services;
using Yavsc.ViewModels.Account;
@ -78,10 +79,11 @@ namespace Yavsc.Controllers
// party identity provider.
return View(new SignInViewModel
{
ReturnUrl = returnUrl,
ReturnUrl = returnUrl ?? "/",
ExternalProviders = HttpContext.GetExternalProviders()
});
/* Note: When using an external login provider, redirect the query :
/*
Note: When using an external login provider, redirect the query :
var properties = _signInManager.ConfigureExternalAuthenticationProperties(OpenIdConnectDefaults.AuthenticationScheme, returnUrl);
return new ChallengeResult(OpenIdConnectDefaults.AuthenticationScheme, properties);
*/
@ -104,11 +106,10 @@ namespace Yavsc.Controllers
{
if (Request.Method == "POST")
{
if (model.Provider == "LOCAL")
if (model.Provider ==null || model.Provider == "LOCAL")
{
if (ModelState.IsValid)
{
/*
var user = await _userManager.FindByNameAsync(model.UserName);
if (user != null)
{
@ -119,7 +120,6 @@ namespace Yavsc.Controllers
return View(model);
}
}
*/
// This doesn't count login failures towards account lockout
// To enable password failures to trigger account lockout, set lockoutOnFailure: true
@ -127,7 +127,7 @@ namespace Yavsc.Controllers
if (result.Succeeded)
{
return Redirect(model.ReturnUrl);
return Redirect(model.ReturnUrl ?? "/");
}
if (result.RequiresTwoFactor)
{
@ -136,13 +136,13 @@ namespace Yavsc.Controllers
if (result.IsLockedOut)
{
_logger.LogWarning(2, "User account locked out.");
return View("Lockout");
return this.ViewOk("Lockout");
}
else
{
ModelState.AddModelError(string.Empty, "Invalid login attempt.");
model.ExternalProviders = HttpContext.GetExternalProviders();
return View(model);
return this.ViewOk(model);
}
}
@ -213,7 +213,7 @@ namespace Yavsc.Controllers
if (result.Succeeded)
{
_logger.LogInformation(3, "User created a new account with password.");
await _emailSender.SendEmailAsync(_siteSettings, _smtpSettings, Startup.SiteSetup.Owner.EMail,
await _emailSender.SendEmailAsync(_siteSettings, _smtpSettings, Startup.SiteSetup.Owner.Name, Startup.SiteSetup.Owner.EMail,
$"[{_siteSettings.Title}] Inscription avec mot de passe: {user.UserName} ", $"{user.Id}/{user.UserName}/{user.Email}");
// TODO user.DiskQuota = Startup.SiteSetup.UserFiles.Quota;
@ -221,7 +221,7 @@ namespace Yavsc.Controllers
// Send an email with this link
var code = await _userManager.GenerateEmailConfirmationTokenAsync(user);
var callbackUrl = Url.Action("ConfirmEmail", "Account", new { userId = user.Id, code = code }, protocol: HttpContext.Request.Scheme);
var emailSent = await _emailSender.SendEmailAsync(_siteSettings, _smtpSettings, model.Email, _localizer["ConfirmYourAccountTitle"],
var emailSent = await _emailSender.SendEmailAsync(_siteSettings, _smtpSettings, model.UserName, model.Email, _localizer["ConfirmYourAccountTitle"],
string.Format(_localizer["ConfirmYourAccountBody"], _siteSettings.Title, callbackUrl, _siteSettings.Slogan, _siteSettings.Audience));
await _signInManager.SignInAsync(user, isPersistent: false);
if (!emailSent)
@ -259,7 +259,7 @@ namespace Yavsc.Controllers
{
var code = await _userManager.GenerateEmailConfirmationTokenAsync(user);
var callbackUrl = Url.Action("ConfirmEmail", "Account", new { userId = user.Id, code = code }, protocol: HttpContext.Request.Scheme);
var res = await _emailSender.SendEmailAsync(_siteSettings, _smtpSettings, user.Email, "Confirm your account",
var res = await _emailSender.SendEmailAsync(_siteSettings, _smtpSettings, user.UserName, user.Email, "Confirm your account",
"Please confirm your account by clicking this link: <a href=\"" + callbackUrl + "\">link</a>");
return res;
}
@ -372,7 +372,7 @@ namespace Yavsc.Controllers
await _signInManager.SignInAsync(user, isPersistent: false);
await _emailSender.SendEmailAsync(_siteSettings, _smtpSettings, Startup.SiteSetup.Owner.EMail,
await _emailSender.SendEmailAsync(_siteSettings, _smtpSettings, Startup.SiteSetup.Owner.Name, Startup.SiteSetup.Owner.EMail,
$"[{_siteSettings.Title}] Inscription via {info.LoginProvider}: {user.UserName} ", $"{user.Id}/{user.UserName}/{user.Email}");
_logger.LogInformation(6, "User created an account using {Name} provider.", info.LoginProvider);
@ -424,11 +424,12 @@ namespace Yavsc.Controllers
if (ModelState.IsValid)
{
ApplicationUser user;
// Username should not contain any '@'
if (model.LoginOrEmail.Contains('@')) {
user = await _userManager.FindByEmailAsync(model.LoginOrEmail);
}
else {
user = await _userManager.FindByNameAsync(model.LoginOrEmail);
user = await _dbContext.Users.FirstOrDefaultAsync( u => u.UserName == model.LoginOrEmail);
}
// Don't reveal that the user does not exist or is not confirmed
@ -450,7 +451,7 @@ namespace Yavsc.Controllers
// Send an email with this link
var code = await _userManager.GeneratePasswordResetTokenAsync(user);
var callbackUrl = Url.Action("ResetPassword", "Account", new { userId = user.Id, code = code }, protocol: HttpContext.Request.Scheme);
await _emailSender.SendEmailAsync(_siteSettings, _smtpSettings, model.LoginOrEmail, _localizer["Reset Password"],
await _emailSender.SendEmailAsync(_siteSettings, _smtpSettings, user.UserName, user.Email, _localizer["Reset Password"],
_localizer["Please reset your password by following this link:"] + " <" + callbackUrl + ">");
return View("ForgotPasswordConfirmation");
}
@ -565,7 +566,7 @@ namespace Yavsc.Controllers
}
else // if (model.SelectedProvider == Constants.EMailFactor || model.SelectedProvider == "Default" )
{
await _emailSender.SendEmailAsync(_siteSettings, _smtpSettings, await _userManager.GetEmailAsync(user), "Security Code", message);
await _emailSender.SendEmailAsync(_siteSettings, _smtpSettings,user.UserName, await _userManager.GetEmailAsync(user), "Security Code", message);
}
return RedirectToAction(nameof(VerifyCode), new { Provider = model.SelectedProvider, ReturnUrl = model.ReturnUrl, RememberMe = model.RememberMe });
}

1
Yavsc/Controllers/CommandController.cs
View File

@ -181,6 +181,7 @@ namespace Yavsc.Controllers
await _emailSender.SendEmailAsync(
_siteSettings, _smtpSettings,
command.PerformerProfile.Performer.UserName,
command.PerformerProfile.Performer.Email,
$"{command.Client.UserName} (un client) vous demande un rendez-vous",
$"{yaev.Message}\r\n-- \r\n{yaev.Previsional}\r\n{yaev.EventDate}\r\n"

3
Yavsc/Controllers/Haircut/HairCutCommandController.cs
View File

@ -142,6 +142,7 @@ Le client final: {clientFinal}
ViewBag.EmailSent = await _emailSender.SendEmailAsync(
_siteSettings, _smtpSettings,
command.PerformerProfile.Performer.UserName,
command.PerformerProfile.Performer.Email,
yaev.Reason,
$"{yaev.Message}\r\n-- \r\n{yaev.Previsional}\r\n{yaev.EventDate}\r\n"
@ -330,6 +331,7 @@ Le client final: {clientFinal}
await _emailSender.SendEmailAsync(
_siteSettings, _smtpSettings,
pro.Performer.UserName,
pro.Performer.Email,
yaev.Reason,
$"{yaev.Message}\r\n-- \r\n{yaev.Previsional}\r\n{yaev.EventDate}\r\n"
@ -486,6 +488,7 @@ Le client final: {clientFinal}
await _emailSender.SendEmailAsync(
_siteSettings, _smtpSettings,
command.PerformerProfile.Performer.UserName,
command.PerformerProfile.Performer.Email,
yaev.Topic + " " + yaev.Sender,
$"{yaev.Message}\r\n-- \r\n{yaev.Previsional}\r\n{yaev.EventDate}\r\n"

22
Yavsc/Controllers/OAuthController.cs
View File

@ -12,20 +12,13 @@ using Microsoft.Extensions.Logging;
using Microsoft.Extensions.OptionsModel;
using Microsoft.Extensions.Primitives;
using OAuth.AspNet.AuthServer;
using Yavsc.Helpers;
using Yavsc.Models;
using Yavsc.Models.Auth;
using Yavsc.ViewModels.Account;
namespace Yavsc.Controllers
{
public class TokenResponse
{
public string access_token { get; set; }
public int expires_in { get; set; }
public string grant_type { get; set; }
public int entity_id { get; set; }
}
[AllowAnonymous]
public class OAuthController : Controller
{
@ -93,7 +86,7 @@ namespace Yavsc.Controllers
}
return new { authenticated = false };
} */
[HttpGet("~/api/getclaims"), Produces("application/json")]
@ -152,7 +145,7 @@ namespace Yavsc.Controllers
var model = new AuthorisationView {
Scopes = Constants.SiteScopes.Where(s=> scopes.Contains(s.Id)).ToArray(),
Message = "Welcome."
Message = "Bienvenue."
} ;
if (Request.Method == "POST")
@ -184,6 +177,13 @@ namespace Yavsc.Controllers
}
}
if (Request.Headers.Keys.Contains("Accept")) {
var accepted = Request.Headers["Accept"];
if (accepted == "application/json")
{
return Ok(model);
}
}
return View(model);
}

37
Yavsc/Helpers/ControllerHelpers.cs
View File

@ -31,5 +31,42 @@ namespace Yavsc.Helpers
return notifs;
}
/// <summary>
/// If Json is accepted, serve json,
/// if not, serve a web page.
/// </summary>
/// <param name="controller"></param>
/// <param name="model"></param>
/// <returns></returns>
public static IActionResult ViewOk(this Controller controller, object model)
{
IActionResult result;
if (JsonResponse(controller, model, out result)) return result;
else return controller.View(model);
}
static bool JsonResponse(this Controller controller, object model, out IActionResult result){
if (controller.Request.Headers.Keys.Contains("Accept")) {
var accepted = controller.Request.Headers["Accept"];
if (accepted == "application/json")
{
if (controller.ModelState.ErrorCount>0)
result = controller.HttpBadRequest(controller.ModelState);
else
result = controller.Ok(model);
return true;
}
}
result = null;
return false;
}
public static IActionResult ViewOk(this Controller controller, string viewname, object model = null)
{
IActionResult result;
if (JsonResponse(controller, model, out result)) return result;
else return controller.View(viewname, model);
}
}
}

2
Yavsc/Services/IEmailSender.cs
View File

@ -5,6 +5,6 @@ namespace Yavsc.Services
{
public interface IEmailSender
{
Task<bool> SendEmailAsync(SiteSettings siteSettings, SmtpSettings smtpSettings, string email, string subject, string message);
Task<bool> SendEmailAsync(SiteSettings siteSettings, SmtpSettings smtpSettings, string username, string email, string subject, string message);
}
}

4
Yavsc/Services/MessageServices.cs
View File

@ -44,7 +44,7 @@ namespace Yavsc.Services
return await googleSettings.NotifyEvent<HairCutQueryEvent>(registrationIds, ev);
}
public Task<bool> SendEmailAsync(SiteSettings siteSettings, SmtpSettings smtpSettings, string email, string subject, string message)
public Task<bool> SendEmailAsync(SiteSettings siteSettings, SmtpSettings smtpSettings, string username, string email, string subject, string message)
{
try
{
@ -52,7 +52,7 @@ namespace Yavsc.Services
msg.From.Add(new MailboxAddress(
siteSettings.Owner.Name,
siteSettings.Owner.EMail));
msg.To.Add(new MailboxAddress("", email));
msg.To.Add(new MailboxAddress(username, email));
msg.Body = new TextPart("plain")
{
Text = message