public async Task <ServiceResponseResult> ForgotPassword(PasswordRecoverReqModel model)
{
Logger.WriteInformation("Requesting forgot password.");
var user = await _context.User.FirstOrDefaultAsync(x => x.Email == model.Email.ToLower());
if (user == null)
{
return(new ServiceResponseResult
{
Result = new { Message = "No user exists with email" },
StatusCode = System.Net.HttpStatusCode.NotFound
});
}
if (!(user.SecurityQuestion == model.SecurityQuestion && user.SecurityQuestionAnswer == model.SecurityQuestionReply))
{
return(new ServiceResponseResult
{
Result = new { Message = "Security question and answer does not match" },
StatusCode = System.Net.HttpStatusCode.BadRequest
});
}
if (!user.IsEmailVerified.HasValue || !user.IsEmailVerified.Value)
{
return(new ServiceResponseResult
{
Result = new { Message = "Email not verified" },
StatusCode = System.Net.HttpStatusCode.BadRequest
});
}
var tempPwd = Guid.NewGuid().ToString();
var pwdHash = HashUtility.CreatePasswordHash(tempPwd, _appSettings.Secret);
user = user.UpdateIsTemporaryPassword(true)
.UpdatePasswordHash(pwdHash)
.UpdateLastUpdatedOn(DateTime.UtcNow)
.UpdateLastUpdatedBy(user.Id);
_context.User.Update(user);
await _context.SaveChangesAsync();
var emailData = await _emailService.ConstructResetPassword(tempPwd);
await _emailSender.SendMailViaSmtpClientAsync(new string[] { user.Email }, new string[] { }, new string[] { }, emailData);
return(new ServiceResponseResult
{
StatusCode = System.Net.HttpStatusCode.OK
});
}
public async Task <ServiceResponseResult> CreateAdmin(long locationId, long userId, AdministratorReqModel model)
{
Logger.WriteInformation("Creating admin data.");
var tempPwd = Guid.NewGuid().ToString();
var user = UserMapper.ToUser(model, tempPwd, _appSettings.Secret);
user = user.UpdateLastUpdatedBy(userId);
_context.Add(user);
await _context.SaveChangesAsync();
var userLocation = new UserLocation
{
CreatedBy = userId,
CreatedOn = DateTime.UtcNow,
LocationId = locationId,
LastUpdatedBy = userId,
LastUpdatedOn = DateTime.UtcNow,
UserId = user.Id,
State = (int)AdministratorState.Invited
};
_context.Add(userLocation);
await _context.SaveChangesAsync();
var response = new AdministratorResult(user, userLocation);
if (model.Permissions != null)
{
var userPermission = UserPermissionMapper.ToUserPermission(model.Permissions);
userPermission = userPermission.UpdateLastUpdatedBy(userId)
.UpdateLastUpdatedOn(DateTime.UtcNow)
.UpdateUserLocationId(userLocation.Id);
_context.Add(userPermission);
await _context.SaveChangesAsync();
response.AddPermission(userPermission);
}
var key = await _context.KeyHolder.FirstOrDefaultAsync(x => x.KeySerialNumber == model.KeySerialNumber);
if (key != null)
{
var userKeyMapping = new UserKeyMapping
{
AppliedOn = DateTime.UtcNow,
KeySerialNumber = key.KeySerialNumber,
LocationId = locationId,
UserId = user.Id
};
userLocation.UpdateIsToolKitEnabled(true);
_context.Update(userLocation);
_context.Add <UserKeyMapping>(userKeyMapping);
await _context.SaveChangesAsync();
response.AddToolkit(key);
}
var emailData = await _emailService.ConstructResetPassword(tempPwd);
await _emailSender.SendMailViaSmtpClientAsync(new string[] { user.Email }, new string[] { }, new string[] { }, emailData);
Logger.WriteInformation("Creating admin data completed.");
return(new ServiceResponseResult
{
Result = response,
StatusCode = System.Net.HttpStatusCode.OK
});
}