private async void VerifyUserEmailAsync(ApplicationUser user)
{
//Verify email address is confirmed with identity
var emailConfirmed = userManager.IsEmailConfirmedAsync(user).Result;
if (!emailConfirmed)
{
string emailVerificationToken = userManager.GenerateEmailConfirmationTokenAsync(user).Result;
var result = userManager.ConfirmEmailAsync(user, emailVerificationToken).Result;
if (result.Succeeded)
{
var emailVerification = emailVerificationRepository.Find(null, p => p.PersonId == user.PersonId && p.IsVerified != true)?.Items?.FirstOrDefault();
if (emailVerification != null)
{
var verifiedEmailAddress = personEmailRepository.Find(null, p => p.Address.Equals(emailVerification.Address, StringComparison.OrdinalIgnoreCase))?.Items?.FirstOrDefault();
if (verifiedEmailAddress == null)
{
var personEmail = new PersonEmail()
{
EmailVerificationId = emailVerification.Id,
IsPrimaryEmail = true,
PersonId = emailVerification.PersonId,
Address = emailVerification.Address
};
personEmailRepository.Add(personEmail);
}
//Verification completed
emailVerification.IsVerified = true;
emailVerificationRepository.Update(emailVerification);
}
}
}
}
public async Task <IActionResult> UpdateOrganizationMember(UpdateTeamMemberViewModel request, string personId, string organizationId)
{
var currentUser = await _userManager.FindByEmailAsync(_accessor.HttpContext.User.Identity.Name);
OrganizationMember currentOrgMember = _organzationMemberRepo.Find(null, o => o.PersonId == Guid.Parse(personId)).Items?.FirstOrDefault();
if (!currentOrgMember.IsAdministrator ?? false || currentOrgMember.OrganizationId != Guid.Parse(organizationId))
{
throw new UnauthorizedOperationException("Only admins of this organization can update existing users", EntityOperationType.Update);
}
var userToUpdate = _aspNetUsersRepository.Find(null, u => u.PersonId == Guid.Parse(personId)).Items?.FirstOrDefault();
var personToUpdate = _personRepo.Find(null, p => p.Id == Guid.Parse(personId)).Items?.FirstOrDefault();
ApplicationUser appUser = await _userManager.FindByIdAsync(userToUpdate.Id).ConfigureAwait(false);
//check password's validity if one was provided
if (!string.IsNullOrEmpty(request.Password))
{
if (!IsPasswordValid(request.Password))
{
throw new Exception(PasswordRequirementMessage(request.Password));
}
}
//if email was provided check its availability
if (!string.IsNullOrEmpty(request.Email))
{
//if email is not the same as user's current email
if (!appUser.NormalizedEmail.Equals(request.Email.ToUpper()))
{
var existingEmailUser = _aspNetUsersRepository.Find(null, u => u.Email == request.Email).Items?.FirstOrDefault();
if (existingEmailUser != null)
{
throw new Exception("A user already exists for the provided email address");
}
var personEmailToUpdate = _personEmailRepository.Find(null, p => p.PersonId == Guid.Parse(personId)).Items?.FirstOrDefault();
var emailVerificationToUpdate = _emailVerificationRepository.Find(null, p => p.PersonId == Guid.Parse(personId)).Items?.FirstOrDefault();
//update application user's email
appUser.Email = request.Email;
appUser.NormalizedEmail = request.Email.ToUpper();
appUser.UserName = request.Email;
appUser.NormalizedUserName = request.Email.ToUpper();
//update additional email tables
personEmailToUpdate.Address = request.Email;
emailVerificationToUpdate.Address = request.Email;
_personEmailRepository.Update(personEmailToUpdate);
_emailVerificationRepository.Update(emailVerificationToUpdate);
}
}
//update name if one was provided
if (!string.IsNullOrEmpty(request.Name))
{
appUser.Name = request.Name;
personToUpdate.Name = request.Name;
_personRepo.Update(personToUpdate);
}
//update password
if (!string.IsNullOrEmpty(request.Password))
{
appUser.ForcedPasswordChange = false;
var token = await _userManager.GeneratePasswordResetTokenAsync(appUser);
IdentityResult result = await _userManager.ResetPasswordAsync(appUser, token, request.Password);
if (!result.Succeeded)
{
throw new Exception("Failed to set new password");
}
}
//update application user
if (!string.IsNullOrEmpty(request.Password) || !string.IsNullOrEmpty(request.Email))
{
_userManager.UpdateAsync(appUser);
}
return(new OkObjectResult(appUser));
}