Skip to content

Instantly share code, notes, and snippets.

Embed
What would you like to do?
[AllowAnonymous]
[HttpGet]
[Route("confirm-signup", Name = "ConfirmSignUpRoute")]
public async Task<IHttpActionResult> ConfirmSignUp(string userId = "", string code = "")
{
IdentityResult confirmEmailResult = await this.AppUserManager.ConfirmEmailAsync(userId, code);
if (!confirmEmailResult.Succeeded)
{
return GetErrorResult(confirmEmailResult);
}
IdentityResult addToRolesResult = await this.AppUserManager.AddToRolesAsync(userId, new string[] { "User", "Admin" });
if (!addToRolesResult.Succeeded)
{
ModelState.AddModelError("", "Failed to add user roles");
return BadRequest(ModelState);
}
ApplicationUser user = await this.AppUserManager.FindByIdAsync(userId);
// ########################################
// return token a `GRANT-ACCESS` token to allow client app to login
// ########################################
var tokenResult = this.AppUserManager.GenerateUserTokenAsync("GRANT-ACCESS", userId);
string token = tokenResult.Result;
Uri redirectLocation = new Uri(string.Format("http://localhost:45258/#/confirm-signup?user={0}&token={1}",
Uri.EscapeDataString(user.UserName), Uri.EscapeDataString(token)));
return Redirect(redirectLocation);
//Uri locationHeader = new Uri(Url.Link("GetUserById", new { id = user.Id }));
//return Created(locationHeader, TheModelFactory.Create(user));
}
$stateProvider
.state('confirm-signup', {
url: '/confirm-signup?user&token',
views: {
"main": {
controller: 'ConfirmSignUpCtrl',
templateUrl: 'signup/confirm-signup.tpl.html'
}
},
data: {pageTitle: 'Confirm Sign Up'},
resolve: {
isConfirmSuccessful: ['$stateParams', 'authService', function ($stateParams, authService) {
if ($stateParams.user !== undefined && $stateParams.token !== undefined) {
var vm = {
username: $stateParams.user,
password: $stateParams.token
};
// login using token as password
authService
.login(vm)
.then(function (response) {
$location.path('/confirm-details');
},
function (err) {
$scope.message = err.error_description;
});
}
return false;
}]
}
});
public override async Task GrantResourceOwnerCredentials(OAuthGrantResourceOwnerCredentialsContext context)
{
var allowedOrigin = "*";
context.OwinContext.Response.Headers.Add("Access-Control-Allow-Origin", new[] { allowedOrigin });
var userManager = context.OwinContext.GetUserManager<ApplicationUserManager>();
ApplicationUser user = await userManager.FindAsync(context.UserName, context.Password);
if (user == null)
{
user = await userManager.FindByNameAsync(context.UserName);
if (user == null)
{
context.SetError("invalid_grant", "The user name or password is incorrect.");
return;
}
string token = context.Password;
bool result = await userManager.VerifyUserTokenAsync(user.Id, "GRANT-ACCESS", token);
if (result == false)
{
context.SetError("invalid_grant", "The user was found but the password was incorrect.");
return;
}
}
if (!user.EmailConfirmed)
{
context.SetError("invalid_grant", "User did not confirm email.");
return;
}
ClaimsIdentity oAuthIdentity = await user.GenerateUserIdentityAsync(userManager, "JWT");
var ticket = new AuthenticationTicket(oAuthIdentity, null);
context.Validated(ticket);
}
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
You can’t perform that action at this time.