Created
October 15, 2015 08:41
-
-
Save chrismoutray/159e6fd74f45d88efd12 to your computer and use it in GitHub Desktop.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
[AllowAnonymous] | |
[HttpGet] | |
[Route("confirm-signup", Name = "ConfirmSignUpRoute")] | |
public async Task<IHttpActionResult> ConfirmSignUp(string userId = "", string code = "") | |
{ | |
IdentityResult confirmEmailResult = await this.AppUserManager.ConfirmEmailAsync(userId, code); | |
if (!confirmEmailResult.Succeeded) | |
{ | |
return GetErrorResult(confirmEmailResult); | |
} | |
IdentityResult addToRolesResult = await this.AppUserManager.AddToRolesAsync(userId, new string[] { "User", "Admin" }); | |
if (!addToRolesResult.Succeeded) | |
{ | |
ModelState.AddModelError("", "Failed to add user roles"); | |
return BadRequest(ModelState); | |
} | |
ApplicationUser user = await this.AppUserManager.FindByIdAsync(userId); | |
// ######################################## | |
// return token a `GRANT-ACCESS` token to allow client app to login | |
// ######################################## | |
var tokenResult = this.AppUserManager.GenerateUserTokenAsync("GRANT-ACCESS", userId); | |
string token = tokenResult.Result; | |
Uri redirectLocation = new Uri(string.Format("http://localhost:45258/#/confirm-signup?user={0}&token={1}", | |
Uri.EscapeDataString(user.UserName), Uri.EscapeDataString(token))); | |
return Redirect(redirectLocation); | |
//Uri locationHeader = new Uri(Url.Link("GetUserById", new { id = user.Id })); | |
//return Created(locationHeader, TheModelFactory.Create(user)); | |
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
$stateProvider | |
.state('confirm-signup', { | |
url: '/confirm-signup?user&token', | |
views: { | |
"main": { | |
controller: 'ConfirmSignUpCtrl', | |
templateUrl: 'signup/confirm-signup.tpl.html' | |
} | |
}, | |
data: {pageTitle: 'Confirm Sign Up'}, | |
resolve: { | |
isConfirmSuccessful: ['$stateParams', 'authService', function ($stateParams, authService) { | |
if ($stateParams.user !== undefined && $stateParams.token !== undefined) { | |
var vm = { | |
username: $stateParams.user, | |
password: $stateParams.token | |
}; | |
// login using token as password | |
authService | |
.login(vm) | |
.then(function (response) { | |
$location.path('/confirm-details'); | |
}, | |
function (err) { | |
$scope.message = err.error_description; | |
}); | |
} | |
return false; | |
}] | |
} | |
}); |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
public override async Task GrantResourceOwnerCredentials(OAuthGrantResourceOwnerCredentialsContext context) | |
{ | |
var allowedOrigin = "*"; | |
context.OwinContext.Response.Headers.Add("Access-Control-Allow-Origin", new[] { allowedOrigin }); | |
var userManager = context.OwinContext.GetUserManager<ApplicationUserManager>(); | |
ApplicationUser user = await userManager.FindAsync(context.UserName, context.Password); | |
if (user == null) | |
{ | |
user = await userManager.FindByNameAsync(context.UserName); | |
if (user == null) | |
{ | |
context.SetError("invalid_grant", "The user name or password is incorrect."); | |
return; | |
} | |
string token = context.Password; | |
bool result = await userManager.VerifyUserTokenAsync(user.Id, "GRANT-ACCESS", token); | |
if (result == false) | |
{ | |
context.SetError("invalid_grant", "The user was found but the password was incorrect."); | |
return; | |
} | |
} | |
if (!user.EmailConfirmed) | |
{ | |
context.SetError("invalid_grant", "User did not confirm email."); | |
return; | |
} | |
ClaimsIdentity oAuthIdentity = await user.GenerateUserIdentityAsync(userManager, "JWT"); | |
var ticket = new AuthenticationTicket(oAuthIdentity, null); | |
context.Validated(ticket); | |
} |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment