private async Task SendEmailConfirmationToken(string responseUrl, int userId, string to)
{
var token = await db.ConfirmationTokens.SingleOrDefaultAsync(x => x.Type == ConfirmationTokenType.Email && x.UserId == userId);
if (token == null)
{
token = new ConfirmationToken
{
UserId = userId,
Type = ConfirmationTokenType.Email,
Value = Guid.NewGuid()
};
db.Add(token);
}
await emailingClient.SendAsync(new EmailRequest
{
Data = new Dictionary <string, string>
{
["ResponseUrl"] = string.Format(WebUtility.UrlDecode(responseUrl), token.Value)
},
Subject = "Email Confirmation",
TemplateKey = "EmailConfirmation",
To = to
});
}
public Result ConfirmEmail(string token)
{
ConfirmationToken tokedDetails = _securityRepository.GetConfirmationTokenDetails(token);
if (tokedDetails == null)
{
_logger.Info($"Token not found '{token}'");
return(new Result(ErrorCodeType.ConfirmationTokenInfoNotFound));
}
if (tokedDetails.AlreadyConfirmed)
{
_logger.Info($"Email was already confirmed '{tokedDetails}'");
return(new Result(ErrorCodeType.MemberHasAlreadyConfirmedEmail));
}
if (tokedDetails.IsExpired)
{
_logger.Info($"Token is expired '{tokedDetails}'");
return(new Result(ErrorCodeType.ConfirmationTokenIsExpired));
}
try
{
_securityRepository.ConfirmEmail(tokedDetails.ForUserId);
_logger.Debug($"Email confirmed for userId: '{tokedDetails.ForUserId}'");
}
catch (Exception e)
{
_logger.Error($"Failed to confirm email '{token}'", e);
return(new Result(ErrorCodeType.UnknownError));
}
return(Result.Success);
}
public override int GetHashCode()
{
unchecked
{
var hashCode = 0;
hashCode = (hashCode * 397) ^ (OwnerToken?.GetHashCode() ?? 0);
hashCode = (hashCode * 397) ^ (Value?.GetHashCode() ?? 0);
hashCode = (hashCode * 397) ^ (ConfirmationToken?.GetHashCode() ?? 0);
hashCode = (hashCode * 397) ^ (Scope?.GetHashCode() ?? 0);
hashCode = (hashCode * 397) ^ (Expiration?.GetHashCode() ?? 0);
return(hashCode);
}
}
public override int GetHashCode()
{
unchecked
{
var hashCode = 0;
hashCode = (hashCode * 397) ^ (OwnerToken != null ? OwnerToken.GetHashCode() : 0);
hashCode = (hashCode * 397) ^ (Value != null ? Value.GetHashCode() : 0);
hashCode = (hashCode * 397) ^ (ConfirmationToken != null ? ConfirmationToken.GetHashCode() : 0);
hashCode = (hashCode * 397) ^ (Scope != null ? Scope.GetHashCode() : 0);
hashCode = (hashCode * 397) ^ (Expiration.HasValue ? Expiration.GetHashCode() : 0);
return(hashCode);
}
}
public static string EncodeConfirmationToken(string confirmationToken, string email)
{
var token = new ConfirmationToken
{
Token = confirmationToken,
Email = email
};
var jsonString = JsonConvert.SerializeObject(token);
var bytes = Encoding.UTF8.GetBytes(jsonString);
var urlString = HttpServerUtility.UrlTokenEncode(bytes);
return(urlString);
}
public void AuthService_ConfirmEmail_TokenIsExpired_Failure()
{
// Arrange
ErrorCodeType expectedErrorCode = ErrorCodeType.ConfirmationTokenIsExpired;
ConfirmationToken invalidToken = GetConfirmationToken(UserId, expired: true);
ReturnConfirmationToken(invalidToken);
// Act
Result confirmationResult = _authService.ConfirmEmail(Token);
// Assert
AssertExpectedFailureResultForConfirmEmail(confirmationResult, expectedErrorCode);
}
public void AuthService_ConfirmEmail_TokenNotFound_Failure()
{
// Arrange
ErrorCodeType expectedErrorCode = ErrorCodeType.ConfirmationTokenInfoNotFound;
ConfirmationToken invalidToken = null;
ReturnConfirmationToken(invalidToken);
// Act
Result confirmationResult = _authService.ConfirmEmail(Token);
// Assert
AssertExpectedFailureResultForConfirmEmail(confirmationResult, expectedErrorCode);
}
public void AuthService_ConfirmEmail_ValidToken_ConfirmationFailed_Failure()
{
// Arrange
ErrorCodeType expectedErrorCode = ErrorCodeType.UnknownError;
ConfirmationToken valid = GetConfirmationToken(UserId);
ReturnConfirmationToken(valid);
EmailConfirmationFailed(UserId);
// Act
Result confirmationResult = _authService.ConfirmEmail(Token);
// Assert
AssertExpectedFailureResultForConfirmEmail(confirmationResult, expectedErrorCode, numberOfCalls: 1);
}
public void AuthService_ConfirmEmail_ValidToken_NewConfirmation_Success()
{
// Arrange
ConfirmationToken validToken = GetConfirmationToken(UserId);
ReturnConfirmationToken(validToken);
// Act
Result confirmationResult = _authService.ConfirmEmail(Token);
// Assert
Assert.IsNotNull(confirmationResult, Common.ShowResponseTypeMismatchMessage(typeof(Result)));
Assert.IsTrue(confirmationResult.IsSuccess, Common.ShowNotSatisfiedExpectationMessage(true, "confirmationResult.IsSuccess"));
_securityRepository.Received(1).ConfirmEmail(UserId);
}
public async Task <IActionResult> ResetPassword(string responseUrl, [FromBody] ResetPasswordRequest request)
{
var user = await db.Users
.Include(x => x.ConfirmationTokens)
.Where(x => x.Email == request.Email)
.Select(x => new
{
x.ConfirmationTokens,
x.UserId
})
.SingleOrDefaultAsync();
if (user == null)
{
return(this.BadRequest(nameof(SignInRequest.Email), EmailDoesNotExist));
}
var token = user.ConfirmationTokens.SingleOrDefault(x => x.Type == ConfirmationTokenType.ResetPassword);
if (token == null)
{
token = new ConfirmationToken
{
Type = ConfirmationTokenType.ResetPassword,
UserId = user.UserId,
Value = Guid.NewGuid()
};
db.Add(token);
}
await db.SaveChangesAsync();
await emailingClient.SendAsync(new EmailRequest
{
Data = new Dictionary <string, string>
{
["ResponseUrl"] = string.Format(responseUrl, token.Value)
},
Subject = "Reset Password",
TemplateKey = "ResetPassword",
To = request.Email
});
return(NoContent());
}
public async Task <string> GenerateConfirmationCodeAsync(AppUser user)
{
if (user == null)
{
return(null);
}
var code = _stringGenerator.GenerateIdentifier(6, CharsInToken.CapitalNumeric);
var newCode = new ConfirmationToken
{
ConfirmationCode = code,
ConfirmationTokenId = Guid.NewGuid(),
ConfirmationType = ConfirmationToken.ConfirmationCodeTypeEmail,
ExpiresAtUtc = DateTime.UtcNow.AddMinutes(30),
IssuedAtUtc = DateTime.UtcNow,
UserId = user.Id
};
_confirmationToken.Add(newCode);
await _confirmationToken.SaveChangesAsync();
return(code);
}
