maxtoroq / mvcaccount Goto Github PK
View Code? Open in Web Editor NEWAuthentication and Account Management plugin for ASP.NET MVC
License: Apache License 2.0
Authentication and Account Management plugin for ASP.NET MVC
License: Apache License 2.0
This has been broken since v0.9
By using namespaces it was no longer possible to ship a single Object.cshtml to be used for all models. The workaround was to use an explicit template reference, e.g. @inputHtml.EditorForModel("../../Shared/EditorTemplates/Object")
, since it's always found the framework never attempts to look in EditorTemplates.
The workaround is to override the view and change to @inputHtml.EditorForModel()
.
Point out important part in installation instructions
Tell to add:
Global.asax.cs
ViewEngines.Engines.EnableCodeRouting();
NotFoundMvc provides a user-friendly '404' page whenever a controller, action or route is not found in an ASP.NET MVC3 application (https://github.com/andrewdavey/NotFoundMvc).
The MvcAccount Sign In page doesn't work properly when the application is using NotFoundMvc.
Install-Package NotFoundMvc
.The usual Username and password do not match message should be displayed.
Add Response.TrySkipIisCustomErrors = true;
to SignIn method (the second overload) of AuthController class.
public ActionResult SignIn(SignInInput input, string returnUrl) {
.
.
.
if (result.IsError) {
Response.TrySkipIisCustomErrors = true;
return View().WithErrors(result);
}
.
.
.
Otherwise, to make sure this kind of issue doesn't occur to other MvcAccount pages, add Response.TrySkipIisCustomErrors = true;
to ExecuteResult method of OperationActionResult class in operationmodel library (https://github.com/maxtoroq/operationmodel).
public override void ExecuteResult(ControllerContext context) {
HttpResponseBase response = context.HttpContext.Response;
response.TrySkipIisCustomErrors = true;
if (this.operationResult != null) {
.
.
.
More about TrySkipIisCustomErrors: http://blog.janjonas.net/2011-04-13/asp_net-prevent-iis_75_overriding-custom-error-page-iis-default-error-page .
How do I do that?
When trying to reset the password, an HttpException may occur if the id parameter of the reset URL contains an invalid value.
It should return status code 404 Not Found so that a proper error page can be displayed to user.
The culprit is the call to MachineKey.Decode in Parse method of VerificationData class.
That could be solved by catching HttpException and returning null, just like ArgumentException.
public static VerificationData Parse(string cipher) {
.
.
.
try {
ticketBytes = MachineKey.Decode(cipher, MachineKeyProtection.Encryption);
} catch (ArgumentException) {
return null;
} catch (HttpException) {
return null;
}
.
.
.
There are many properties that users probably don't care about, e.g. FailedSignInAttempts, FailedSignInAttemptWindowStart, EmailVerificationTicketExpiration, EmailChangeTicketExpiration, PasswordResetTicketExpiration. Instead of having to implement explicit properties/columns for these we could hide them in a single property, used exclusively by MvcAccount, in url encoded or JSON format. If an explicit property already exists that is used instead.
Another benefit is that, if new functionality that requires persistence is implemented, there would be no need to do an upgrade of the code or database schema.
Hi maxtoroq, I started implementing MvcAccount for use on the new LaunchBox Games Database website here: http://gamesdb.launchbox-app.com.
It's been great and is working really well so far, so thank you very much. The only missing pieces at this point are registration and HTML email messages.
Registration I've been able to implement myself, but it's been somewhat of a challenge primarily due to the use of internal classes. In order to make use of updates, I'd rather not copy the code into my project and tweak it there; I'd rather continue to use the Nuget packages, but the internal classes are making it a tad bit difficult. How would you suggest I send the email out to verify the user's email after registration?
Also per the emails, I'd like to figure out how to make them HTML-driven. I think it'd be easy if I were somehow able to override the IAccountContext.RenderEmailView method, but it's internal so I don't see an easy way to do that. Would you have a recommended solution for that?
Again thank you very much for this project and any help you can provide.
Thanks,
Jason
Need to wait for fix, or workaroud this issue.
A declarative, efficient, and flexible JavaScript library for building user interfaces.
๐ Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
The Web framework for perfectionists with deadlines.
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. ๐๐๐
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
We are working to build community through open source technology. NB: members must have two-factor auth.
Open source projects and samples from Microsoft.
Google โค๏ธ Open Source for everyone.
Alibaba Open Source for everyone
Data-Driven Documents codes.
China tencent open source team.