I have an MVC 3 application, in which I am using actionMailer to send out emails (to the C drive for now) for Password reset etc.
The problem is I can send the e-mail and password reset no problem however there is nothing to stop the user from using that same email over and over again.
So I believe I need to send a token with the e-mail.
I've being trying to use...
var token = WebSecurity.GeneratePasswordResetToken(email);
I get following error...
You must call the "WebSecurity.InitializeDatabaseConnection" method before you call any other method of the "WebSecurity" class. This call should be placed in an _AppStart.cshtml file in the root of your site.
UPDATE: Basically I'm looking for the steps involved in doing the above for an MVC 3 application!
I have no webpages tables in my database and would prefer not to have to add such tables now.
I have searched around the web and keep getting answers related to MVC 4, which as far as I can understand as built-in facility for the above.
I have webMatrix.WebData in place in my references folder, and have set "CopyToLocal = true".
If anyone as any advice can you please be as detailed as possible in your suggestions, also I can post up whatever additional code needed. Please keep in mind this is MVC 3 application.
Related
I am trying to setup a social login for my site.
Here is what I did:
I created credentials on google and have both ClientID and Secret
In default MVC app, in App_Start Startup.Auth.cs I uncommented
app.UseGoogleAuthentication()* method, so it looks like this:
Build solution!
Made sure authorized JavaScript origins and Redirect url are correct. And other things that are needed on console.cloud.google.com are done. Including activation of Google+ API
Eventually Google authentication button should appear in _ExternalLoginsListPartial partial view. But as I can see I have 0 login providers still. And not sure why, and what can I do about it?
var loginProviders = Context.GetOwinContext().Authentication.GetExternalAuthenticationTypes();
//loginProviders.Count() here returns 0
Tried researching, but most are saying that you forgot to build, or restart the server. Tried that but nothing changed.
As last resort, I tried following a tutorial https://youtu.be/WsRyvWvo4EI?t=9m47s
I did everything as shown there, I should be able to reach api/Account/ExternalLogins?returnUrl=%2F&generateState=true url, and receive callback URL from Google.
But I got stuck with same HTTP404 error at 9:50
To answer my question, everything turns out to be fine.
All I had to do was just to give it some time.
After couple of hours, Google provider appeared on the page.
For future readers - if met with 404 in this case, another possibility is an active filtering rule against query strings in IIS. One of the commonly copy-pasted rules aiming to block SQL injection requests scans the query string for open (to catch OPEN cursor). Your OAuth request probably contains this word in the scopes section (data you want to pull from the Google profile)
IIS -> Request Filtering
Switch to the tab "Rules"
Inspect and remove any suspicious active filters there
I purchased the "real" domain name for my website and I'd like to re-direct all traffic that was going to the old site, to the new site.
Here's the scenario: I currently have http://www.wrestlestats.com, but I want to start having everyone use http://www.wrestlestat.com (note without the "s" on the end).
All of google (and I'm assuming all other search engines) return my results for the old site (with the "s").
From what I've read here, everything is just telling me to put a 301 re-direct either on the page (html meta), or in a web.config, or in the Page_Load code in the controller.
My problem is, these are assuming the old "code" is completely separate and sitting on a different server. No, I have 2 domains pointed to the same site/code. If I place the re-direct in the html meta section, then my page will just keep looping. I'm running ASP.NET Core so I don't have a web.config.
What to do for people running ASP.NET Core?
Just do it in 2 steps ---
Configure new domain (instead of old one)to your site.
Use Forward Domain from your domain control panel with the option of path forwarding.
Forward:-
http:-//www.wrestlestats.com > http:-//www.wrestlestat.com
I am integrating a .Net application with Work-front, I am supposed to create a new user in work-front from API. I have tried the steps mentioned in the link and my code https://{mycompany}.attasksandbox.com/attask/api/user?updates={emailAddr:testuserAPI#domain.com,firstName:testuser,lastName:API}&username=myname#domain.com&password=password&method=post
From my console application I get internal server error 500. From fiddler I get parse error.
https://{mycompany}.attasksandbox.com/attask/api/5.0/user?updates={"emailAddr":"testuserAPI#domain.com","firstName":"testuser","lastName":"sample","roleID":"testrole","password":"pwd123res"}&method=post&sessionID=sdfdsdf1
Above code gives unrecognized URI format: too many parts - exception
Though my requirement is to authorise using API key, I was trying possible ways of achieving it.But I am not able to create in any of the ways.However, I am able to create from UI, which confirms my ID has rights to create user. I did look into API explorer and could see named functions,but whats the approach?Is there any documentation for these complete steps? My search was in-vain. Please suggest as I am new bee to workfront. Thanks in advance!
Update 1:
I was able to create a user via the API authorising by both API key and sessionID. The parameter I missed to pass is username (not necessarily an existing username). My code is -
https://{mycompany}.attasksandbox.com/attask/api/user?updates={"firstName":"Test","lastName":"API","username":"TestAPI#domain.com","emailAddr":"test2#test.com"}&method=post&apiKey=t---------------------u
My first step is resolved. There are 2 more steps which I need to perform. Calling named action - assignUserToken. I tried the code as below and it didn't work
https://{mycompany}.attasksandbox.com/attask/api/5.0/user/ID=4556ffs3324?action=assignUserToken&apiKey=t---------------u&method=put
ID is value returned while creating a user. Error returned is -
{"error":{"class":"java.lang.IllegalArgumentException","message":"null objCode"}}
Can you share the syntax of calling this named action?
Hi Your call has a few things wrong with It
1st you are calling
api/5.0
this needs to be
api/v5.0
2nd you are calling
api/v5.0/user/ID=4556ffs3324
it should be
api/v5.0/user/4556ffs3324
Other then that I dont see anything else wrong with the call.
Creating a user via API is a 3 step process as mentioned in the link but it doesn't have syntax. The syntax and steps are as below.
Create user -
https://{yourcompany}.attasksandbox.com/attask/api/user?updates={"firstName":"Test","lastName":"API","username":"TestAPI#domain.com","emailAddr":"test#domain.com"}&method=post&apiKey=-----0l
This would return a uniqe ID on response. Use this ID value for next step.
Assign userToken -
https://{mycompany}.attasksandbox.com/attask/api/v5.0/user/12345?action=assignUserToken&apiKey=d---l&method=put
ID value is 12345. This would further return a token. Use this token value for next step.
Complete userRegistration- https://{mycompany}.attasksandbox.com/attask/api/v5.0/user/12345?action=completeUserRegistration&updates={"firstName":"Test","lastName":"API","token":"0--ab","title":"testUser","newPassword":"Password01"}&method=put&apiKey=dqy---3
That completes all the process. Now check in workfront UI.
Previously, when I tried to do an ajax call to an ashx as a non-superuser account (i.e. as portal specific user) my web server would return cookies to clear my authorization. I posted a question about this and it seemed the answer was to make sure that the portalid=xx was specified in my GET parameters.
However, I have just found out that if I add portalid=xx in a POST request, DotNetNuke seems to ignore and and log out any non-superuser account.
How can I keep authorization during DNN POST ajax requests?
I think I have a good handle on the whole situation, and unfortunately it appears that the only true solution is to make sure each child portal has its own subdomain rather than a sub-url (e.g. portal.domain.com rather than domain.com/portal).
The problem is that when your portal 0 is domain.com but portal 1 is domain.com/portal everything works correctly until you need to access an .ashx file via ajax. What happens then is the URL that's requested is instead domain.com/DesktopModules/MyModule/Handler.ashx, which does not contain the /portal/ in it, thus causing DNN to think you are doing a request on portal 0 and logging you out.
While GET requests can overcome this with a portal=1 parameter, this does not seem to work for POST requests.
Therefore, the best solution it seems is to have your portal on a distinct subdomain (portal.domain.com), and then you don't risk missing something like this.
I've found a few things for you to check out and see if any of them solve your problem.
Make sure you are using a ScriptManagerProxy. This allows ascx pages to use AJAX while the parent page is also using AJAX.
There have been many reports of people not being able to run AJAX with DNN if Page State Persistence is set to "Memory". Those who experience this have been able to fix it by switching Page State Persistence to "Page". The easiest way to do this is to run this query:
update HostSettings
set SettingValue='P'
where SettingName='PageStatePersister'
After you run that, you'll need to recycle the application. If you don't have access to the server, just add a space or carriage return to your web.config file (that will force the app to recycle).
Lastly, you might see if you have this line in your web.config. Sometimes removing it will help:
<system.web>
<xhtmlConformance mode="Legacy" />
</system.web>
The WSAT throws the following irrespective of the project or the connection type,
An error was encountered. Please
return to the previous page and try
again.
Even on a brand new ASP.NET MVC 2 website where user authentication and registration work through the default account controller without a quibble, the WSAT fails to run.
Things I've tried,
Tried to open it in IE.
Tried to use it with MySQL to setup
user authorization, role and profile
management. This was the goal which
is starting to seem more and more
like an uphill battle.
Tried it with a brand new ASP.NET
MVC 2 application.
Help would be greatly appreciated.
Found it. Apparently the configuration manager will not work if the directory path to the solution contains invalid characters, in my case it was a space.
Should be documented somewhere, this was a good waste of four hours..