public async Task <bool> UpdateProfileAsync(IFormCollection formData)
{
var loggedInUserId = GetLoggedInUserId();
var user = await _userManager.FindByIdAsync(loggedInUserId);
if (user == null)
{
return(false);
}
if (user.UserName != _cookieSvc.Get("username") ||
user.UserName != formData["username"].ToString() ||
user.Email != formData["email"].ToString())
{
return(false);
}
try
{
Activity activityModel = new Activity {
UserId = user.Id
};
await UpdateProfilePicAsync(formData, user);
user.Firstname = formData["firstname"];
user.Birthday = formData["birthdate"];
user.Lastname = formData["lastname"];
user.Middlename = formData["middlename"];
user.DisplayName = formData["displayname"];
user.PhoneNumber = formData["phone"];
user.Gender = formData["gender"];
user.TwoFactorEnabled = Convert.ToBoolean(formData["IsTwoFactorOn"]);
/* If Addresses exist we update them => If Addresses do not exist we add them */
await InsertOrUpdateAddress(user.Id, "Shipping", formData["saddress1"], formData["saddress2"], formData["scountry"], formData["sstate"], formData["scity"], formData["spostalcode"], formData["sunit"]);
await InsertOrUpdateAddress(user.Id, "Billing", formData["address1"], formData["address2"], formData["country"], formData["state"], formData["city"], formData["postalcode"], formData["unit"]);
await _userManager.UpdateAsync(user);
activityModel.Date = DateTime.UtcNow;
activityModel.IpAddress = _cookieSvc.GetUserIP();
activityModel.Location = _cookieSvc.GetUserCountry();
activityModel.OperatingSystem = _cookieSvc.GetUserOS();
activityModel.Type = "Profile update successful";
activityModel.Icon = "fas fa-thumbs-up";
activityModel.Color = "success";
await _activitySvc.AddUserActivity(activityModel);
return(true);
}
catch (Exception ex)
{
Log.Error("An error occurred while updating profile {Error} {StackTrace} {InnerException} {Source}",
ex.Message, ex.StackTrace, ex.InnerException, ex.Source);
}
return(false);
}
public async Task <IActionResult> ChangePassword([FromBody] ResetPasswordViewModel model)
{
if (string.IsNullOrEmpty(model.OldPassword))
{
return(BadRequest("Old Password must be supplied for password change."));
}
if (!ModelState.IsValid)
{
return(BadRequest(model));
}
var user = await _userSvc.GetUserProfileByEmailAsync(model.Email);
if (user == null)
{
// Don't reveal that the user does not exist
return(Ok(new { message = "Password changed Successfully" }));
}
if (!await _userSvc.CheckPasswordAsync(user, model.OldPassword))
{
// Notify attempt was made - to change password failed
ActivityModel activityModel = new ActivityModel
{
UserId = user.UserId,
Date = DateTime.UtcNow,
IpAddress = _cookieSvc.GetUserIP(),
Location = _cookieSvc.GetUserCountry(),
OperatingSystem = _cookieSvc.GetUserOS(),
Type = "Profile update failed - Invalid Old Password",
Icon = "fas fa-exclamation-triangle",
Color = "warning"
};
var activityAdd = await _userSvc.AddUserActivity(activityModel);
return(BadRequest(new { message = "Invalid Old Password" }));
}
var result = await _userSvc.ChangePasswordAsync(user, model.Password);
if (result)
{
return(Ok(new { message = "Password changed Successfully" }));
}
return(BadRequest(new { message = "Password could not be Changed. Try again later" }));
}
public async Task <bool> UpdateProfileAsync(string userId, IFormCollection formData)
{
Activity activityModel = new Activity();
IdentityResult result = new IdentityResult();
IdentityResult removeResult = new IdentityResult();
try
{
var loggedInUserId = await GetLoggedInUserId();
if (loggedInUserId != null)
{
var user = await _userManager.FindByIdAsync(userId);
var oldRole = user.UserRole;
if (user == null)
{
return(false);
}
await UpdateProfilePicAsync(formData, user);
user.UserRole = formData["UserRole"];
user.Email = formData["Email"];
user.Firstname = formData["FirstName"];
user.Birthday = formData["Birthday"];
user.Lastname = formData["LastName"];
user.Middlename = formData["MiddleName"];
user.DisplayName = formData["DisplayName"];
user.PhoneNumber = formData["Phone"];
user.Gender = formData["Gender"];
user.TwoFactorEnabled = Convert.ToBoolean(Convert.ToInt32(formData["IsTwoFactorOn"]));
user.EmailConfirmed = Convert.ToBoolean(Convert.ToInt32(formData["IsEmailVerified"]));
user.PhoneNumberConfirmed = Convert.ToBoolean(Convert.ToInt32(formData["IsPhoneVerified"]));
user.IsEmployee = Convert.ToBoolean(Convert.ToInt32(formData["IsEmployee"]));
user.LockoutEnabled = Convert.ToBoolean(Convert.ToInt32(formData["IsAccountLocked"]));
/* If Addresses exist we update them => If Addresses do not exist we add them */
await InsertOrUpdateAddress(user.Id, "Shipping", formData["ShippingAddress.Line1"], formData["ShippingAddress.Line2"], formData["ShippingAddress.Country"], formData["ShippingAddress.State"], formData["ShippingAddress.City"], formData["ShippingAddress.PostalCode"], formData["ShippingAddress.Unit"]);
await InsertOrUpdateAddress(user.Id, "Billing", formData["BillingAddress.Line1"], formData["BillingAddress.Line2"], formData["BillingAddress.Country"], formData["BillingAddress.State"], formData["BillingAddress.City"], formData["BillingAddress.PostalCode"], formData["BillingAddress.Unit"]);
result = await _userManager.UpdateAsync(user);
if (result.Succeeded)
{
removeResult = await _userManager.RemoveFromRoleAsync(user, oldRole);
if (removeResult.Succeeded)
{
await _userManager.AddToRoleAsync(user, user.UserRole);
}
}
activityModel.Date = DateTime.UtcNow;
activityModel.IpAddress = _cookieSvc.GetUserIP();
activityModel.Location = _cookieSvc.GetUserCountry();
activityModel.OperatingSystem = _cookieSvc.GetUserOS();
activityModel.Type = "Profile update successful";
activityModel.Icon = "fas fa-thumbs-up";
activityModel.Color = "success";
await _activitySvc.AddUserActivity(activityModel);
return(true);
}
}
catch (Exception ex)
{
Log.Error("An error occurred while seeding the database {Error} {StackTrace} {InnerException} {Source}",
ex.Message, ex.StackTrace, ex.InnerException, ex.Source);
}
return(false);
}
public async Task <TokenResponse> Auth(LoginViewModel model)
{
Activity userActivity = new Activity();
userActivity.IpAddress = _cookieSvc.GetUserIP();
userActivity.Date = DateTime.UtcNow;
userActivity.Location = _cookieSvc.GetUserCountry();
userActivity.OperatingSystem = _cookieSvc.GetUserOS();
try
{
var user = await _userManager.FindByEmailAsync(model.Email);
if (user == null)
{
return(CreateErrorResponseToken("Request not supported", HttpStatusCode.Unauthorized));
}
var roles = await _userManager.GetRolesAsync(user);
//Continue to complete the activity
userActivity.UserId = user.Id;
if (roles.FirstOrDefault() != "Administrator")
{
userActivity.Type = "Unauthorized Login-User is not Admin";
userActivity.Icon = "fas fa-user-secret";
userActivity.Color = "danger";
await _activitySvc.AddUserActivity(userActivity);
Log.Error("role is not administrator");
return(CreateErrorResponseToken("role is not admin", HttpStatusCode.Unauthorized));
}
//check password
if (!await _userManager.CheckPasswordAsync(user, model.Password))
{
userActivity.Type = " Login attempt failed--password incorrect";
userActivity.Icon = "fas fa-user-circle";
userActivity.Color = "danger";
await _activitySvc.AddUserActivity(userActivity);
Log.Error("incorrect password");
return(CreateErrorResponseToken("password is incorrect", HttpStatusCode.Unauthorized));
}
if (!await _userManager.IsEmailConfirmedAsync(user))
{
userActivity.Type = "Login Attempt success- email was not confirmed";
userActivity.Icon = "fas fa-user-envelope";
userActivity.Color = "warning";
await _activitySvc.AddUserActivity(userActivity);
Log.Error("Email is not confirmed");
return(CreateErrorResponseToken("Email not confirmed", HttpStatusCode.Unauthorized));
}
var authToken = await GenerateNewToken(user, model);
userActivity.Type = "Login successfully";
userActivity.Icon = "fas fa-thumbs-up";
userActivity.Color = "success";
await _activitySvc.AddUserActivity(userActivity);
return(authToken);
}
catch (Exception ex)
{
Log.Error("Error while creating user {Error} {StackTrace} {InnerException} {Source}",
ex.Message, ex.StackTrace, ex.InnerException, ex.Source);
//return await Task.FromResult(AuthenticateResult.Fail("Failed to authenticate"));
}
return(CreateErrorResponseToken("Request not supported", HttpStatusCode.Unauthorized));
//await Task.CompletedTask;
}
// Will be used for authenticating the Admin
public async Task <TokenResponseModel> Auth(LoginViewModel model)
{
ActivityModel activityModel = new ActivityModel();
activityModel.Date = DateTime.UtcNow;
activityModel.IpAddress = _cookieSvc.GetUserIP();
activityModel.Location = _cookieSvc.GetUserCountry();
activityModel.OperatingSystem = _cookieSvc.GetUserOS();
try
{
// Get the User from Database
var user = await _userManager.FindByEmailAsync(model.Email);
if (user == null)
{
return(CreateErrorResponseToken("Request Not Supported", HttpStatusCode.Unauthorized));
}
// Get the role of the user - validate if he is admin - dont bother to go ahead if returned false
var roles = await _userManager.GetRolesAsync(user);
if (roles.FirstOrDefault() != "Administrator")
{
activityModel.UserId = user.Id;
activityModel.Type = "Un-Authorized Login attempt";
activityModel.Icon = "fas fa-user-secret";
activityModel.Color = "danger";
await _activitySvc.AddUserActivity(activityModel);
Log.Error("Error : Role Not Admin");
return(CreateErrorResponseToken("Request Not Supported", HttpStatusCode.Unauthorized));
}
// If user is admin continue to execute the code
if (!await _userManager.CheckPasswordAsync(user, model.Password))
{
activityModel.UserId = user.Id;
activityModel.Type = "Login attempt failed";
activityModel.Icon = "far fa-times-circle";
activityModel.Color = "danger";
await _activitySvc.AddUserActivity(activityModel);
Log.Error("Error : Invalid Password for Admin");
return(CreateErrorResponseToken("Request Not Supported", HttpStatusCode.Unauthorized));
}
// Then Check If Email Is confirmed
if (!await _userManager.IsEmailConfirmedAsync(user))
{
activityModel.Type = "Login attempt Success - Email Not Verified";
activityModel.UserId = user.Id;
activityModel.Icon = "far fa-envelope";
activityModel.Color = "warning";
await _activitySvc.AddUserActivity(activityModel);
Log.Error("Error : Email Not Confirmed for {user}", user.UserName);
return(CreateErrorResponseToken("Email Not Confirmed", HttpStatusCode.Unauthorized));
}
activityModel.UserId = user.Id;
activityModel.Type = "Login attempt successful";
activityModel.Icon = "fas fa-thumbs-up";
activityModel.Color = "success";
await _activitySvc.AddUserActivity(activityModel);
var authToken = await GenerateNewToken(user, model);
return(authToken);
}
catch (Exception ex)
{
Log.Error("An error occurred while seeding the database {Error} {StackTrace} {InnerException} {Source}",
ex.Message, ex.StackTrace, ex.InnerException, ex.Source);
}
return(CreateErrorResponseToken("Request Not Supported", HttpStatusCode.Unauthorized));
}
// Will be used for authenticating the Admin
public async Task <TokenResponseModel> Auth(LoginViewModel model)
{
ActivityModel activityModel = new ActivityModel
{
Date = DateTime.UtcNow,
IpAddress = _cookieSvc.GetUserIP(),
Location = _cookieSvc.GetUserCountry(),
OperatingSystem = _cookieSvc.GetUserOS()
};
try
{
var user = await _userManager.FindByEmailAsync(model.Email);
if (user == null)
{
return(CreateErrorResponseToken("Request Not Supported", HttpStatusCode.Unauthorized));
}
activityModel.UserId = user.Id;
var roles = await _userManager.GetRolesAsync(user);
if (roles.FirstOrDefault() != "Administrator")
{
activityModel.Type = "Un-Authorized Login attempt";
activityModel.Icon = "fas fa-user-secret";
activityModel.Color = "danger";
await _activitySvc.AddUserActivity(activityModel);
Log.Error("Error: Role is not Admin");
return(CreateErrorResponseToken("Request Not Supported", HttpStatusCode.Unauthorized));
}
if (!await _userManager.CheckPasswordAsync(user, model.Password))
{
activityModel.Type = "Login attempt failed";
activityModel.Icon = "far fa-times-circle";
activityModel.Color = "danger";
await _activitySvc.AddUserActivity(activityModel);
Log.Error("Error: Invalid Password for Admin");
return(CreateErrorResponseToken("Request Not Supported", HttpStatusCode.Unauthorized));
}
if (!await _userManager.IsEmailConfirmedAsync(user))
{
activityModel.Type = "Login attempt Success - Email Not Verified";
activityModel.Icon = "far fa-envelop";
activityModel.Color = "warning";
await _activitySvc.AddUserActivity(activityModel);
Log.Error("Error: Email Not Confirmed for {user}", user.UserName);
return(CreateErrorResponseToken("Email Not Confirmed", HttpStatusCode.Unauthorized));
}
var authToken = await GenerateNewToken(user, model);
activityModel.Type = "Login attempt Success";
activityModel.Icon = "fas fa-thumbs-up";
activityModel.Color = "success";
await _activitySvc.AddUserActivity(activityModel);
return(authToken);
}
catch (Exception ex)
{
Log.Error("An error occured while authenticating {Error} {StackTrace} {InnerException} {Source}",
ex.Message, ex.StackTrace, ex.InnerException, ex.Source);
}
return(CreateErrorResponseToken("Request Not Supported", HttpStatusCode.Unauthorized));
}
